Headlines
  • False or misleading informations are spread by organizations posing as legitimate media outlets in an attempt to twist public opinion in favor of a certain ideology.
  • On social media,watch out for fake messages,pictures,Videos and news.
  • Always Check Independent Fact Checking Sites if You Have Some Doubts About the Authenticity of Any Information or Picture or video.
  • Check Google Images for AuthThe Google Reverse Images search can helps you.
  • It Would Be Better to Ignore Social Media Messages that are forwarded from Unknown or Little-Known Sources.
  • If a fake message asks you to share something, you can quickly recognize it as fake messege.
  • It is a heinous crime and punishable offence to post obscene, morphed images of women on social media networks, sometimes even in pornographic websites, as retaliation.
  • Deepfakes use artificial intelligence (AI)-driven deep learning software to manipulate preexisting photographs, videos, or audio recordings of a person to create new, fake images, videos, and audio recordings.
  • AI technology has the ability to manipulate media and swap out a genuine person's voice and likeness for similar counter parts.
  • Deepfake creators use this fake substance to spread misinformation and other illegal activities.Deepfakes are frequently used on social networking sites to elicit heated responses or defame opponents.
  • One can identify AI created fake videos by identifying abnormal eye movement, Unnatural facial expressions, a lack of feeling, awkward-looking hand,body or posture,unnatural physical movement or form, unnatural coloring, Unreal-looking hair,teeth that don't appear natural, Blurring, inconsistent audio or noise, images that appear unnatural when slowed down, differences between hashtags blockchain-based digital fingerprints, reverse image searches.
  • Look for details,like stange background,orientation of teeth,handsclothing,asymmetrical facial features,use reverse image search tools.

More Details

Cloud Computing Forensics: In The Criminal Mind

The challenges in policing non-conventional such as cybercrime, identity theft and fraud and hacking appeals to the new security trends, particularly to cloud computing. The opportunities and finance is minimal as compared to other security process or model. However, many customers are still reluctant to move their business IT infrastructure to the Cloud because of emerging threats. Though some Cloud Service Providers (CSP) encourage customers to migrate to the virtual curtain, the challenges are real in terms of Cloud Forensics, with the lack of physical access to servers and disruptive patterns by criminals, challenging investigative principles. The decentralized nature of data processing in the Cloud, is another challenging aspect to the traditional narrative to the acquisition of evidence and recovery of data due to the increasing number of devices including computers, smartphones, and tablets. This paper focuses on the technical aspects of digital forensics in Cloud environments, by exploring new digital evidence patterns and challenging problems for the digital investigator from an identification, acquisition, storage, and analysis perspective. It equally illustrates criminal patterns against forensic cloud computing and contemporary investigation in non-conventional crimes

By Saron Messembe Obia

Information and communication technology have gone beyond the initial stage of security of the 1980s. Cloud computing system have emerged with new form of securing and storing data. Organizations are increasingly deploying their infrastructure into remote, virtual environments, often hosted and managed by third parties. This evolution has significant implications for digital forensic investigators, equipment vendors, law enforcement, as well as audit departments. Digital forensic investigation focuses on control and management of IT assets (data storage) in order to provide adequate evidence to the criminal justice system. This paper analyses the key aspects of cloud computing and expose limits of digital forensic procedures which invalidate certain criminal trends. The implementation of virtual security by third parties in infrastructures are strategic factor to digital forensic investigators, equipment vendors and law enforcement officers. 

Globalization period changed the dynamics of information and communication technology, with virtual services use for IT infrastructure security, because of the rapidly re-configuration and evolving requirements limiting the request for redundant services (hardware). It’s also worth noting that cloud computing reduces the costs of providing IT services, by eliminating redundant computing power and storage, reducing support requirements, as well as capital commitment reduction. Organizations have a gain 37% cost if the migrate their IT infrastructure from an outsourced data-center to the Amazon Cloud (Khajeh-Hosseini, Greenwood, & Sommerville, 2010). Critical to point out security breach during the past decade have been alarming, with private data sold in the dark market by hackers.

The past decade has recorded several internet crimes; from organizational security breaches, cyber-attacks or policy violations occur, necessary for conducting digital forensic investigation. However, the practice (digital forensic) or principles, frameworks, and tools are limited to off-line investigation. In modern era assumption is critical to criminal investigations, considering that the storage media under investigation might have incriminating data is not usually the case after the investigator screens the gadget. But with investigations related to cloud computing is challenging, for evidence is likely to be ephemeral and stored on media beyond.

