Digital Forensics in Law Enforcement

Topics: Cybercrime, Forensic Science Words: 1666 Pages: 6

Table of Contents

Introduction
Discussion
Methodology
Recommendation
Conclusion
References

Introduction

Forensic science has a digital forensics branch that aims to identify, acquire, evaluate, and report on data stored in electronic form. Evidence in the electronic form is a part of every criminal activity, and digital forensics support is critical for investigators. The information can be collected from various sources, such as computers, remote storage, smartphone, and unmanned aerial system. The primary objective is to extract the information from an electronic gadget or device, process it into useful intelligence, and present the prosecution results.

Every process uses sound forensic mechanisms to ensure the results or findings can be accepted in a court of law. The study aimed to examine as well as map out other information gathered by Fitbit devices that a forensic investigator can use in upcoming investigations. However, the objective or aim of the study is complex, and one can make it easier and still produce the same results by refining the objective of the study. For instance, the alternative could aim to examine whether and to what extent the daily activities captured by electronic devices such as Fitbit can be trusted to build a strong case in court. This paper analyses a study on digital forensic analysis and offers a different way to obtain similar results.

Discussion

Digital forensics in law enforcement is used to gather extra proof after a crime has been done to help support charges against a suspect or avoid any other incidents from occurring. Data stored on a gadget could locate a suspect at the crime scene, aid in uncovering aims, or highlight links to other cases. It could also be utilized to check on alibi and prove an individual’s innocence. Digital forensics is also used as a component of organizations’ incident response protocol, aiding in identifying occurrences and isolating the responsible party for prosecution purposes or mere internal information [1].

This study aimed to examine as well as map out other information gathered by the Fitbit devices that a forensic investigator can use in upcoming investigations. However, as mentioned earlier, this could be refined and approached differently. For instance, the study could aim to examine the extent to which the daily activities captured by electronic devices such as Fitbit can be trusted to build a strong case in court. There are times that charges have been dismissed because the evidence was deemed insufficient [1]. Thus, the starting point of the alternative study would be to gather the kind of information the devices collect and how it could enable a stronger case in court. The devices log an individual’s daily activities, burned calories, heart rate, number of steps, as well as hours of sleep.

Such data is useful in investigations as it serves the purpose of proof to a criminal incident, to confirm an individual’s or their guilt. Investigators must discover and analyze all information for precision and credibility [3]. It is the role of an investigator to prove how a collection of data was accomplished and guarantee that it was not modified during the evaluation [4]. The paper aimed to understand the data obtained by the Fitbit devices, their handling, and how to obtain and analyze the devices with the help of open-source tools such as Autopsy Sleuth Kit.

Methodology

For the new study, the method used for qualitative and quantitative analysis would be document analysis and observation. The researchers in their methodology wished that an investigator understands the kind of data collected by Fitbit, where it is stored, and how to check its trustworthiness [2]. This is also important for the alternative study as the credibility of the data determines whether evidence could be viewed as substantial or not in court [5]. In document analysis, recorded communications and writings, such as books and case files, are studied to answer a research question [6]. A researcher aims to deduce relevant information that would help guide finding answers to the study’s issues.

For instance, in this case, court documents are assessed to identify whether there have been cases that have been solved with the data collected using electronic devices such as Fitbit. One of the key benefits of using this method is that it facilitates gathering an extensive quantity of credible data without necessarily questioning multiple individuals [7]. Regarding quantitative analysis, the ideal method would be questionnaires handed out only to digital forensic investigators [8]. The reason for involving only that group of individuals is that they are better positioned to offer information from their experience. The advantage is that it is easy to conduct. Past experiences of people who have worked in that field can help to understand whether the data can be trusted or not or to what length.

Recommendation

Cloud log analysis is the kind of method that would be ideal in collecting proof that cannot be dismissed in a court case. Collecting evidence plays a critical role in identifying and accessing information from multiple sources in the cloud setting for a forensic examination [9]. The proof is not kept in one physical computer, and it is circulated across other physical locations. Thus, if an incident happens, it is hard to find the proof gathered from virtual machines, servers, and browser artifacts [9]. It is also gathered via the analysis of log files, web browser artifacts, and cloud storage data collection.

