International Journal of Electronic Security and Digital Forensics (26 papers in press)
A Self-Embedding Fragile Watermarking using Spatial Domain for Tamper Detection and Recovery in Digital Images
by MONALISA SWAIN, Debabala Swain
Abstract: With the rapid growth of digital communication and multimedia data sharing over internet, the unauthorised access and tampering of the multimedia contents are increasing. In order to maintain the security and integrity of the communicated images, the tamper detection and recover processes are highly essential. Considering the above issues, a new self-embedding fragile watermarking scheme in spatial domain is proposed with enhanced tamper recovering capability. In the proposed process, the cover image is divided into non-overlapping blocks size 2 × 2. The image authentication and recovery can be performed using the six MSB of each pixel in the watermarked image. Due to spatial domain, each block is mapped into another block using a positive integer key value. The proposed technique is experimented against the number of tampered images with different rates of tampering. The test results evidence the novelty and efficiency, through the PSNR and SSIM parameters of the recovered image.
Keywords: self-embedding; fragile watermarking; tamper detection; image recovery; spatial domain; block mapping; least significant bit; LSB.
Security and Privacy of Adolescents in Social Applications and Networks: Legal Practice of Developing Countries
by Ahmad Ghandour, Viktor Shestak, Konstantin Sokolovskiy
Abstract: The article aims to study the developed countries experience on the legal regulation of cyberbullying among adolescents, to identify existing shortcomings in the developing countries laws, and to develop recommendations for improving the regulatory framework. To do this, the authors have studied the state regulatory practice of the UK, USA, Canada, Malaysia, South Africa and Turkey and analysed the statistics of 2018 on the manifestation of cyberbullying among adolescents in these countries. It turns out that in the countries under review there is either no separate. The percentage of cyber aggression cases among adolescents in developing countries is higher than in developed countries. For example, in South Africa, it is 85%, and in Canada 33%. The results of this study can encourage countries to create separate cyberbullying legislation if they do not have it yet and periodically review and modify already existing legislation.
Keywords: adolescent protection; cyberbullying; depression; regulations; social networks; suicide.
Cybercrime in social media of Bangladesh: an analysis of existing legal frameworks
by Kudrat-E Khuda Babu, Md. Abu Bakar Siddik
Abstract: Unprecedented and rapid expansion of ICT has become a common platform for prospective criminals intending to commit crimes in a non-traditional manner. This new-age crimes are popularly known as cybercrimes in the form of stalking, hacking, cyber obscenity, cyber theft, breach of confidentiality, etc. The rampant growth of IT has pushed the legislators of developing countries like Bangladesh into various challenges and difficulties in moulding new legal regimes to govern the virtual world from multiple types of cyber problems. Now cybercrime in social media is in state of flux, which not only demands adequate tools to combat this but also requires terminological clarification of particular conduct as cybercrime or not. This paper tries to portray different types of cybercrimes in cyberspace especially in social media and to analyse existing laws to face contemporary challenges through data analysis of collected samples of specific areas to foresee ingenious minds of potential cyber.
Keywords: Bangladesh; cybercrime; information technology; legal framework; online; social media.
Digital Forensics and Cyber Forensics Investigation: Security Challenges, Limitations, Open Issues, and Future Direction
by Abdullah Ayub Khan, Aftab Ahmed Shaikh, Asif Ali Laghari, Mazhar Ali Dootio, M. Malook Rind, Shafique Ahmed Awan
Abstract: Digital forensics (DF) is the scientific investigation of digital criminal activities, illegal attempts, and cyber-attacks through computer systems. It is becoming a crucial aspect of law enforcement agencies, court law, and business farms to identify, preserve, examine, and analyse digital evidence using valid techniques for eventual demonstration of evidence that help to take further action. This review paper, exploring the methodology and framework of forensics investigation, is the impact of forgery on evidence, highlighting a list of popular investigation tools with features, applications, research challenges, limitations, and open research areas on digital forensics.
