Skip to main content
main-content

Über dieses Buch

This book presents recent applications and approaches as well as challenges in digital forensic science. One of the evolving challenges that is covered in the book is the cloud forensic analysis which applies the digital forensic science over the cloud computing paradigm for conducting either live or static investigations within the cloud environment. The book also covers the theme of multimedia forensics and watermarking in the area of information security. That includes highlights on intelligence techniques designed for detecting significant changes in image and video sequences. Moreover, the theme proposes recent robust and computationally efficient digital watermarking techniques. The last part of the book provides several digital forensics related applications, including areas such as evidence acquisition enhancement, evidence evaluation, cryptography, and finally, live investigation through the importance of reconstructing the botnet attack scenario to show the malicious activities and files as evidences to be presented in a court.

Inhaltsverzeichnis

Frontmatter

Forensic Analysis in Cloud Computing

Frontmatter

Cloud Computing Forensic Analysis: Trends and Challenges

Computer forensics is a very important field of computer science in relation to computer, mobile and Internet related crimes. The main role of Computer forensic is to perform crime investigation through analyzing any evidence found in digital formats. The massive number of cybercrimes reported recently, raises the importance of developing specialized forensic tools for collecting and studying digital evidences in the digital world, in some situation even before they are lost or deleted. The emergence of the new Cloud Computing paradigm with its unique structures and various service models, had added more challenge to digital forensic investigators to gain the full access and control to the spread cloud resources. While, the current chapter starts to lay the importance of digital forensics as whole, it specially focuses on their role in cybercrimes investigations in the digital cloud. Therefore, the chapter goes through the definition of the basic concepts, structures, and service models of the cloud computing paradigm. Then, it describes the main advantages, disadvantages, challenges that face the digital forensic processes, and techniques that support the isolation and preservation of any digital evidences. Finally, the chapter stresses on a number of challenges in the cloud forensic analysis still open for future research.
Amira Sayed A. Aziz, Mohamed Mostafa Fouad, Aboul Ella Hassanien

Data Storage Security Service in Cloud Computing: Challenges and Solutions

Cloud computing is an emerging computing paradigm that is rapidly gaining attention as an alternative to other traditional hosted application models. The cloud environment provides on-demand, elastic and scalable services, moreover, it can provide these services at lower costs. However, this new paradigm poses new security issues and threats because cloud service providers are not in the same trust domain of cloud customers. Furthermore, data owners cannot control the underlying cloud environment. Therefore, new security practices are required to guarantee the availability, integrity, privacy and confidentiality of the outsourced data. This paper highlights the main security challenges of the cloud storage service and introduces some solutions to address those challenges. The proposed solutions present a way to protect the data integrity, privacy and confidentiality by integrating data auditing and access control methods.
Alshaimaa Abo-alian, Nagwa L. Badr, Mohamed Fahmy Tolba

Homomorphic Cryptosystems for Securing Data in Public Cloud Computing

No one could deny that Cloud Computing has always been the most amazing innovation over the last decade. It is a platform that hosts computing resources, either hardware or software, offering data storage in remote sites. Due to its numerous advantages, it is doubtless a promising perspective. It is available for all time over the internet, offers a low cost service, easy to maintain, environmentally friendly and has a tremendous performance. However, users and companies relying on this technique have always struggled with the lack of security and privacy in the platform, especially when dealing with critical data storage and transfer. Moreover, even if users encrypt their messages in advance, the cloud service provider ought to decrypt it first in order to carry out different operations which can be a considerable risk, since clouds are not fully trusted. So, to solve this problem, a new encryption manner came along, it is the homomorphic encryption. Using this technique, a cloud service provider can perform different operations on the cipher text without the need to decrypt it. Thus security and confidentiality are guaranteed. The main purpose of this chapter is to discuss the concepts and significance of homomorphic cryptosystems along with the different techniques such as the Fully Homomorphic Encryption (FHE) and the Somewhat Homomorphic Encryption (SHE) and also the related works based on these techniques.
Nihel Msilini, Lamri Laouamer, Bechir Alaya, Chaffa Hamrouni

An Enhanced Cloud Based View Materialization Approach for Peer-to-Peer Architecture