Digital Forensics in Cloud Computing

Each year millions of cyber security experts graduate from universities, some work for private and public organizations, while others work for the underworld, thereby raising several challenges in analyses in criminal investigations as well as existing models of digital forensics. The discussion will be focus on Intrusion Detection Systems (DIP) model which provides a comprehensive review of digital forensic process, and structural impact of cloud forensics on this process. It shall explore three different aspects in cloud computing forensic investigation; identification, preservation and collection of data and storage capacity.

Identification

Usually assumed to be simple by law enforcement officers and auxiliary of the criminal justice system, the shift from tradition patterns in the field of IT-specific crimes is challenging. Identification is one of the preliminary aspect for investigators engage in forensics is deduced from complaints made by individuals, anomalies detected by Intrusion Detection Systems (IDS), monitoring and profiling. The identification phase focuses and explore detection of suspicious search in a cloud and the form of cloud services (SaaS, PaaS or IaaS) used. Several researchers have argued on the fascinating result which can be gotten form the deployment of conventional intrusion detection systems in a cloud (Roschke, Cheng, & Meinel, 2009; Vieira, Schulter, Westphall, & Westphall, 2010) such as Infrastructure as a Service (IaaS) clouds (for user), Software as a Service (SaaS) and Platform as a Service (PaaS) clouds (for service provider). Private cloud infrastructure providers can tune IDS for particular suite of services deployed which meets an organization’s needs (G. Grispos, T. Storer, and W.B. Glisson, 2012). Public clouds usually operate with a multi-layered strategy, as users can monitor suspicious events occurring with the services they are using. Providers can monitor the underlying infrastructure used to host the cloud, and therefore detect much larger attacks that could affect a much larger audience.

Collection and Preservation of Data

One of the major aspect for the criminal justice system to render judgement is the acquisition of data (evidence) through scientific patterns. Digital forensic investigator is usually concern with data collection from computer-based systems and other device like android phones which constitute evidence for criminal proceedings. International and regional convention and standard have been put forth for forensic investigation by states, such as the Daubert principles (Marsico, 2004), which prone that forensic evidence must be testable, and the methods used for the acquisition of evidence be repeatable. The most used model for data is the DIP model; it defines activities prior to data collection to ensure the integrity of data throughout the investigation life cycle, which necessitates evidence (data from a computer) to be accurately represented. Though several aspects of the preservation phase are affected by the use of a cloud environment.

Storage Capacity

In conventional investigations, one of the major issue is the preservation of evidence and availability of a secure storage capacity or device for the data gathered to be archived. Billions of devices are connected to the internet and also offline within a particular period, as such data gathered during forensic investigations, is increasingly challenging for investigators to extract evidence (Richard & Roussev, 2006; Roussev, Wang, Richard, & Marziale, 2009; Sommer, 2004). This increase warrants extra finance for investigators with the responsibility to store and curate the data, not ignoring time required to examine it. The use of cloud environments may limit the problem of data storage to an extent. It is usually challenging for some investigators to gather extremely large amount of data placed in a cloud by a user. The use of public cloud o store evidence by investigators can limit some criminals issues, due to the legal and technical challenges involve. Challenges relating to data protection and privacy which limits investigations, and has impact on evidence stored in the cloud. 

Simulating a criminal case; case of Mr. Y

The globalization period has led to the evolution of technology, systems formerly Mac OS, Android and iOS built from Microsoft Windows are being neglected as new computers and laptops switch to Apple systems, and to Android and Apple iOS operating systems for mobile devices. Several legal prescriptions have been endorsed in relation to mobile phone forensics, there are many unknowns related to investigations and even challenging. An example is the San Bernardino case in United States of America. Criminal patterns keep changing as software are develop each minute in the world. Encryption-by-default is another aspect which have redefined sociology of crimes in the digital age, as storing data with an encryption and creating network connections that use secure tunnels can be established by anyone. At this stage the paper will be simulating a criminal pattern in relation to a conventional forensic investigation, in order to establish and maintain a chain of custody for evidence:

Digital Image Acquisition

Cybercriminals think far beyond law enforcement officers, most images used to perpetrate crimes are usually not that of the criminal. In sub Saharan Africa, a lot still need to be done in relation of identification, slow pace of biometric identification, staff dishonesty and double registration are just the aspect of inadequate training of law enforcement officers engaged in the identification process. The narrative exposed by Association of Chief Police Officers & 7Safe, 2007; Palmer, 2001 in relation of an investigator gaining control of the cloud service to obtain accurate copy of data held by a service analysis remains a myth even with the Investigative Process Model (DIP Model) and Association of Chief Police Officers (ACPO) guidelines. 