Logging is viewed as a security control that aids in identifying incident violations, operational issues, and fraudulent happenings. It is primarily used to monitor a system plus investigation of different malicious activities [10]. This technique assists in identifying the foundation of proof produced from different gadgets, for instance, virtual machines, servers, and log files at various time breaks. The data is kept in multiple files, for example, the system as well as application logs, security and set up logs, web server logs, virtual machine logs, and network logs [11]. The benefits of choosing this mechanism to collect data include increased agility, improved performance and security, and multiple integrations.

Many cloud-based log management tools provide a simple setup that enables one to start log monitoring plus analysis quickly. One does not have to invest heavily at the start for log management [12]. Most of the tools also provide agentless log aggregation, making it easy to accomplish the aggregation [13]. In isolated cases, developers may need to copy plus paste simple scripts for the first logging setup [13]. When one compares the time and effort in the first setup with open source solutions, cloud-based logging provides major savings.

Also, in modern micro-services and container-based surroundings, log volumes increase at a fast rate. If a logging setup is not equipped to gather plus store the logs in real-time, one can lose them [14]. One needs to buffer the logs using a queuing service such as Kafka before getting processed by a log ingestion service. Nonetheless, even in case buffering plus ingestion function as anticipated, teams often experience difficulty indexing extensive data volumes with Elasticsearch [15]. One does not need to worry about the same issues with cloud-based log analyzers [16]. Most logging as service providers give easy scalability and high performance using distributed nodes for both searching and analyzing, which means one can reliably store plus analyze every log regardless of volume.

A log can have information concerning application as well as infrastructure performance. It would be bad if such information found its way into the hands of a malicious individual [17]. Suppose they get access to the logs because of a security lapse or misconfiguration. In that case, the availability of the applications and data credibility can be interfered with, which could hinder proper investigations [18]. It may even result in data breaches and associated compliance penalties at extreme levels. Cloud-based logging makes it easy to uniformly implement standard procedures for the transmission, storage, and access of logs across the whole setup. Lastly, cloud-based log management services also provide different features plus built-in integrations with other tools for alerting, collaboration, as well as visualization [19]. This guarantees that admins do not need to spend long hours configuring tools plus making them function in harmony [20]. For example, DevOps teams can incorporate their logging solution with tools such as HipChat for event summaries and receiving alerts.

Conclusion

The paper shows that digital forensics in law enforcement is useful in collecting extra proof after an occurrence to support charges against a suspect and avoid further happenings of that nature. Data recorded and stored in electronic devices such as Fitbit could help place suspects at crime scenes and uncover the intentions. Such has been done in the past and continues to happen, but the question remains whether the data is credible enough and to what extent it should be trusted. The original study aimed to examine plus map out advanced data that a forensic investigator can use in future investigations. For instance, data such as sleep hours, the number of steps, or the calories burned at a particular time interval can indicate what someone might have been doing during an incident.

Any electronic device can be attacked, and therefore, information gathered by a device can be compromised. So, instead of looking for other kinds of data utilized in investigations, it is better to choose another route. For instance, the alternative study aims to study the extent to which available data can be trusted to build a strong case in court. The paper also shows that cloud log analysis can help in ensuring that the data collected is credible. The benefits of choosing this mechanism to achieve all that include increased agility, improved performance and security, and multiple integrations. The paper also suggests different data collection methods that would be used in collecting information about the alternative study question, including document analysis and questionnaires. The two methods are used in qualitative and quantitative research analysis. The questionnaires are easy to distribute to a target group which is advantageous for the researchers. In contrast, document analysis helps to find answers from court cases that incorporate the use of data from wearable technology.

References

[1] E. Al-Masri, Y. Bai, and J. Li. “A fog-based digital forensics investigation framework for IoT systems.” 2018 IEEE International Conference on Smart Cloud (SmartCloud), pp. 196201, 2018, Web.

[2] A. Almogbil., A. Alghofaili, C. Deane, and T. Leschke. “Digital forensic analysis of Fitbit wearable technology: an investigator’s guide.” 2020 7th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/2020 6th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom), pp. 44-49, 2020. Web.

[3] F. Amato, A. Castiglione, G. Cozzolino, and F. Narducci. “A semantic-based methodology for digital forensics analysis.” Journal of Parallel and Distributed Computing, vol. 138, pp. 172-177, 2020. Web.