Keywords: digital forensics; computer forensics; scientific investigation; digital crime; forgery investigation; cybersecurity; information security; malicious attacks.
myEntropy: A File Type Identification Tool Using Entropy Scoring
by Tay Xin Hui, Kamaruddin Malik Mohamad, NURUL HIDAYAH A.B. RAHMAN
Abstract: myEntropy is an entropy calculator tool that is designed as a proof of concept to obtain the file entropy scoring for file type identification to facilitate digital investigations in file type-based attacks. myEntropy tool is developed by employing the entropy technique to obtain the entropy scoring for three types of file: SQL files, SWF files and JAVA files. Thus, entropy analysis experiments were undertaken using the benchmark datasets with a total of 250 files for each file type. The obtained file entropy values are then analysed to acquire the average entropy values and the entropy range. The results show that SWF files present a highly compressible file, JAVA files possess a higher probability to be compressed and SQL files present a higher probability for a given file to be compressed. These results would beneficial to investigators to quickly limit their focus on information units based on the specific target.
Keywords: digital forensics; entropy; entropy scoring; file type identification; FTI.
Legal Aspects of Law Enforcement Operative-Investigative Activity in Special Conditions in Kazakhstan
by Dauren T. Akhmetov, Gulnara M. Rysmagambetova
Abstract: The relevance of the study is explained by the need for timely identification of signs of illegal activity and prevention of it, which is an indicator of the effectiveness of the work of law enforcement agencies. The aim of this article is to investigate the problematic issues of the current legislation of Kazakhstan, which regulates the scope of law enforcement operative-investigative activity in relation to special conditions arising from mass violations of public order. The methodology of the research is based on the application of the following scientific methods: the structural-systematic, analytical, comparative and the method of transition from a general concept to a particular one. The results of study indicate that it is necessary to expand the capabilities of the law enforcement bodies of Kazakhstan in the implementation of operative-investigative activity according to special procedure that allows solving such issues.
Keywords: intelligence; surveillance and reconnaissance operations; destructive activity; social emergencies.
LEGAL FRAMEWORK FOR EXTERNAL SECURITY OF THE REPUBLIC OF KAZAKHSTAN
by Ainur A. Kassymzhanova, Gulnara R. Usseinova, Dina M. Baimakhanova, Alua S. Ibrayeva, Nurlan S. Ibrayev
Abstract: The purpose of the study is to show the crux of the legal framework of the Republic of Kazakhstan in external security. The paper presents the main aspects of international legal treaties, documents, and agreements to ensure the external national interests of the Republic of Kazakhstan, which facilitate coordinated cooperation with other states. The main methods of the study include research, as well as a thorough analysis of laws and regulations. Comparison of the legislative framework of Kazakhstan with the laws of the USA and Russia makes it possible to identify the most practical component used in ensuring the external security of these states. As a result, imperfections and peculiar conflicts in the laws of Kazakhstan and Russia were revealed. Thus, the fundamental laws concerning external and national security require certain improvements and changes, in particular, the addition of new concepts in external security.
Keywords: national security; government bodies; foreign policy environment; external national interests; threats; international organisations; public services.
Hybrid Turbo Code for Information Security and Reliability
by Vidya Sawant, Archana Bhise
Abstract: Wireless communication channels are highly vulnerable to security attacks and channel noise. Most wireless communication systems deploy Advanced Encryption Standard (AES) and Turbo code for security and reliability. However, the sequential process of encryption and encoding increases the resources, computational cost and reduces the overall error correction performance. A Hybrid Turbo Code (HTC) for encryption and error correction is proposed. The HTC deploys a proposed Weierstrass Elliptic Curve Interleaver (WECI) for random shuffling of the input bits. The difficulty of solving the elliptic curve discrete logarithm makes the WECI cryptographically strong. The simulation results of HTC depict a bit error rate of almost 103.8 at a signal-to- noise ratio of 2 dB similar to the conventional turbo code. Moreover, it provides security and reliability to the transmitted data at a reduced computational cost and memory as compared to the conventional system using Advanced Encryption Standard (AES) followed by turbo code.
Keywords: computational complexity; encryption; elliptic curve arithmetic; hybrid turbo code; HTC; Weierstrass elliptic curve interleaver; WECI.
A Survey and Analysis of Different Lightweight Block Cipher Techniques for Resource Constrained Devices
by G.C. Madhu, Vijayakumar Perumal
Abstract: Many smart applications are equipped with resource constrained devices which are characterised by small computational power, limited battery power and memory. Lightweight ciphers have become popular choice for providing security for these devices. This work is aimed to evaluate the performance and security of three lightweight ciphers called Anu, LiCi and Present. The performance of the ciphers is reported in terms of throughput. Data compression techniques are applied to improve the speed and throughput of the encryption. The efficacy of the ciphers in defending statistical attacks and differential attacks are assessed with the help of statistical and sensitivity tests. Our results proved that LiCi outperforms Anu and Present in many aspects.