Cloud computing is considered as a technology paradigm shift as it enables users to save both development and deployment time. It also reduces the operational costs of using and maintaining systems and applications by using only what you want. Moreover, it allows usage of any resources with elasticity instead of predicting workloads. There are many technologies that can be merged with Cloud computing to gain more benefits. One of these technologies is data warehousing, which can benefit from this trend when it’s used to save large amounts of data with unpredictable sizes and if used in distributed environments. In this paper, a Cloud based view allocation algorithm is presented to enhance the performance of the data warehousing system over a Peer-to-Peer architecture. The proposed approach improves the allocation of the materialized views on cloud peers. It also reduces the cost of the dematerialization process and furthermore, the proposed algorithm saves the transfer cost by distributing the free space based on the required space to store the views and on the placement technique.
M. E. Megahed, Rasha M. Ismail, Nagwa L. Badr, Mohamed Fahmy Tolba

Distributed Database System (DSS) Design Over a Cloud Environment

An efficient way to improve the performance of database systems is the distributed processing. Therefore, the functionality of any distributed database system is highly dependent on its proper design in terms of adopted fragmentation, allocation, and replication methods. As a result, fragmentation including its allocation and replication is considered as a key research area in the distributed environment. Cloud computing is an emerging distributed environment that uses central remote servers and the internet to maintain data and applications. This research presents an enhanced dynamic distributed database system over a cloud environment. The proposed system allows fragmentation, allocation and replication decisions to be taken dynamically at run time. It also allows users to access the distributed database from anywhere. Moreover, this research presents an enhanced allocation and replication technique that can be applied at the initial stage of the distributed database design when no information about the query execution is available. It also presents different clustering techniques and their advantages and disadvantages.
Ahmed E. Abdel Raouf, Nagwa L. Badr, Mohamed Fahmy Tolba

A New Stemming Algorithm for Efficient Information Retrieval Systems and Web Search Engines

Stemming algorithms (stemmers) are used to convert the words to their root form (stem); this process is used in the pre-processing stage of the Information Retrieval Systems. The Stemmers affect the indexing time by reducing the size of index file and improving the performance of the retrieval process. There are several stemming algorithms; the most widely used is the Porter Stemming Algorithm because of its efficiency, simplicity, speed and also its ease at handling exceptions. However there are some drawbacks, although many attempts were made to improve its structure but they were incomplete. This paper provides efficient information on the retrieval technique as well as proposes a new stemming algorithm called the Enhanced Porter’s Stemming Algorithm (EPSA). The objective of this technique is to overcome the drawbacks of the Porter algorithm and improve web searching. The EPSA was applied to two datasets to measure its performance. The result shows improvement of precision over the original Porter algorithm while realizing approximately the same recall percentages.
Safaa I. Hajeer, Rasha M. Ismail, Nagwa L. Badr, Mohamed Fahmy Tolba

Forensics Multimedia and Watermarking Techniques

Frontmatter

Face Recognition via Taxonomy of Illumination Normalization

Presently, the difficulty in managing illumination over the face recognition techniques and smooth filters has emerged as one of the biggest challenges. This is due to differences between face images created by illuminations which are always bigger than the inter-person that usually be used for identities’ recognition. No doubt, the use of illumination technique for face recognition is much more popular with a greater number of users in various applications in these days. It is able to make applications that come with face recognition as a non-intrusive biometric feature becoming executable and utilizable. There are tremendous efforts put in developing the illumination and face recognition by which numerous methods had already been introduced. However, further considerations are required such as the deficiencies in comprehending the sub-spaces in illuminations pictures, intractability in face modelling as well as the tedious mechanisms of face surface reflections as far as face recognition and illumination concerned. In this study, few illuminations have been analyzed in order to construct the taxonomy. This covers the background and previous studies in illumination techniques as well the image-based face recognition over illumination. Data was obtained from the year of 1996 through 2014 out of books, journals as well as electronic sources that would share more on the advantageous and disadvantageous, the current technique’s performance as well as future plan.
Sasan Karamizadeh, Shahidan M. Abdullah, Mazdak Zamani, Jafar Shayan, Parham Nooralishahi

Detecting Significant Changes in Image Sequences

In this chapter the authors propose an overview on contemporary artificial intelligence techniques designed for change detection in image and video sequences. A variety of image features have been analyzed for content presentation at a low level. In attempt towards high-level interpretation by a machine, a novel approach to image comparison has been proposed and described in detail. It utilizes techniques of salient point detection, video scene identification, spatial image segmentation, feature extraction and analysis. Metrics implemented for image partition matching enhance performance and quality of the results, which has been proved by several estimations. The review on estimation measures is also given along with references to publicly available test datasets. Conclusion is provided in relation to trends of future development in image and video processing.
Sergii Mashtalir, Olena Mikhnova