The investigator usually exploits a storage device by connecting to their own computer via a write blocker as shown. Software such as Access Data’s FTK Imagerv or the open-source tool ddvi are used to extract images from device. In case of multiple copies of the image are taken, digital hashes of each image is been verified whether the source image has been compromised. Extracting evidence from a cloud environment is highly challenging to investigators, due to persistent memory acquisition software and a client computer may provide minimal data. During a field survey in 2018, research probed that most criminals, after operation sell their devices in the black market, thereby re-orientating criminal investigations and even putting the third party (person that purchase a criminal gadget in the dark market) in to problems. It was discovered that most criminals use images, gotten from social networking sites, operate with it and store in cloud and can been retrieved with any other device bought. For example, Google File System (GFS) use to store customer data in the cloud (Ghemawat, Gobioff, & Leung, 2003). The system is a “multi-tenant distributed” file system which store personal or organizational data in several physical locations (Google, 2010). But there are several its inevitable that methods employed allows only a partial recovery of data from any one physical device, which is critical forensic principles and incomplete data can compromise investigation (Carrier & Spafford, 2004).

Cybercriminal investigators should avoid assuming on certain digital material. Each second there is a computer breach in the world, be it financial institutions, security agencies, hospitals and even social networking sites. Such breach is usually related to privacy (stolen data of person or entity), despite data protection legislation. However, an investigator to scan a memory card, hard drive or cached of a user’s computer during interactions with cloud services. He must locate and arrest the individual, take his machine for proper investigation, relaying on digital image used by criminals is not usually quite sustainable, as some after several ‘hits’, damage the hard drive after formatting and sell the parts of the computer in the dark market. 

Deleted Data

Criminals continue to gain momentum with the help of crackers, who help bypass certain security protocols in order to secure and limit gadgets from being traced. Notwithstanding, is necessary to point out that cloud could assist and as well hamper security attempts to recover data that have been deleted by the suspect. In a field survey of some suspects engaged in non-conventional crimes, revealed that most are intellectuals, some have even university degrees in IT and law, as such no material evidence is neglected, as hard drive or USB flash drive, which a suspect has physical access are usually damage after several hits. In conventional investigations, data that a user has attempt to delete is usually crucial for criminal justice system to render judgement. Even in cloud computing, recovery of deleted data challenging, and user privacy is also a priority with certain providers (Google, 2010). For example, Google’s policy regarding deleted data is challenging to the criminal justice system, once a user deletes their data from Google Services, that data is equally deleted from both active and replication servers, making tracing deleted data extremely difficult.

Cross-Organizational Cooperation

A thesis on ‘cyber criminality as an emergent security challenge in Cameroon’ at the pan African institute for development west Africa, revealed three aspects in policing  white collar crimes; cyber warrior team (constitute hackers and criminal profilers vest with cybercriminal patterns and language), cooperation amongst expert, law enforcement through trainings and research and helping victims to properly lay their complaint (some have not gone through formal education and others sometimes threaten by the way an agent talk them). Cross-organizational cooperation in this study simply refer to collaboration amongst the different security units and experts in relation to evidence gathering from cloud environments. Most investigator usually have difficulty in working the ‘experience’ cloud provider’s employees assigned to assist the investigation, particularly if the protocols adopted within the organization are not directly comparable to those of the investigator.

 Most cloud providers use of proprietary technologies in order to facilitate investigation. Most GFS are considered proprietary business information. Investigators may require the cooperation of cloud providers to locate evidence. But reliability and quality of the chain of custody may be insufficient for the investigator’s purposes. It necessary for cloud providers to recruit individuals within their organization, trained and qualified to perform forensic investigations if need arise or in case of any national and international security menace. Investigation will quickly yield result, because most investigators overwhelmed with the range and number of the devices that are connected and need to be investigated. However, this process is challenging for several reasons, the major privacy.

With the numerous challenges in the field of security, Cloud Computing continue to be solicited by some companies because of limited budgets for security resources. However, cloud computing forensics still have loopholes, such as; the loss of control caused by Cloud environments and vendors presents a huge challenge for investigators. First, computer forensic community specialize in digital forensics have to be revised and adapted to modern trends. Law enforcement officers (forensic investigators) must be trained in order to easily reconstitute criminal scenarios and test hypothesizes. Cloud Computing Forensics is not possible anymore following new criminal patterns challenging international, regional and national security organizations.

Reference

Carrier, B., & Spafford, E. H. (2003). Getting physical with the digital investigation process.International Journal of Digital Evidence, 2(2).

Carrier, B., & Spafford, E. H. (2004). An Event-based Digital Forensic Investigation Framework. Paper presented at the Digital Forensic Research Workshop 2004, Baltimore, Maryland.

G. Grispos, T. Storer, and W.B. Glisson (2012). Calm Before the Storm: The Challenges of Cloud Computing in Digital Forensics. International Journal of Digital Crime and Forensics, Volume 4, Issue 2, Pages 28-48

Ghemawat, S., Gobioff, H., & Leung, S. T. (2003). The Google File System. Paper presented at the 19th ACM Symposium on Operating Systems Principles, Bolton Landing, New York, USA.

Google. (2010). Google Apps Messaging and Collaboration Products. Google Security White paper Retrieved February 2, 2012, from

http://static.googleusercontent.com/external_content/untrusted_dlcp/www.google.com/en//a/help/intl/en-GB/admins/pdf/ds_gsa_apps_whitepaper_0207.pdf

Google. (2011). Message Security for Google Apps: Administration Guide. Google White PaperRetrieved February 2, 2012, from

https://acs9.postini.com/help/admin_msd/administration_msd.pdf

Khajeh-Hosseini, A., Greenwood, D., & Sommerville, I. (2010). Cloud Migration: A Case Study of Migrating an Enterprise IT System to IaaS. Paper presented at the IEEE International Conference on Cloud Computing, CLOUD 2010, Miami, FL, USA.

Roussev, V., Wang, L., Richard, G., & Marziale, L. (2009). A Cloud Computing Platform for Large-ScaleForensic Computing. Paper presented at the Advances in Digital Forensics V, 5th IFIP WG 11.9 International Conference on Digital Forensics, Orlando, Florida, USA.

Sommer, P. (2004). The Challenges of Large Computer Evidence Cases. Digital Investigation, 1(1), 16-17.

( The Author is the Editor of crimeandmoreworld.com)

RSS Error: WP HTTP Error: A valid URL was not provided.

Subscribe Our You Tube Channel

Fighting Fake News

Fighting Lies








































Related Article

Mary Jane Veloso, a Filipina on…

Mary Jane Veloso, a Filipina who has spent 14 years on death row in Indonesia, will be coming home b ...
November 21, 2024

Myanmar Junta Airstrike Kills Vhildren Playing…

Myanmar’s air force bombed a church where displaced people were sheltering near the border with Ch ...
November 18, 2024

Bangkok Court Clears Thai Woman of…

A Bangkok court on Thursday acquitted a Thai woman accused of supporting two Chinese ethnic Uyghur m ...
November 8, 2024

Residents of Kamala Harris’s Ancestral Indian…

At the Hindu temple in Thulasendrapuram, the ancestral village of Kamala Harris, in Tamil Nadu, Indi ...
November 7, 2024

TikTok Deletes Videos Related to Uyghur…

Authorities in Xinjiang have banned Uyghurs from using social media apps, including Chinese-owned ...
November 6, 2024

In Post-Hasina Bangladesh,Awami League Faces Uncertain…

With its leaders in jail or fleeing from justice, the party that led Bangladesh to independence and ...
October 29, 2024

Other Article

News & Views

Mary Jane Veloso, a Filipina on…

Mary Jane Veloso, a Filipina who has spent 14 years on death row in Indonesia, will be coming home b ...
November 21, 2024
Video Report

Trapped in Lebanon, African Migrants Face…

Many of the estimated 176,000 migrants living in Lebanon are African women who are working menial jo ...
Pick of the Day

Permanent Representative of France Briefs Press…

Nicolas de Rivière,Permanent Representative of France to the United Nations, briefs reporters after ...
November 20, 2024
Video Report

The Impact on a Ukrainian Family…

This week marks 1,000 days of fighting in Ukraine.For millions of Ukrainians, including 32-year-old ...
Pick of the Day

UN Security Council Meets to Discuss…

James Kariuki,Deputy Permanent Representative of the United Kingdom to the United Nations and Presid ...
November 19, 2024
Video Report

Syrian Refugees in Lebanon Flee Bombs

Over half a million people, many of them were refugees who initially fled the Syrian conflict, have ...

[wp-rss-aggregator feeds="crime-more-world"]
Top