DOCSLIB.ORG

Models in Collaborative and Distributed Digital Investigation in the World of Ubiquitous Computing and Communication Systems

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Models in Collaborative and Distributed Digital Investigation in the World of Ubiquitous Computing and Communication Systems Models in Collaborative and Distributed Digital Investigation In the World of Ubiquitous Computing and Communication Systems Michael Losavio, Deborah Keeling and Michael Lemon Abstract Ubiquitous computing and communication systems produce ubiquitous electronic evidence of use in many disciplines. For law enforcement, the use of digital evidence has expanded beyond electronic child exploitation materials into other traditional areas of criminal justice, including homicide, robbery and narcotics trafficking. This expanded utility is also available to any information community in need of historical data. But the growth in the distribution and volume of this information and its storage media create challenges for collection and the validation of reliability. Several ad hoc and distributed models for investigative process may assist both law enforcement and the curation and archival communities. We examine and discuss the data from these models and the future of distributing digital forensic expertise for broad use. Authors Michael Losavio teaches on computer engineering and criminal justice issues at the University of Louisville and has taught in Egypt and Mexico. His J.D. is from Louisiana State University. Dr. Deborah Keeling received her Ph.D. from Purdue University in sociology and is chair of the Department of Justice Administration of the University. Her research interests are in democratic policing in Europe and Asia and electronic crime. Michael Lemon is a detective for the Bowling Green (Ky) Police Department and a M.S. student in digital forensics at the University of Central Florida. 1. Introduction Ubiquitous computing permeates the world. The number of cell phones exceeds the U.S. population.1 With the proliferation of digital technology comes a commensurate growth in transactional and content- related electronic information. This creates unprecedented opportunities for the collection of electronic evidence.2 Criminologist James Allen Fox of Northeastern University attributes, in part, the 2011 decline 1 Kang, Cecilia, “Number of cellphones exceeds U.S. population: CTIA trade group,” Washington Post Tech Blog, October 11, 2011, http://www.washingtonpost.com/blogs/post-tech/post/number-of-cell-phones-exceeds-us- population-ctia-trade-group/2011/10/11/gIQARNcEcL_blog.html (accessed December 20, 2011) 2 It also presents an unprecedented means of automated surveillance of citizens, an issue of civil liberties and authoritarian oppression of greater and greater importance in violent crimes in the United States to improvements in digital investigation and electronic surveillance.3 Issues of digital investigation are not confined to criminal justice. One survey of divorce attorneys of the American Academy of Matrimonial Lawyers found that two- thirds of members used the social networking site Facebook as a primary source of digital evidence for divorce proceedings; the strong majority noted an increase in the use of such evidence over the past several years.4 And this extends far beyond criminal investigations into civil forensics, data analytics and, indeed, the ways needed to preserve and validate the memory of the world for future generations. Duranti,5 Endicott-Popovsky and others have explored the application of digital forensics to the “born-digital” world as a crucial domain for preserving truth in an electronic world. Kirshchenbaum, Ovenden and Redwine have systematically addressed the relationship of digital forensics and born-digital data for cultural heritage.6 Digital forensic systems could solve key issues facing archivists with electronic information, such as data recovery and discovery, authentication and accessioning. Yet, there are shared challenges across all of these disciplines for the effective use of digital forensics in a world of ubiquitous computing. The responses of the law enforcement community may aid all disciplines in meeting them. Law enforcement digital forensics needs have grown with the ubiquity of electronic evidence associated with all types of criminal investigations. Many investigators now look for digital evidence in any case. Either through training, conversations with other investigators or television, use of digital evidence is becoming more and more common in police work. Officers now seek digital evidence as they would surveillance videos, fingerprints and DNA. One fetal abduction/murder investigation shows the value of digital forensics to any investigation.7 The female suspect presented to the local emergency room with a newborn child. When she was examined the ER staff notice the infant had organs attached that should still be in the mother if the mother were still alive. This led to an investigation of what actually occurred. The examination of the suspect’s computer and cell phone found a scheme to acquire an infant. Evidence from the computer showed contacts with several pregnant females on social media sites and searches of the Internet for how to do a home Caesarean section delivery of a baby. She claimed to help single mothers during their pregnancy. One person seemed to have more contact with the suspect than others; this person and the suspect talked about meeting on the day of suspect’s “delivery.” The suspect’s cell phone contained the digital trail from that point. Text messages between the pregnant female and the suspect showed her planning to pick up the female and take her shopping for baby clothes. After the planned time to meet, the texting goes quiet for two hours. The suspect then texts her husband pictures of her new baby which she “delivered” in her vehicle. 3 Devlin, Barrett., “Crime Down Across Nation,” Wall Street Journal (Online) [New York, N.Y] 20 Dec 2011 4 Margaret M. DiBianca, Ethical Risks Arising from Lawyers’ Use of (and Refusal to Use) Social Media, 12 Del. L. Rev. 179, 183 (2011) (citing Am. Acad. of Matrimonial Lawyers, Big Surge in Social Networking Evidence Says Survey of Nation’s Top Divorce Lawyers, (Feb. 10, 2010)). 5 Duranti, Luciana, “From Digital Diplomatics to Digital Records Forensics”, Archivaria 68 (Fall): 39-66 (2009); Duranti, Luciana and Endicott-Popovsky,” Digital Records Forensics: A New Science and Academic Program for Forensics Readiness,” 5 Journal of Digital Forensics, Security and Law 2 (2010) 6 Matthew G. Kirschenbaum, Richard Ovenden, Gabriela Redwine (research assistance from Rachel Donahue) Digital Forensics and Born-Digital Content in Cultural Heritage Collections, Council on Library and Information Resources, December, 2010, http://www.clir.org/pubs/abstract/reports/pub149 (accessed July 23, 2012) 7 Barrouquere, Brett, “Kentucky woman sentenced for death of expectant mom,” Associated Press, http://www.kentucky.com/2012/03/02/2091640/kentucky-woman-sentenced-for-death.html (Accessed August 24, 2012) 2 Eventually she confessed and showed where she had immobilized the victim, bound her and removed the baby from the victim’s abdomen. The digital evidence identified the victim, confirmed that the suspect was not pregnant, located the victim and showed premeditation. This case demonstrates how digital evidence can be interwoven into the fabric of most types of criminal investigation. But time, funding or access needed for a thorough digital forensics examination are concerns in all cases, whether law enforcement or civil authorities. A two-tier technical problem continues to create backlogs in examinations despite the ever-increasing power of forensic computers. Without a solution to these problems the forensic examinations will face continuing challenges as to resources. First, the increase in the average size of hard drives in the typical digital case is outpacing the speed and processing power of the forensic computers.8 What was once considered an extra-large hard drive a few years ago now comes standard on most computers. But the power of computer processors and their ability to examine more data in less time has failed to grow at a similar rate. Any benefit a new forensic computer gives the examiner in its ability to process more data at a faster rate may be lost due to new larger hard drives that take longer to process. The second issue has been the proliferation and ubiquity of mobile devices. A few years ago a typical case contained one computer and, perhaps, some type of external media. Now the average adult has more than one type of electronic device; a typical case contains multiple items like a laptop computer, cell phone, tablet computer and related media. Each cell phone may potentially be broken down into three pieces of evidence: the cellular device, a SIM card and a SD card. Each item can contain data and must be examined separately. A cellular device overall could have up to 64 GB of data stored locally and 32 GB stored on the external media. The cell device examination alone may address 100 GB of information. Various models of collaborative and distributed digital investigation have been discussed and implemented for addressing this growth in ubiquitous electronic evidence. One example is the Regional Computer Forensic Laboratory (RCFL) program of the United States Federal Bureau of Investigation (FBI), involving regional collaborations of the FBI with state, regional and local law enforcement to provide centralized, highly trained digital forensic services. The laboratories are designed to provide centralized access to expertise and services in digital forensics. Yet as the demand for digital forensic services has grown, so has the need to develop and expand such expertise to local agencies. The
Load more