VW16E: A Robust Video Watermarking Technique Using Simulated Blocks

The basic idea for video watermarking technique is concealing information in the video host for different purposes including authentication and tamper detection. The most common approach for concealing information in the video host is spatial domain. This paper focuses on video watermarking; particularly with respect to the Audio Video Interleaved (AVI) form of video file format in spatial domain by simulating blocks. It proposes a new watermarking technique that gives a high imperceptibility and efficient tamper detection compared to the other similar schemes.
Farnaz Arab, Mazdak Zamani

A Robust and Computationally Efficient Digital Watermarking Technique Using Inter Block Pixel Differencing

The growth of internet coupled with the rise in networked infrastructure has resulted in exponential increase in the multimedia content being shared over the communication networks. The advancement in technology has resulted in increase in multimedia piracy. This is due to the fact that it is very easy to copy, duplicate and distributes multimedia content using current day technology. In such a scenario Digital Rights Management is one of the prominent issues to be dealt with and tremendous work is going on in this direction round the globe. Digital watermarking and fingerprinting have emerged as fundamental technologies to cater to DRM issues. These technologies have been found to be of prominent use in content authentication, copy protection, copyright control, broadcast monitoring and forensic applications. Various requirements of a digital watermarking system include Imperceptibility, Robustness, Security, Payload and Computational complexity. The main requirement of real time DRM systems is lesser computational complexity and high robustness. This chapter proposes and analyses a robust and computational efficient Image watermarking technique in spatial domain based on Inter Block Pixel Difference (IBPD). The cover image is divided into 8 × 8 non overlapping blocks and difference between intensities of two pixels of adjacent blocks at predefined positions is calculated. Depending upon the watermark bit to be embedded; both the pixels are modified to bring the difference in a predefined zone. The experimental results reveal that the proposed scheme is capable of providing high quality watermarked images in addition to being robust to various singular and hybrid image processing and geometrical attacks like Salt and Pepper noise, Gaussian noise, Sharpening, Compression, Rotation and Cropping etc. Further the implementation of the scheme in pixel domain reduces the computational complexity drastically and makes the proposed scheme an ideal candidate for real time applications.
Shabir A. Parah, Javaid A. Sheikh, Nazir A. Loan, G. M. Bhat

JPEG2000 Compatible Layered Block Cipher

Multimedia security is ever demanding area of research covering different aspects of electrical engineering and computer science. In this chapter, our main focus is encryption of JPEG2000 compatible images. Though both stream and block cipher have been investigated in the literature, but this chapter provides a detailed study of block cipher as applied to images, since JPEG2000 generates various subband sizes as blocks. In the first section, we briefly define various encryption components like wavelet transform, bit plane decomposition, XOR operation, artificial neural network, seed key generator and chaotic map functions, for interest of the reader. Later in Sect. 2, we present literature review of various encryption techniques from two perspectives: applications to highlight scope of research in this domain; and approaches to provide overall view of multimedia encryption. The section three provides a new two-layer encryption technique for JPEG2000 compatible images. The first step provides a single layer of encryption using a neural network to generate a pseudo-random sequence with a 128-bit key, which XORs with bit planes obtained from image subbands to generate encrypted sequences. The second step develops another layer of encryption using a cellular neural network with a different 128-bit key to develop sequences with hyper chaotic behavior. These sequences XOR with selected encrypted bit planes (obtained in step 1) to generate doubly-encrypted bit planes. Finally, these processed bit planes go through reverse process, followed by inverse wavelet transform to generate encrypted image. In order to test this approach, the section four presents commonly adopted testing criteria like 0/1 balancedness, NIST statistical test, correlation and histogram tests done on seed generator and encrypted images to demonstrate robustness of the proposed approach. It is also shown that the key size is above 256 bits.
Qurban A. Memon

Digital Forensic Applications

Frontmatter

Data Streams Processing Techniques

Many modern applications in several domains such as sensor networks, financial applications, web logs and click-streams operate on continuous, unbounded, rapid, time-varying streams of data elements. These applications present new challenges that are not addressed by traditional data management techniques. For the query processing of continuous data streams, we consider in particular continuous queries which are evaluated continuously as data streams continue to arrive. The answer to a continuous query is produced over time, always reflecting the stream data seen so far. One of the most critical requirements of stream processing is fast processing. So, parallel and distributed processing would be good solutions. This paper gives (i) Analysis to the different continuous query processing techniques. (ii) A comparative study for the data streams execution environments. (iii) Finally, we propose an integrated system for processing data streams based on cloud computing which apply continuous query optimization technique on cloud environment.
Fatma Mohamed, Rasha M. Ismail, Nagwa L. Badr, Mohamed Fahmy Tolba