Keywords: resource constrained devices; lightweight ciphers; performance; statistical test and sensitivity test.
Implementation of High Speed and Lightweight Symmetric Key Encryption algorithm Based Authentication Protocol for Resource-Constrained Devices
by Rajashree R, Vijayakumar Peroumal, Lalit Kishore, Venkata Diwakar Reddy K, Srujan Reddy, Jagannath M
Abstract: Encryption and decryption is accomplished by means of software or hardware, has been in continuous usage since the 2000s for data encryption using any communication medium. A modern authentication algorithm is introduced based on the AES algorithmic program and SHA algorithms to encrypt information for encrypted communication with improved security features. SHA shall be applied at the same time as the AES mechanism for secrecy, reliability and honesty checks. The core concept of algorithmic application is to achieve a high degree of data protection by integrating SHA and AES algorithmic programs in software and hardware. Both transmitter and receiver sections are included in the proposed model to safely send and receive data. Its been developed using Xilinx ISE 14.2, so that the parameters of the proposed algorithmic program can be compared with various different FPGAs and then further comparison of parameters along with DES algorithm may lead to satisfactory results.
Keywords: advanced encryption standard; AES; data encryption standard; DES; symmetric key cryptography; block ciphers; secure hash algorithm; field programmable gate array; FPGA; authentication.
The role of financial investigations in combating money laundering
by Roza M. Zhamiyeva, Gulmira B. Sultanbekova, Maral T. Abzalbekova, Bakytzhan A. Zhakupov, Murat G. Kozhanov
Abstract: The purpose of the study is to outline the role of financial investigations in money laundering. The leading research method is analysis, with the help of which the authors identified the main factors that help in the fight against money laundering and improving the effectiveness of financial investigations. The legal framework for the regulation of electronic finance and visual cases of financial fraud are analysed. Having analysed the international experience in regulating electronic finance, it was revealed what weaknesses are present in the legislative framework of Kazakhstan in this matter. The paper presents recommendations to improve the effectiveness of the fight against money laundering and determines the significance of financial investigations in solving this issue. The findings of the study can become a theoretical guide for the development of structures involved in financial investigations.
Keywords: financial fraud; electronic payments; virtual currencies; investigation of financial crimes; digital money.
The role and problems of legal culture in the social security of the population of the Republic of Kazakhstan
by Erkinbek K. Nurtazin, Aizhan Kozhaknmetova, Kalbike A. Sultankulova, Baktygul K. Ilyasova, Galym B. Teleuyev
Abstract: The issue of the establishment and development of legal culture in society is always very relevant not only in legal science but also in such sciences as philosophy, sociology, political science, legal psychology, etc. The purpose of this article is to study the scientific aspects of legal culture in the process of social security of the population. The leading methods of the study are systematisation and the analysis of existing theoretical data regarding this problem. These methods allowed to research complexly and variously legal culture in the social security of the citizens of the Republic of Kazakhstan. The concept and characteristics of legal culture were researched. It was concluded that the Kazakhstan society should direct all its intellectual potential and moral foundations to ensure and protect the institutions of civil society on the path towards a democratic state.
Keywords: democratic state; civil society; legal reforms; human values; Kazakhstan.
Forensic Investigation of Forged Educational Documents
by Anna A. Aubakirova, Rizabek E. Ildebayev, Yernar N. Begaliyev, Ruslan K. Tumanshiyev, Elvira A. Alimova
Abstract: Fake educational documents differ in that they can be completely identical to the original and have all registration data, but at the same time differ in the quality of execution. The purpose of the study is considering fake documents as a source of the restoration of lost originals and the creation of a document that was not previously registered in the database. In the course of the research, two aspects of the production of forged documents were considered filling in an analogue of a genuine document with distorted data and the creation of a knowingly forged document, which, for various reasons, cannot be entered into the database. The paper summarised methods of fraudulent changes in the original content of documents. It turned out the objects of technical expertise of documents are: cliché impressions of seals; signatures intersecting with seals, blank documents, etc.
Keywords: forged educational documents; forensics; technical forensic examinations; investigation of crime; fraud.
