Abstract: On existing online shopping on the web, SSL and
password are usually used to achieve the secure trades. SSL shields
communication from the third party who is not related with the trade,
and indicates that the trader's web site is authenticated by one of the
certification authority. Password certifies a customer as the same
person who has visited the trader's web site before, and protects the
customer's privacy such as what the customer has bought on the site.
However, there is no forensics for the trades in those cased above.
With existing methods, no one can prove what is ordered by
customers, how many products are ordered and even whether
customers have ordered or not. The reason is that the third party has to
guess what were traded with logs that are held by traders and by
customers. The logs can easily be created, deleted and forged since
they are electronically stored. To enhance security with digital
forensics for electronic commerce on the web, I indicate a secure
method with cellular phones.
Abstract: Random Access Memory (RAM) is an important
device in computer system. It can represent the snapshot on how the
computer has been used by the user. With the growth of its
importance, the computer memory has been an issue that has been
discussed in digital forensics. A number of tools have been developed
to retrieve the information from the memory. However, most of the
tools have their limitation in the ability of retrieving the important
information from the computer memory. Hence, this paper is aimed
to discuss the limitation and the setback for two main techniques such
as process signature search and process enumeration. Then, a new
hybrid approach will be presented to minimize the setback in both
individual techniques. This new approach combines both techniques
with the purpose to retrieve the information from the process block
and other objects in the computer memory. Nevertheless, the basic
theory in address translation for x86 platforms will be demonstrated
in this paper.
Abstract: Due to availability of powerful image processing software
and improvement of human computer knowledge, it becomes
easy to tamper images. Manipulation of digital images in different
fields like court of law and medical imaging create a serious problem
nowadays. Copy-move forgery is one of the most common types
of forgery which copies some part of the image and pastes it to
another part of the same image to cover an important scene. In
this paper, a copy-move forgery detection method proposed based
on Fourier transform to detect forgeries. Firstly, image is divided to
same size blocks and Fourier transform is performed on each block.
Similarity in the Fourier transform between different blocks provides
an indication of the copy-move operation. The experimental results
prove that the proposed method works on reasonable time and works
well for gray scale and colour images. Computational complexity
reduced by using Fourier transform in this method.
Abstract: Cell phone forensics to acquire and analyze data in the
cellular phone is nowadays being used in a national investigation
organization and a private company. In order to collect cellular phone
flash memory data, we have two methods. Firstly, it is a logical
method which acquires files and directories from the file system of the
cell phone flash memory. Secondly, we can get all data from bit-by-bit
copy of entire physical memory using a low level access method. In
this paper, we describe a forensic tool to acquire cell phone flash
memory data using a logical level approach. By our tool, we can get
EFS file system and peek memory data with an arbitrary region from
Korea CDMA cell phone.
Abstract: In this paper, we propose novel algorithmic models
based on information fusion and feature transformation in crossmodal
subspace for different types of residue features extracted from
several intra-frame and inter-frame pixel sub-blocks in video
sequences for detecting digital video tampering or forgery. An
evaluation of proposed residue features – the noise residue features
and the quantization features, their transformation in cross-modal
subspace, and their multimodal fusion, for emulated copy-move
tamper scenario shows a significant improvement in tamper detection
accuracy as compared to single mode features without transformation
in cross-modal subspace.
Abstract: Large volumes of fingerprints are collected and stored
every day in a wide range of applications, including forensics, access
control etc. It is evident from the database of Federal Bureau of
Investigation (FBI) which contains more than 70 million finger
prints. Compression of this database is very important because of this
high Volume. The performance of existing image coding standards
generally degrades at low bit-rates because of the underlying block
based Discrete Cosine Transform (DCT) scheme. Over the past
decade, the success of wavelets in solving many different problems
has contributed to its unprecedented popularity. Due to
implementation constraints scalar wavelets do not posses all the
properties which are needed for better performance in compression.
New class of wavelets called 'Multiwavelets' which posses more
than one scaling filters overcomes this problem. The objective of this
paper is to develop an efficient compression scheme and to obtain
better quality and higher compression ratio through multiwavelet
transform and embedded coding of multiwavelet coefficients through
Set Partitioning In Hierarchical Trees algorithm (SPIHT) algorithm.
A comparison of the best known multiwavelets is made to the best
known scalar wavelets. Both quantitative and qualitative measures of
performance are examined for Fingerprints.
Abstract: As emails communications have no consistent
authentication procedure to ensure the authenticity, we present an
investigation analysis approach for detecting forged emails based on
Random Forests and Naïve Bays classifiers. Instead of investigating
the email headers, we use the body content to extract a unique writing
style for all the possible suspects. Our approach consists of four main
steps: (1) The cybercrime investigator extract different effective
features including structural, lexical, linguistic, and syntactic
evidence from previous emails for all the possible suspects, (2) The
extracted features vectors are normalized to increase the accuracy
rate. (3) The normalized features are then used to train the learning
engine, (4) upon receiving the anonymous email (M); we apply the
feature extraction process to produce a feature vector. Finally, using
the machine learning classifiers the email is assigned to one of the
suspects- whose writing style closely matches M. Experimental
results on real data sets show the improved performance of the
proposed method and the ability of identifying the authors with a
very limited number of features.
Abstract: Memory forensic is important in digital investigation.
The forensic is based on the data stored in physical memory that
involve memory management and processing time. However, the
current forensic tools do not consider the efficiency in terms of
storage management and the processing time. This paper shows the
high redundancy of data found in the physical memory that cause
inefficiency in processing time and memory management. The
experiment is done using Borland C compiler on Windows XP with
512 MB of physical memory.