DETECTION OF CYBER-CRIMES VIA DIGITAL FORENSIC ARTIFACTS: AN IN-DEPTH ANALYSIS

Authors

  • Jaydevsinh B Vala Research scholar, Gujarat Technological University, Gujarat. Author
  • Vipul M Vekariya Dean FET, Parul University Vadodara, Gujarat. Author
  • Utsav Parekh Assistant Professor, Department of Forensic Medicine & Toxicology, All India Institute of Medical Sciences, Rajkot, Gujarat Author

DOI:

https://doi.org/10.48165/jfmt.2024.41.1.19

Keywords:

Artifacts, Cyber-crimes, Digital Forensics, Investigations

Abstract

Memory forensics has emerged as a pivotal aspect of digital forensics in the cybersecurity domain, particularly in light of the increasing prevalence of fileless malware that operates exclusively within a system’s RAM. This paper delves into the intricacies of memory forensics, highlighting the challenges and stages involved in the investigation process. The challenges discussed encompass the complexities of acquiring data from secure operating systems, ensuring the integrity of memory snapshots, and the inherently volatile nature of memory. The investigation stages outlined include identifying rogue processes, detecting anomalies, examining network artifacts, and conducting thorough investigations of RAM dumps. The findings underscore the critical role of memory forensics in unveiling evidence that remains elusive in traditional disk-based forensics, such as encrypted data and traces of fileless malware. The paper underscores the necessity for ongoing research and development in memory forensics to keep pace with the evolving tactics of cybercriminals and to refine the tools and techniques utilized in digital investigations. Recommendations for future research encompass the development of more sophisticated memory acquisition methods, the application of machine learning and artificial 

Downloads

Download data is not yet available.

References

RAND Corporation. Technological developments and the future of cybercrime. Available from: https:// www.rand.org/randeurope/research/projects/ technological-developments-cybercrime.

World Economic Forum. How cyber security is evolving with cyber-crime attacks. Available from: https://www.weforum.org/agenda/2021/11/cyber security-evolving-cyber-crime-attacks/

World Economic Forum. Fraud and cybercrime are the most common crimes committed against businesses. Available from: https://www.weforum.org/agenda/ 2022/07/fraud-cybercrime-financial-business/

NIST Publishes Review of Digital Forensic Methods | NIST. Available from: https://www.nist.gov/news events/news/2022/05/nist-publishes-review-digital forensic-methods

Best Practices Every Digital Forensics Expert Should Follow | Packetlabs. Available from: https:// www.packetlabs.net/best-practices-every-digital forensics-expert-should-follow/

Cybercrime Module 4 Key Issues: Standards and best practices for digital forensics | UNODC. Available from: https://www.unodc.org/e4j/en/cybercrime/module-4/ key-issues/standards-and-best-practices-for-digital forensics.html

National Institute of Justice. Digital Evidence and Forensics. Available from: https://nij.ojp.gov/topics/ articles/digital-evidence-and-forensics

Egyptian Journal of Forensic Sciences. Electronic evidence and its authenticity in forensic evidence. Available from: https://ejfs.springeropen.com/articles/ 10.1186/s41935-021-00222-

Qubes OS: A reasonably secure operating system. Available from: https://www.qubes-os.org/

Qubes, Whonix, or Tails: which Linux distro should you use for anonymity? Available from: https:// www.comparitech.com/blog/information-security/ qubes-whonix-tails-linux-distro-anonymity/

10 Most Secure Operating Systems. Available from: https://secureblitz.com/most-secure-operating systems/

Top 5 Secure Operating Systems for Privacy and Anonymity. Available from: https://www.stationx.net/ secure-operating-systems/

Forensics Colleges. A Guide to Digital Forensics and Cybersecurity Tools. Available from: https:// www.forensicscolleges.com/blog/resources/digital forensics-cybersecurity-tools

Cyber Insight. Forensic Analysis Tools: Comparing FTK and Autopsy. Available from: https:// cyberinsight.co/forensic-analysis-tools-comparing ftk-and-autopsy/

Autopsy. Digital Forensics. Available from: https:// www.autopsy.com/

Belkasoft. Belkasoft RAM Capturer: Volatile Memory Acquisition Tool. Available from: https:// belkasoft.com/ram-capturer

Infosec. Top 7 Computer Forensics Tools for Digital Evidence Collection. Available from: https://

resources.infosecinstitute.com/topic/top-7-computer forensics-tools-digital-evidence-collection/ 18. Magnet Forensics. Digital Forensics Tools: The Ultimate Guide (2022). Available from: https:// www.magnetforensics.com/blog/digital-forensics tools-the-ultimate-guide/

Nyholm H, Monteith K, Lyles S, Gallegos M, DeSantis M, Donaldson J, Taylor C. The Evolution of Volatile

Memory Forensics. J Cybersecur Priv. 2022;2(3):556- 572. doi: 10.3390/jcp2030028. Available from: https:// www.mdpi.com/2504-2289/2/3/28

Messina G. Computer Forensics: Memory Forensics. Infosec. 2019 Jul 6. Available from: https:// resources.infosecinstitute.com/topic/computer forensics-memory-forensics/

Downloads

Published

2024-06-30

Issue

Vol. 41 No. 1 (2024): Journal of Forensic Medicine and Toxicology (jan- june)

Section

Review Article

How to Cite

DETECTION OF CYBER-CRIMES VIA DIGITAL FORENSIC ARTIFACTS: AN IN-DEPTH ANALYSIS . (2024). Journal of Forensic Medicine and Toxicology, 41(1), 97-103. https://doi.org/10.48165/jfmt.2024.41.1.19