Vision: An empirical framework for examiners to accessing password-protected resources for on-the-scene digital investigations

Research output: Contribution to journalArticlepeer-review

Abstract

It is increasingly becoming difficult to acquire meaningful information in the field of digital forensics through the traditional approach owing to advances in information security and anti-forensics techniques. To counteract anonymous services such as data in remote areas without authentication information, data encryption, device locks, and cryptocurrencies, it is important to acquire key information through live forensics at search and seizure sites. Thus, it is necessary to establish a response system that explores and processes credential information on site and extracts meaningful information based on the processed information. To this end, this study proposes a new digital forensics framework for application at search and seizure sites. The proposed framework is designed to allow expansion in the form of additional functions on account of a module type development for the system even when new services and digital devices appear in the future. We then explain its applicability through case studies of actual digital investigations.

Original languageEnglish
Article number301376
JournalForensic Science International: Digital Investigation
Volume40
DOIs
Publication statusPublished - 2022 Mar

Keywords

  • Anti-forensics
  • Credential information
  • Digital forensics
  • Live forensics
  • Search and seizure

ASJC Scopus subject areas

  • Computer Science Applications
  • Information Systems
  • Pathology and Forensic Medicine
  • Law
  • Medical Laboratory Technology

Fingerprint

Dive into the research topics of 'Vision: An empirical framework for examiners to accessing password-protected resources for on-the-scene digital investigations'. Together they form a unique fingerprint.

Cite this