[4] H. Arshad, A. B. Jantan, and O. I. Abiodun. “Digital forensics: a review of issues in scientific validation of digital evidence”. Journal of Information Processing Systems, vol. 14, no. 2, pp. 346-376, 2018. Web.

[5] H.F. Atlam, A. Alenezi, M. O. Alassafi, A. A. Alshdadi, and G. B. Wills. “Security, cybercrime, and digital forensics for IoT.” In Principles of Internet of Things (IoT) Ecosystem: Insight Paradigm, ch. 22, pp. 551-577. Springer, Cham, 2020. Web.

[6] R. G. Casey, and K. Y. Wong. “Document-analysis systems and techniques.” In Image Analysis Applications, ch. 1, pp. 1-36. CRC Press, 2020. Web.

[7] J. W. Creswell, and J. D. Creswell. Research Design: Qualitative, Quantitative, and Mixed Methods Approaches. 5th ed. Sage, London, 2020.

[8] S. Grigaliunas, J. Toldinas, A. Venckauskas, N. Morkevicius and R. Damaševičius. “Digital evidence object model for situation awareness and decision making in digital forensics investigation.” IEEE Intelligent Systems, vol. 36, no. 5, pp. 39-48, 2021, Web.

[9] J. Hou, Y. Li, J. Yu, and W. Shi. “A survey on digital forensics in the Internet of Things.” IEEE Internet of Things Journal, vol. 7, no. 1, pp. 1-15, 2019. Web.

[10] D. P. Joseph, and J. Norman. “An analysis of digital forensics in cyber security.” In First International Conference on Artificial Intelligence and Cognitive Computing, ch. 67, pp. 701-708. Springer, Singapore, 2019. Web.

[11] S. Li, T. Qin, and G. Min. “Blockchain-based digital forensics investigation framework in the Internet of Things and social systems.” IEEE Transactions on Computational Social Systems, vol. 6, no. 6, pp. 1433-1441, 2019. Web.

[12] A. H. Lone, and R. N. Mir. “Forensic-chain: blockchain-based digital forensics chain of custody with PoC in Hyperledger Composer.” Digital Investigation, vol. 28, pp. 44-55, 2019. Web.

[13] M. M. Losavio, K. P. Chow, A. Koltay, and J. James. “The Internet of Things and the Smart City: legal challenges with digital forensics, privacy, and security.” Security and Privacy, vol. 1, no. 3, e23, 2018. Web.

[14] L. Luciano, I. Baggili, M. Topor, P. Casey, and F. Breitinger. “Digital forensics in the next five years.” Proceedings of the 13th International Conference on Availability, Reliability, and Security, no. 46, pp. 1-14, 2018. Web.

[15] R. Rizal, and M. Hikmatyar. “Investigation Internet of Things (IoT) Device using Integrated Digital Forensics Investigation Framework (IDFIF).” Journal of Physics: Conference Series, vol. 1179, no. 1, pp. 012140, 2019. Web.

[16] J. H. Ryu, P. K. Sharma, J. H. Jo, and J. H. Park. “A blockchain-based decentralized efficient investigation framework for IoT digital forensics.” The Journal of Supercomputing, vol. 75, no. 8, pp. 4372-4387, 2019. Web.

[17] S. Satpathy, C. Mallick, and S. K. Pradhan. “Big data computing application in digital forensics investigation and cyber security.” International Journal of Computer Science and Mobile Applications, pp. 129-136, 2018. Web.

[18] Y. H. Shayau, A. Asmawi, S. N. M. Rum, and N. A. M. Ariffin. “Digital Forensics Investigation Reduction Model (DIFReM) framework for Windows 10 OS.” 2019 IEEE 9th International Conference on System Engineering and Technology (ICSET), pp. 459-464, 2019. Web.

[19] M. Stoyanova, Y. Nikoloudakis, S. Panagiotakis, E. Pallis, and E. K. Markakis. “A survey on the internet of things (IoT) forensics: challenges, approaches, and open issues.” IEEE Communications Surveys and Tutorials, vol. 22, no. 2, pp. 1191-1221, 2020. Web.

[20] T. Wu, F. Breitinger, and I. Baggili. “IoT ignorance is digital forensics research bliss: a survey to understand IoT forensics definitions, challenges, and future research directions.” Proceedings of the 14th International Conference on Availability, Reliability, and Security, pp. 1-15, 2019. Web.