Counterfeiting and defending the digital forensic process

Alvaro Botas, Ricardo J. Rodríguez, Teemu Väisänen, Patrycjusz Zdzichowski

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

Abstract

During the last years, criminals have become aware of how digital evidences that lead them to courts and jail are collected and analyzed. Hence, they have started to develop antiforensic techniques to evade, hamper, or nullify their evidences. Nowadays, these techniques are broadly used by criminals, causing the forensic analysis to be in a state of decay. To defeat against these techniques, forensic analyst need to first identify them, and then to mitigate somehow their effects. In this paper, we review the anti-forensic techniques and propose a new taxonomy that relates them to the initial phase of a forensic process mainly affected by each technique. Furthermore, we introduce mitigation techniques for these anti-forensic techniques, considering the chance to overcome the anti-forensic techniques and the difficulty to apply them.

Original languageEnglish
Title of host publicationProceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015
PublisherInstitute of Electrical and Electronic Engineers IEEE
Pages1966-1971
ISBN (Electronic)978-1-5090-0154-5
ISBN (Print)978-1-5090-0153-8
DOIs
Publication statusPublished - 22 Dec 2015
MoE publication typeA4 Article in a conference publication
Event15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015 - Liverpool, United Kingdom
Duration: 26 Oct 201528 Oct 2015

Conference

Conference15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015
CountryUnited Kingdom
CityLiverpool
Period26/10/1528/10/15

Fingerprint

Prisons
Taxonomies
Digital forensics

Keywords

  • Anti-forensics
  • Categorization
  • Forensics

Cite this

Botas, A., Rodríguez, R. J., Väisänen, T., & Zdzichowski, P. (2015). Counterfeiting and defending the digital forensic process. In Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015 (pp. 1966-1971). [7363337] Institute of Electrical and Electronic Engineers IEEE. https://doi.org/10.1109/CIT/IUCC/DASC/PICOM.2015.291
Botas, Alvaro ; Rodríguez, Ricardo J. ; Väisänen, Teemu ; Zdzichowski, Patrycjusz. / Counterfeiting and defending the digital forensic process. Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015. Institute of Electrical and Electronic Engineers IEEE, 2015. pp. 1966-1971
@inproceedings{9cd1d3b171264b519e2449b8113f9d63,
title = "Counterfeiting and defending the digital forensic process",
abstract = "During the last years, criminals have become aware of how digital evidences that lead them to courts and jail are collected and analyzed. Hence, they have started to develop antiforensic techniques to evade, hamper, or nullify their evidences. Nowadays, these techniques are broadly used by criminals, causing the forensic analysis to be in a state of decay. To defeat against these techniques, forensic analyst need to first identify them, and then to mitigate somehow their effects. In this paper, we review the anti-forensic techniques and propose a new taxonomy that relates them to the initial phase of a forensic process mainly affected by each technique. Furthermore, we introduce mitigation techniques for these anti-forensic techniques, considering the chance to overcome the anti-forensic techniques and the difficulty to apply them.",
keywords = "Anti-forensics, Categorization, Forensics",
author = "Alvaro Botas and Rodr{\'i}guez, {Ricardo J.} and Teemu V{\"a}is{\"a}nen and Patrycjusz Zdzichowski",
year = "2015",
month = "12",
day = "22",
doi = "10.1109/CIT/IUCC/DASC/PICOM.2015.291",
language = "English",
isbn = "978-1-5090-0153-8",
pages = "1966--1971",
booktitle = "Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015",
publisher = "Institute of Electrical and Electronic Engineers IEEE",
address = "United States",

}

Botas, A, Rodríguez, RJ, Väisänen, T & Zdzichowski, P 2015, Counterfeiting and defending the digital forensic process. in Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015., 7363337, Institute of Electrical and Electronic Engineers IEEE, pp. 1966-1971, 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015, Liverpool, United Kingdom, 26/10/15. https://doi.org/10.1109/CIT/IUCC/DASC/PICOM.2015.291

Counterfeiting and defending the digital forensic process. / Botas, Alvaro; Rodríguez, Ricardo J.; Väisänen, Teemu; Zdzichowski, Patrycjusz.

Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015. Institute of Electrical and Electronic Engineers IEEE, 2015. p. 1966-1971 7363337.

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

TY - GEN

T1 - Counterfeiting and defending the digital forensic process

AU - Botas, Alvaro

AU - Rodríguez, Ricardo J.

AU - Väisänen, Teemu

AU - Zdzichowski, Patrycjusz

PY - 2015/12/22

Y1 - 2015/12/22

N2 - During the last years, criminals have become aware of how digital evidences that lead them to courts and jail are collected and analyzed. Hence, they have started to develop antiforensic techniques to evade, hamper, or nullify their evidences. Nowadays, these techniques are broadly used by criminals, causing the forensic analysis to be in a state of decay. To defeat against these techniques, forensic analyst need to first identify them, and then to mitigate somehow their effects. In this paper, we review the anti-forensic techniques and propose a new taxonomy that relates them to the initial phase of a forensic process mainly affected by each technique. Furthermore, we introduce mitigation techniques for these anti-forensic techniques, considering the chance to overcome the anti-forensic techniques and the difficulty to apply them.

AB - During the last years, criminals have become aware of how digital evidences that lead them to courts and jail are collected and analyzed. Hence, they have started to develop antiforensic techniques to evade, hamper, or nullify their evidences. Nowadays, these techniques are broadly used by criminals, causing the forensic analysis to be in a state of decay. To defeat against these techniques, forensic analyst need to first identify them, and then to mitigate somehow their effects. In this paper, we review the anti-forensic techniques and propose a new taxonomy that relates them to the initial phase of a forensic process mainly affected by each technique. Furthermore, we introduce mitigation techniques for these anti-forensic techniques, considering the chance to overcome the anti-forensic techniques and the difficulty to apply them.

KW - Anti-forensics

KW - Categorization

KW - Forensics

UR - http://www.scopus.com/inward/record.url?scp=84964285847&partnerID=8YFLogxK

U2 - 10.1109/CIT/IUCC/DASC/PICOM.2015.291

DO - 10.1109/CIT/IUCC/DASC/PICOM.2015.291

M3 - Conference article in proceedings

SN - 978-1-5090-0153-8

SP - 1966

EP - 1971

BT - Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015

PB - Institute of Electrical and Electronic Engineers IEEE

ER -

Botas A, Rodríguez RJ, Väisänen T, Zdzichowski P. Counterfeiting and defending the digital forensic process. In Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015. Institute of Electrical and Electronic Engineers IEEE. 2015. p. 1966-1971. 7363337 https://doi.org/10.1109/CIT/IUCC/DASC/PICOM.2015.291