Legal Nature and Transformation of the National Security Concept in the Context of Global Challenges of the Present (on the Example of the Republic of Kazakhstan)
by Botagoz A. Umitchinova, Yuliya A. Gavrilova, Galina A. Menzuk, Kairat O. Alembayev, Dinara Z. Kozhuganova
Abstract: The article considers the evolution of the legal institution and legislative support of national security. The aim of the study is to determine the legal nature of national security and to study the problems of its ensuring in the context of global challenges of the present (on the example of the Republic of Kazakhstan). The research is based on two groups of methods: general scientific (the methods of empirical research and general logical methods) and special legal ones (the formal legal method, the comparative legal method and the method of law interpretation). It established that the global challenges and threats of the present lead to the emergence of new types of national security, which also requires regulatory support. The article recommends a new type of epidemiological (or sanitary-epidemiological) security to be designed and included along with food security in the Law of the Republic of Kazakhstan on national security.
Keywords: national security; challenges and threats; strategy; interests of the individual; legal institution.
Computer and Network security: Intrusion detection system using mobile agent
by Samir Bourekkache, Okba KAZAR, Aloui Ahmed, Ghazali Hamouda
Abstract: With the evolution of internet and computer networks, security has become a major concern over the years. Security is a focal aspect of every computer system and so the quality of these systems depends on the provided functionalities as well as the degree of their security. Generally, we trust the used networks when using our personal and sensitive information. However, several threats and attacks of stealing our information and harming our computers are possible. Therefore, intrusion detection system is one of the most widely used systems to diagnose various threats and malicious activity on computer networks. There are a lot of works that have proposed MAS-based intrusion diagnostic techniques to handle attacks. In this paper, we proposed an approach for intrusion detection system that uses a set of mobile agents to ensure the protection of the whole data and machines from attackers. Moreover, to detect possible attacks, we use the scenario method that is based on the comparison of the packets received in the network with the information stored in the attacks signature database.
Keywords: intrusion detection systems; computer and network security; multi-agents system; MAS; mobile agent; JADE.
Quantitative Impact Analysis of Application-level Attacks on a Robotic Platform
by Khalil Ahmad Yousef, Anas Almajali, Bassam Mohd, Salah Abu Ghalyon
Abstract: Robots are important examples of cyberphysical systems. Typically, robots are battery powered, which are potential target for cyber-physical attacks to drain batteries and reduce their lifespan. When the battery is drained, the robot is not available and results in denial-of-service. Hence, robotic security and operation duration are fundamental requirements. The main objective of this paper is to provide an impact-based quantitative security risk assessment of three application level attacks targeting a well-known mobile robot platform that is called the PeopleBotTM. The novelty of our work is that we successfully drained a fully-charged robot battery using application level attacks that include exhausting the computing resources of the robot. The attacks cause reduction in the robot availability time. The average availability time from the performed attacks was reduced by 11.78%. We followed the adversarial risk assessment template provided in NIST. Finally, some mitigation strategies for the performed attacks were suggested.
Keywords: cyber-physical security; robot availability; attacks; vulnerability; risk assessment; PeopleBot.
Confidentiality in the activities of law enforcement agencies and the court during covert investigative activities
by Gani Seitzhanuly, Sergey N. Bachurin, Alfiya B. Aituarova, Aivazkhan A. Gassanov, Aleksandr V. Syrbu
Abstract: The relevance of this study is that covert investigative activities involving interference with private communication cannot be imagined without confidentiality conditions. The purpose of this study is to prove that when investigating criminal cases in electronic format, all such powers of authorised officials of law enforcement and special state bodies only complicate the process of maintaining confidentiality at a minimum, and at most do not contribute to effective interaction in the investigation of criminal offences. The authors concluded that granting permission to conduct covert investigative actions related to interference with private communication is justified. The practical significance of the study is determined by the possibility of developing certain forms of ensuring the conduct of investigative actions in the context of the implementation of criminal actions in a shorter time frame than is possible when investigating crimes.
Keywords: investigating crimes; investigative actions; search actions; prosecutor; maintaining confidentiality; state bodies.
Security and Privacy Issues in Fog Computing Environment
by Manju Lata, Vikas Kumar
Abstract: Fog computing has emerged as a new computing paradigm to overcome a number of challenges faced by the cloud computing. It has extended the cloud computing standards to the edge of the network, facilitating the new type of services and applications for future of internet. However, Fog computing faces a number of challenges associated with security and privacy. Some of them may be related to the inheritance of this technology from cloud computing. In the present work, security and privacy issues associated with the fog computing environment have been presented from a multi-dimensional perspective. Security and privacy perspective has been drawn from the characteristics, applications and associated technologies of fog computing. Challenges and limitations associated with the security and privacy have also been presented from the perspective of futuristic applications. The work is very much useful, considering the increasing expansion of fog computing applications.
