![]() In live data acquisition, data is acquired from a computer that is already powered on (either locked or in sleep mode). From this perspective, data acquisition can be either categorized as live data acquisition or dead data acquisition. While data in some sources such hard drives remain unaltered and can be collected even after the system is shut down, data in some sources such as the RAM are highly volatile and dynamic and must therefore be collected in real-time. A fundamental factor to consider in the acquisition of forensic data is time. This enhances the admissibility of the acquired data or evidence in the court of law. Specifically, the acquisition methodology adopted must be verifiable and repeatable. However, investigators need to ensure that the acquisition methodology used is forensically sound. With the progress of technology, the process of data acquisition is becoming increasingly accurate, simple, and versatile. This information can then be analyzed to gain insight into a crime or incident. Finally the proposed framework was tested on a simulated case study.A process of imaging or collecting information using established methods from various media according to certain standards for their forensic value. Also, tracking the usage of USB devices for data theft was presented. This deals with the extracted evidence from relevant Windows Registry keys. It helps the investigator in the decision making phase about the evidence. This paper presents a proposed framework for digital crime investigation based on Fuzzy logic. Therefore, digital forensics based on Windows registry is considered as a hot research field. It stores all hardware and software configurations, user activities, and transactions. Fortunately, in Windows Operating systems, all users' transactions are stored in a central point which is known as Windows Registry. These data stored in unnoticeable tiny devices such as USB sticks which may lead to a muddled decision because of the tediousness of the investigation. The recent challenge is due to the big size of data that the investigator may deal with. The main goal of digital forensics is to extract accurate evidence which determines whether the convict is guilty or not. Since the lives of the persons are on the edge after being convicted in digital crimes. This study increases the knowledge of cloud storage forensics and the significance of registry analysis during digital investigations. The study explores different experimental setups for the forensic analysis and adopted an integrated conceptual digital forensic framework in the investigation process to detect relevant forensic artifacts from the registry of a windows 10 device. This study identifies relevant artifacts that can be forensically extracted from the registry of a window 10 device that accessed iDrive cloud storage. Therefore, there is a need to perform client-side forensics to be able to carry out forensic investigation on digital devices as related to the activities on cloud storage. The logs of malicious usages can be obtained from the cloud service providers for forensic investigations but the privacy issue among other factors make it difficult for such logs to be shared. ![]() These benefits can also be exploited by the cybercriminals to perform various criminal activities including storing and exchanging of illegal materials on cloud storage platforms. The accessibility of cloud storage over the internet as a result of cloud computing technology provides the opportunity to store, share and upload data online with the use of digital devices which can be accessed anytime and anywhere. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |