A Review about Forensic Informatics and Tools

Year 2022, Volume: 2 Issue: 2, 61 - 67, 27.02.2023

Çiğdem Bakır Mecit Yuzkat

Abstract

Due to the rapid increase in the use of internet and electronic devices in our age, forensic informatics is becoming a very important field. A good understanding of forensic processes is necessary for the protection of states, institutions and personal information. In addition, when a crime is committed, it is a great precaution to make the right decision when making decisions about this crime. In the article study, researches on the importance of forensic science, its areas of use and the tools used in these areas were made. The study consists of three main stages. In the first stage of the study, the general definition of forensics, its precautions, common areas of use and recent studies on forensics were examined in detail. networks are offered. In the second stage, the process of collecting, analyzing and reporting, which is a process of forensic informatics, was made and the types of evidence were mentioned. In the third part of the study, information about legal informatics law is given. In the final stages of the conclusion and suggestion section, suggestions were made about the importance of forensic science, the lack of academic understanding of forensic sciences in our country and how these deficiencies can be eliminated.

Keywords

Forensic computing, hardware tools, software tools, mobile forensic computing, cloud computing

References

• Walker, C. (2006). Computer forensics: bringing the evidence to court. Retrieved August, 23, 2008.
• Hand, Scott, et al. "Bin-Carver: Automatic recovery of binary executable files." Digital Investigation 9 (2012): S108-S117.
• Narayanan, A. Sankara, and M. Mohamed Ashik. "Computer Forensic First Responder Tools." Advances in Mobile Network, Communication and its Applications (MNCAPPS), 2012 International Conference on. IEEE, 2012.
• Pal, Anandabrata, and Nasir Memon. "The evolution of file carving." IEEE Signal Processing Magazine 26.2 (2009): 59-71.
• William Ballenthin, “NTFS INDX Attribute Parsing”, http://www.williballenthin.com/forensics/indx/index.html. [Accessed: 10-May-2021]
• Al Mutawa, Noora, Ibrahim Baggili, and Andrew Marrington. "Forensic analysis of social networking applications on mobile devices." Digital Investigation 9 (2012): S24-S33.
• A forensics overview and analysis of USB flash memory devices, Krishnun Sansurooah. Proceedings of the 7th Australian Digital Forensics Conference, Edith Cowan University, Perth Western Australia,2009.
• Arthur, Kweku K., and Hein S. Venter. "An Investigation Into Computer Forensic Tools." ISSA. 2004.
• Guo, Hong, Bo Jin, and Ting Shang. "Forensic investigations in cloud environments." Computer Science and Information Processing (CSIP), 2012 International Conference on. IEEE, 2012.
• Wiger van Houten, Zeno J. M. H. Geradts, Katrin Franke, and Cor J. Veenman, “Verification of video source camera competition (camcom 2010),” in ICPR Contests, 2010.
• Garfinkel, Simson. "Digital forensics XML and the DFXML toolset." Digital Investigation 8.3 (2012): 161-174.
• Ling, Tang. "The study of computer forensics on linux." Computational and Information Sciences (ICCIS), 2013 Fifth International Conference on. IEEE, 2013.
• Bestagini, Paolo, et al. "An overview on video forensics." Signal Processing Conference (EUSIPCO), 2012 Proceedings of the 20th European. IEEE, 2012.
• Pan, Yin, et al. "Game-based forensics course for first year students." Proceedings of the 13th annual conference on Information technology education. ACM, 2012.
• Guo, Yinghua, Jill Slay, and Jason Beckett. "Validation and verification of computer forensic software tools—Searching Function." digital investigation 6 (2009): S12-S22.
• Cho, Gyu-Sang. "NTFS Directory Index Analysis for Computer Forensics." Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2015 9th International Conference on. IEEE, 2015.
• Kaur, Harjinder, and Nivit Gill. "Host based anomaly detection using fuzzy genetic approach (FGA)." International Journal of Computer Applications 74.20 (2013).
• Deepak Scholar, Hitesh Gupta, “Digital Crime Investigation using various Logs and Fuzzy rules: A Review”, IJARCCE, Vol 2, Issue 4, April, 2013.
• Michihiro Kobayashi, Takahiro Okabe, and Yoichi Sato, “Detecting forgery from static-scene video based on in-consistency in noise level functions,” IEEE Transactions on Information Forensics and Security, vol. 5, pp. 883– 892, 2010.
• Li Weiwei. Computer Forensics Analysis based on EnCase System. Jilin Normal University Journal. 2011. Vol 32.
• Kroll Ontrack. Ontrack EasyRecovery. http://www.krollontrack.co.uk/data-recovery/data-recovery-software/. [Accessed: 6-May-2021]
• Joe Grand. pdd: Memory Imaging and Forensic Analysis of Palm OS Devices. Proceedings of the 14th Annual first Conference on Computer Security Incident Handling and Response. 2002.
• Shi, Ronghua, et al. "A Matrix-Based Visualization System for Network Traffic Forensics." IEEE Systems Journal 10.4 (2016): 1350-1360.
• Shorey, R., Kamra, A., Kapila, S., Khurana, V., & Yadav, V. (2006). U.S. Patent No. 7,065,482. Washington, DC: U.S. Patent and Trademark Office.
• Snort. [Online]. Available: http://www.snort.org [Accessed: 4-May-2021]
• Ghafarian, Ahmad. "Foreniscs analysis of cloud computing services." Science and Information Conference (SAI), 2015. IEEE, 2015.
• Khan, Suleman, et al. "Software-Defined Network Forensics: Motivation, Potential Locations, Requirements, and Challenges." IEEE Network 30.6 (2016): 6-13.
• Easwaramoorthy, Sathishkumar, et al. "Digital forensic evidence collection of cloud storage data for investigation." Recent Trends in Information Technology (ICRTIT), 2016 International Conference on. IEEE, 2016.
• Quick, D., & Choo, K. K. R. (2013). Dropbox analysis: Data remnants on user machines. Digital Investigation, 10(1), 3-18.
• Quick, D., & Choo, K. K. R. (2013). Digital droplets: Microsoft SkyDrive forensic data remnants. Future Generation Computer Systems, 29(6), 1378-1394.
• Adli bilişim, http://www.leylakeser.org/2008/07/adli-biliim-cmk-md-134-ve-dndrdkleri.html [Accessed: 2-May-2021].
• Kim, Y., Kim, K.J.,”A Forensic Model on Deleted-File Verification for Securing Digital Evidence”, 978—1-4244-5493-8710 IEEE, 2010;
• Ademu, I. O., Imafidon, C. O., & Preston, D. S. (2011). A new approach of digital forensic model for digital forensic investigation. Int. J. Adv. Comput. Sci. Appl, 2(12), 175-178.
• Peisert, S., Bishop, M., & Marzullo, K. (2008, May). Computer forensics in forensis. In Systematic Approaches to Digital Forensic Engineering, 2008. SADFE'08. Third International Workshop on (pp. 102-122). IEEE.
• Erik Hjelmvik, Passive Network Security Analysis with NetworkMiner http://www.forensicfocus.com/passive-network-security-analysis-networkminer. [Accessed: 5-May-2021]
• Ahmed, R., & Dharaskar, R. V. (2009, March). Mobile forensics: an introduction from Indian law enforcement perspective. In International Conference on Information Systems, Technology and Management (pp. 173-184). Springer, Berlin, Heidelberg.
• Özocak, Gürkan, “Sosyal Medyada İşlenen Suç Tipleri ve Suçluların Tespiti”, Yenimedya Çalışmaları II. Ulusal Kongresi – Kongre Kitabı, Kocaeli, 2013, s. 465.
• Uğur BAHADIR – Devletler Özel Hukukunda İspata Uygulanacak Hukuk http://www.turkhukuksitesi.com/makale_131.htm. [Accessed: 5-May-2021]
• Özbek, M. (2013). Adli bilişimde delillerin toplanması ve incelenmesi (Doctoral dissertation, İstanbul Bilgi Üniversitesi).
• Bahadur, P., & Yadav, D. S. (2015, November). Computer forensics-digitized science. In SAI Intelligent Systems Conference (IntelliSys), 2015 (pp. 1025-1031). IEEE.
• Dunbar, B (January 2001). "A detailed look at Steganographic Techniques and their use in an Open-Systems Environment".
• Digital forensics and the legal system: A dilemma of our times James Tetteh Ami-Narh,Patricia A.H. Williams, Proceedings of the 6th Australian Digital Forensics Conference, Edith Cowan University, Perth Western Australia,December, 2008.
• Baryamureeba, V., & Tushabe, F. (2004, August). The enhanced digital investigation process model. In Proceedings of the Fourth Digital Forensic Research Workshop (pp. 1-9).
• Conference on Digital Forensics, Security and Law, 2006 http://www.digitalforensics-conference.org/CFFTPM/CDFSL- proceedings2006-CFFTPM.pdf Marcus K. Rogers ,James Goldman, Rick Mislan,et. al.
• Various (2009). Eoghan Casey, ed. Handbook of Digital Forensics and Investigation. Academic Press. p. 567. ISBN 0-12-374267-6. Retrieved 27 August 2010.
• Geiger, M. (2005, August). Evaluating Commercial Counter-Forensic Tools. In DFRWS.
• Remote Access Forensics for VNC and RDP on Windows Platform. Paresh Kerai, Proceedings of the 8th Australian Digital Forensics Conference, Edith Cowan University, Perth Western Australia, November,2010.
• Noblett, M. G., Pollitt, M. M., & Presley, L. A. (2000). Recovering and examining computer forensic evidence. Forensic Science Communications, 2(4), 1-13..
• Reith, M., Carr, C., & Gunsch, G. (2002). An examination of digital forensic models. International Journal of Digital Evidence, 1(3), 1-12.
• Altschaffel, R., Kiltz, S., Dittmann, J., “From the Computer Incident Taxonomy to a Computer Forensic Examination Taxonomy”, 2009 Fifth International Conference on IT Security Incident Management and IT Forensics, 2009.
• OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data,OECD,http://www.oecd.org/document [Accessed: 10-May-2021]
• Özen, M., & Özocak, G. (2015). Adli Bilişim, Elektronik Deliller ve Bilgisayarlarda Arama ve El Koyma Tedbirinin Hukuki Rejimi (CMK M. 134). Ankara Barosu Dergileri, 73(1).
• Adli bilişim, http://www.telepati.com.tr/agustos12/konu8.htm.[Accessed: 5-May- 2021].
• Bill Nelson, Amelia Phillips, Frank Enfinger, Chris Steuart, Computer Forensics and Investigation, Cengage Learning, 2010 ISBN: 1435498836,9781435498839.
• Forensic, httpwww.dijitaldeliller.comyazilimlar.htm. [Accessed: 10-May-2021].