Evidence Evaluation of Gait Biometrics for Forensic Investigation

Due to the unprecedented growth of security cameras and impossibility of manpower to supervise them, the integration of biometric technologies into surveillance systems would be a critical factor for the automation of security and forensic analysis. The use of biometrics for people identification is considered as a vital tool during forensic investigation. Forensic biometrics concerns the use of biometric technologies to primarily determine whether the identity of the perpetrator recorded during the crime scene can be identified or exonerated via a matching process against a list of suspects. The suitability of gait recognition for forensic analysis emerges from the fact that gait can be perceived at distance from the camera even with poor resolution. The strength of gait recognition is its non-invasiveness nature and hence does not require the subject to cooperate with the acquisition system. This makes gait identification ideal for situations where direct contact with the perpetrator is not possible.
Imed Bouchrika

Formal Acceptability of Digital Evidence

In this chapter author will try to explain the concept of acceptability of digital evidence, and presents the research results on the subject of acceptability of digital evidence in courts in Bosnia and Herzegovina. The purpose is to gain insight into the manner in which judges resonate during making decision on the (not)acceptability of digital evidence, and explore current situation when acceptability and maintaining the chain of custody comes in question. Within the chapter results of preliminary research conducted at the courts in Bosnia and Herzegovina will be presented, on the subject of a digital evidence acceptability in criminal procedure. At the end of chapter will be proposed a model which can help and support forensic investigator, court experts and finally the judges to decide of admissibility of digital evidence more clearly and systematically, using scientific methods and tools.
Jasmin Cosic

A Comprehensive Android Evidence Acquisition Framework

Android is the most popular operating system among all smart phones. This popularity increased the chances that, an Android phone be involved in a crime, either in possession of a criminal or in possession of a victim. There are many techniques exist which help the investigator to gather and extract evidence from the Android smart phones. Each of these techniques has some advantages, disadvantages, and limitations. Therefore the investigator should have knowledge of all available data acquisition techniques. The data that can be potential evidence presents in different part of an Android device. Therefore during the forensic acquisition process, the order of volatility should be considered. In this study we introduced a comprehensive framework for data acquisition from Android smart phones. Then we described the details of each step.
Amir Sadeghian, Mazdak Zamani

A New Hybrid Cryptosystem for Internet of Things Applications

The Internet of Things or ‘‘IoT’’ defines a highly interconnected network of heterogeneous devices where all kinds of communications seem to be possible. As a result, the security requirement for such network becomes critical whilst these devices are connected. Today, all commercial applications will be performed via Internet; even the office environment is now extending to employ’s home. This chapter presents a new proposed cyber security scheme for IoT to facilitate additional level of security through the involvement of a new level of key-hierarchy. In this chapter, we present the closed system environment, the proposed scheme, the services provided, the exchange of message format, and the employed four level key-hierarchies. We use application level security for selectively securing information to conserve power and increase computational speed which is useful for IoT and wireless applications. The analysis of the proposed scheme is discussed based on the strength of symmetric algorithms such as RSA and AES algorithms.
Ashraf Darwish, Maged M. El-Gendy, Aboul Ella Hassanien

A Practical Procedure for Collecting More Volatile Information in Live Investigation of Botnet Attack

Nowadays because of the growth of internet usage in all over the world, users of this global service are faced with many different threats. Attackers are trying to improve their methods in order to penetrate the users’ machines to misuse their systems and their information. Most of the cyber-crimes are the result of one attack to a user or a network of many users. One of the important attacks in this area is Botnet which is controlling some compromised computers by an attacker remotely in terms of specific victim. This study tries to propose and implement a procedure in order to extract information and footprints of infected system with Botnet in order to reconstruct the Botnet attack and prepare a digital evidence package which shows the malicious activities and malicious files of this attack to present in a court.
Yashar Javadianasl, Azizah Abd Manaf, Mazdak Zamani
Weitere Informationen

Premium Partner

BranchenIndex Online

Die B2B-Firmensuche für Industrie und Wirtschaft: Kostenfrei in Firmenprofilen nach Lieferanten, Herstellern, Dienstleistern und Händlern recherchieren.

Whitepaper

- ANZEIGE -

Best Practices für die Mitarbeiter-Partizipation in der Produktentwicklung

Unternehmen haben das Innovationspotenzial der eigenen Mitarbeiter auch außerhalb der F&E-Abteilung erkannt. Viele Initiativen zur Partizipation scheitern in der Praxis jedoch häufig. Lesen Sie hier  - basierend auf einer qualitativ-explorativen Expertenstudie - mehr über die wesentlichen Problemfelder der mitarbeiterzentrierten Produktentwicklung und profitieren Sie von konkreten Handlungsempfehlungen aus der Praxis.
Jetzt gratis downloaden!

Bildnachweise