Keywords: cloud computing; fog computing; security and privacy issues; edge of network; internet applications.
Credit Card Fraud detection using Moth-Flame Earth Worm Optimization Algorithm-based Deep Belief Neural Network
by Deepika S, Senthil S
Abstract: Now a day, credit card fraud actions happen commonly, which results in vast financial losses. Fraudulent transactions can take place in a variety of ways and can be put into various categories. Hence, financial institutions and banks put forward credit card fraud detection applications. To detect fraudulent activities, this paper proposes a credit card fraud detection system. The proposed system uses the database with the credit card transaction information and sends it to the pre-processing. The log transformation is applied over the database for data regulation in the pre-processing step. After, the appropriate features are selected by the information gain criterion, and the selected features are utilised to train the classifier. Here, a novel classifier, namely moth-flame earth worm optimisation-based deep belief network (MF-EWA-based DBN), is proposed for the fraud detection. The weights for the classifier are selected by the newly developed moth-flame earth worm optimisation algorithm (MF-EWA). The proposed classifier carries out the training and detects the fraud transactions in the database. The proposed MF-EWA-based DBN classifier has improved detection performance and outclassed other existing models with 85.89% accuracy.
Keywords: Credit card transactions; fraud detection; information gain; Earthworm Optimization Algorithm; Deep Belief Network.
Passive contrast enhancement detection using NSCT based statistical features and ensemble classifier
by Gajanan Birajdar, Vijay Mankar
Abstract: Due to widespread use of digital images and sophisticated image editing software, it is quite easy to create digital image forgeries without leaving any visual traces of doctoring. Contrast enhancement (CE) processing is popularly used to hide the traces of doctoring in copy-and-move image forgery operation by malicious users. In this paper, global blind contrast enhancement detection algorithm is proposed using various statistical parameters based on Gaussian distribution and generalised Gaussian distribution features, energy and grey level run length matrix (GLRLM) descriptors after NSCT decomposition. Fisher feature selection criterion is utilised to choose the most relevant features and to remove the less important features. Detection accuracy of the algorithm is investigated using various ensemble classifiers architectures. Experimental results are presented using four different ensemble classifier architectures class-I to class-IV for Cb and grey image database. The proposed algorithm outperforms all the existing feature-based approaches compared using the detection accuracy.
Keywords: blind image forgery detection; non-subsampled contourlet transform; grey level run length matrix; GLRLM; generalised Gaussian distribution; classifier ensemble.
Low complexity cybersecurity architecture for the development of ITS in smart cities
by Nawal Alsaffar, Wael M. El-Medany, Hayat Ali
Abstract: The application of an intelligent transportation system (ITS) within smart cities is an emerging technology that requires access to a network, and might be exposed to cyberattacks, which may affect the privacy of users and drivers. One of the most important pieces of private information is the vehicle location, which may lead to physical attacks. Therefore, a security technique should be applied to secure the vehicle's user data and location. Adding hardware security to the tracking device will increase the hardware complexity to internet of things (IoT) sensor, which has a limited area. This paper proposed a low complexity cybersecurity architecture to protect user privacy and sensitive information. The implemented design has been synthesised and simulated, and results has been discussed and verified for selecting the best techniques of data protection and less design complexity. The hardware implementation can be reconfigured for different cipher keys and different size of cipher text.
Keywords: internet of things; cybersecurity; threats mitigation; industrial internet of things; intelligent transportation system; ITS.
Network forensics investigation: behaviour analysis of distinct operating systems to detect and identify the host in IPv6 network
by Abdullah Ayub Khan, Syed Asif Ali
Abstract: This paper studies the behaviour analysis of distinct operating systems for the purpose of forensics investigation in the IPv6 network and ensures the detection as well as identification of the network host. The network forensics parameters help to capture, filter, analyse, and information reporting about the computer-based incidents and activities of cybercrime. IPv6 supports tackling the complication of traffic in a network environment, such as dual-stack, tunnel, and translation. This research sheds light on the IPv6 network, assesses the automatic and manual transition in order to characterise network behaviour. This paper proposes a flexible and automated method architecture to analyse operating systems behaviour by observing the system function calls, performing network investigation by using PCAP file analysis to help detect and identify the host, sessions, and open ports in the virtual environment. Through the experimental result on the network traffic, PCAP files dataset of the University of New Haven, the proposed model can archive identify network host in IPv6 network with high accuracy rate, the result shows the robustness of the NetworkMiner in terms of behaviour analysis with efficacy as compared to other state-of-the-art schemes.
