Counterfeiting and defending the digital forensic process

Alvaro Botas; Ricardo J. Rodríguez; Teemu Väisänen; Patrycjusz Zdzichowski

doi:10.1109/CIT/IUCC/DASC/PICOM.2015.291

Counterfeiting and defending the digital forensic process

Alvaro Botas, Ricardo J. Rodríguez, Teemu Väisänen, Patrycjusz Zdzichowski

Not published at VTT

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

1 Citation (Scopus)

Abstract

During the last years, criminals have become aware of how digital evidences that lead them to courts and jail are collected and analyzed. Hence, they have started to develop antiforensic techniques to evade, hamper, or nullify their evidences. Nowadays, these techniques are broadly used by criminals, causing the forensic analysis to be in a state of decay. To defeat against these techniques, forensic analyst need to first identify them, and then to mitigate somehow their effects. In this paper, we review the anti-forensic techniques and propose a new taxonomy that relates them to the initial phase of a forensic process mainly affected by each technique. Furthermore, we introduce mitigation techniques for these anti-forensic techniques, considering the chance to overcome the anti-forensic techniques and the difficulty to apply them.

Original language	English
Title of host publication	Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015
Publisher	IEEE Institute of Electrical and Electronic Engineers
Pages	1966-1971
ISBN (Electronic)	978-1-5090-0154-5
ISBN (Print)	978-1-5090-0153-8
DOIs	https://doi.org/10.1109/CIT/IUCC/DASC/PICOM.2015.291
Publication status	Published - 22 Dec 2015
MoE publication type	A4 Article in a conference publication
Event	15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015 - Liverpool, United Kingdom Duration: 26 Oct 2015 → 28 Oct 2015

Conference

Conference	15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015
Country/Territory	United Kingdom
City	Liverpool
Period	26/10/15 → 28/10/15

Keywords

Anti-forensics
Categorization
Forensics

Access to Document

10.1109/CIT/IUCC/DASC/PICOM.2015.291

Cite this

Botas, A., Rodríguez, R. J., Väisänen, T., & Zdzichowski, P. (2015). Counterfeiting and defending the digital forensic process. In Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015 (pp. 1966-1971). Article 7363337 IEEE Institute of Electrical and Electronic Engineers. https://doi.org/10.1109/CIT/IUCC/DASC/PICOM.2015.291

Botas, Alvaro ; Rodríguez, Ricardo J. ; Väisänen, Teemu et al. / Counterfeiting and defending the digital forensic process. Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015. IEEE Institute of Electrical and Electronic Engineers, 2015. pp. 1966-1971

@inproceedings{9cd1d3b171264b519e2449b8113f9d63,

title = "Counterfeiting and defending the digital forensic process",

abstract = "During the last years, criminals have become aware of how digital evidences that lead them to courts and jail are collected and analyzed. Hence, they have started to develop antiforensic techniques to evade, hamper, or nullify their evidences. Nowadays, these techniques are broadly used by criminals, causing the forensic analysis to be in a state of decay. To defeat against these techniques, forensic analyst need to first identify them, and then to mitigate somehow their effects. In this paper, we review the anti-forensic techniques and propose a new taxonomy that relates them to the initial phase of a forensic process mainly affected by each technique. Furthermore, we introduce mitigation techniques for these anti-forensic techniques, considering the chance to overcome the anti-forensic techniques and the difficulty to apply them.",

keywords = "Anti-forensics, Categorization, Forensics",

author = "Alvaro Botas and Rodr{\'i}guez, {Ricardo J.} and Teemu V{\"a}is{\"a}nen and Patrycjusz Zdzichowski",

year = "2015",

month = dec,

day = "22",

doi = "10.1109/CIT/IUCC/DASC/PICOM.2015.291",

language = "English",

isbn = "978-1-5090-0153-8",

pages = "1966--1971",

booktitle = "Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015",

publisher = "IEEE Institute of Electrical and Electronic Engineers",

address = "United States",

note = "15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015 ; Conference date: 26-10-2015 Through 28-10-2015",

}

Botas, A, Rodríguez, RJ, Väisänen, T & Zdzichowski, P 2015, Counterfeiting and defending the digital forensic process. in Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015., 7363337, IEEE Institute of Electrical and Electronic Engineers, pp. 1966-1971, 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015, Liverpool, United Kingdom, 26/10/15. https://doi.org/10.1109/CIT/IUCC/DASC/PICOM.2015.291

Counterfeiting and defending the digital forensic process. / Botas, Alvaro; Rodríguez, Ricardo J.; Väisänen, Teemu et al.
Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015. IEEE Institute of Electrical and Electronic Engineers, 2015. p. 1966-1971 7363337.

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

TY - GEN

T1 - Counterfeiting and defending the digital forensic process

AU - Botas, Alvaro

AU - Rodríguez, Ricardo J.

AU - Väisänen, Teemu

AU - Zdzichowski, Patrycjusz

PY - 2015/12/22

Y1 - 2015/12/22

N2 - During the last years, criminals have become aware of how digital evidences that lead them to courts and jail are collected and analyzed. Hence, they have started to develop antiforensic techniques to evade, hamper, or nullify their evidences. Nowadays, these techniques are broadly used by criminals, causing the forensic analysis to be in a state of decay. To defeat against these techniques, forensic analyst need to first identify them, and then to mitigate somehow their effects. In this paper, we review the anti-forensic techniques and propose a new taxonomy that relates them to the initial phase of a forensic process mainly affected by each technique. Furthermore, we introduce mitigation techniques for these anti-forensic techniques, considering the chance to overcome the anti-forensic techniques and the difficulty to apply them.

AB - During the last years, criminals have become aware of how digital evidences that lead them to courts and jail are collected and analyzed. Hence, they have started to develop antiforensic techniques to evade, hamper, or nullify their evidences. Nowadays, these techniques are broadly used by criminals, causing the forensic analysis to be in a state of decay. To defeat against these techniques, forensic analyst need to first identify them, and then to mitigate somehow their effects. In this paper, we review the anti-forensic techniques and propose a new taxonomy that relates them to the initial phase of a forensic process mainly affected by each technique. Furthermore, we introduce mitigation techniques for these anti-forensic techniques, considering the chance to overcome the anti-forensic techniques and the difficulty to apply them.

KW - Anti-forensics

KW - Categorization

KW - Forensics

UR - http://www.scopus.com/inward/record.url?scp=84964285847&partnerID=8YFLogxK

U2 - 10.1109/CIT/IUCC/DASC/PICOM.2015.291

DO - 10.1109/CIT/IUCC/DASC/PICOM.2015.291

M3 - Conference article in proceedings

AN - SCOPUS:84964285847

SN - 978-1-5090-0153-8

SP - 1966

EP - 1971

BT - Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015

PB - IEEE Institute of Electrical and Electronic Engineers

T2 - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015

Y2 - 26 October 2015 through 28 October 2015

ER -

Botas A, Rodríguez RJ, Väisänen T, Zdzichowski P. Counterfeiting and defending the digital forensic process. In Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015. IEEE Institute of Electrical and Electronic Engineers. 2015. p. 1966-1971. 7363337 doi: 10.1109/CIT/IUCC/DASC/PICOM.2015.291

Counterfeiting and defending the digital forensic process

Abstract

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this