Keywords: digital forensic; network forensics; behaviour analysis of distinct operating systems; IPv6 networks; host identification; PCAP file analysis; NetworkMiner.
Improving the asymmetric encryption algorithm based on genetic algorithm, application in online information transmission
by Le Dinh Son, Tran Van An, Nguyen Ngoc Thuy
Abstract: Within the paper scope, the authors propose to improve two solutions of information security: first, improving the asymmetric key encryption based on genetic algorithm (GA); second, building architecture of stratified information transmission system with intermediate information transmission layer. The method of survey and analysis is applied with scientific publications related to asymmetric encryption and genetic algorithms. Applying genetic algorithm to improve asymmetric encryption algorithm and intermediate information transmission layer used in the building of information transmission system in order to further enhance the security. Empirical evaluation of the effectiveness of the proposed solutions. Application of proposed solutions in actual system in use. Improved asymmetric encryption algorithm based on genetic algorithm; applied the above algorithm in building a stratified information transmission system with intermediate information layer. The improvement of information security solutions has further reinforced the security and ensured the processing speed as well as prospectively applied in practice.
Keywords: genetic algorithm; information security; asymmetric encryption; information transmission.
Network and hypervisor-based attacks in cloud computing environments
by Reza Montasari, Stuart Macdonald, Amin Hosseinian-Far, Fiona Carroll, Alireza Daneshkhah
Abstract: Cloud computing (CC) has become one of the most transformative computing technologies and a key business avenue, following in the footsteps of main-frames, minicomputers, personal computers, the World Wide Web and smartphones. Its vital features have considerably reduced IT costs, contributing to its rapid adoption by businesses and governments worldwide. Despite the many technological and economic benefits that CC offers, at the same time, it poses complex security threats resulting from the use of virtualisation technology. Compromising the security of any component in the cloud virtual infrastructure will negatively affect the security of other elements and so impact the overall system security. Therefore, to create a practical understanding of such threats, this paper provides an analysis of common and underexplored network- and hypervisor-based attacks against CC systems from a technical viewpoint.
Keywords: cyber security; threat intelligence; artificial intelligence; machine learning; cyber physical systems; digital forensics; big data.
Digital watermarking of compressed videos using larger dimension 2D error correcting codes for higher embedding capacity
by Anjana Rodrigues, Archana Bhise
Abstract: This paper proposes a novel method of digital watermarking of MPEG videos using 2-dimensional error-correcting codes (2D ECC). The motion vectors of the video to be protected are used as the cover. Hence, this method is versatile and can be used to watermark videos of multiple formats such as MPEG-1, MPEG-2, MPEG-4 (AVC/H.264) and even the latest format HEVC/H.265. An error-correcting code of dimension 15 × 15 is constructed and used to embed the watermark into select motion vectors at the encoder and to retrieve the watermark at the decoder. The use of 2D ECC facilitates embedding of multiple bits of the watermark in various patterns inside the cover, thus improving imperceptibility. The results obtained on sample videos show a high embedding capacity of 8 bits/pixel and 245 bits/codeword, while still maintaining a PSNR greater than 40 dB, as compared to the existing 4 bits/pixel of other methods.
Keywords: 2D error correcting codes; digital watermarking; video watermarking; MPEG videos; copyright protection; motion vectors.
Volatile memory forensics of privacy-aware operating systems
by Nilay R. Mistry, Sampada Kanitkar, S.O. Junare
Abstract: Along with the use of the internet, awareness regarding the privacy of the user data is also increasing slowly and gradually but at a comparatively slower rate than that of cybercrime. At present in the market, there are many such operating systems available that are secured and leave the minimum number of traces which makes it difficult to retrieve or obtain any kind of data from that system after carrying out the forensics of that machine. In this research, acquisition, and analysis of random access memory (RAM), of such secured operating systems, is performed and potential artefacts related to the activities are identified, that the operating systems leave in the memory of the system which can be further submitted in the court of law as evidence in case of a crime being committed using such security providing technology.
Keywords: privacy-aware operating systems; volatile memory forensics; volatile memory analysis; digital forensics; cybercrime; privacy; anonymity.