Recommended publications
  • DEC 2016 Part C.Pdf
    Page | 1 CBRNE-TERRORISM NEWSLETTER – December 2016 www.cbrne-terrorism-newsletter.com Page | 2 CBRNE-TERRORISM NEWSLETTER – December 2016 Christmas market terror attacks by ISIS and al-Qaeda feared throughout Europe Source: http://www.mirror.co.uk/news/world-news/christmas-market-terror-attacks-isis-9318520 Nov 23 – Terrorists are planning a wave of against jihadist groups, other European Christmas attacks throughout Europe, targeting equivalents have been less successful, sadly. shopping areas and crowded market-places to “This means the entire continent is vulnerable maximise casualties. to attack as we have seen in France, Germany The main groups plotting Yuletide blood-letting and Belgium but particularly in the run-up to are Islamic State and al-Qaeda and UK Christmas. intelligence agencies and counter-terror police “It is a Christian period of festivities, bring are on high-alert. together large crowds of soft target civilians It comes as Islamic State loses ground in Iraq and will attract attention from those who wish to with a massive assault on its Mosul stronghold inflict harm.” and attacks are already weakening its Syrian The threat level to Britain for international HQ Raqqa. terrorism has been at “severe” since 2014, French counter-terror police last weekend meaning that an attack is “highly likely,” seized seven suspects allegedly awaiting although a known plot is not underway. delivery of an arms cache for an assault on Sources have told the Daily Mirror that police in civilians. Counter Terror Command and MI5 officers The people arrested in Marseilles and have “never been under so much pressure” to Strasbourg were of French, Morroccan and stop an attack.
    [Show full text]
  • Una Nueva Categoría De Homicidios Por Causas Personales Según El FBI Secuestro* “In Utero” O Rapto Fetal (Fetal Abduction)
    Una nueva categoría de homicidios por causas personales según el FBI secuestro* “in utero” o rapto fetal (fetal abduction) According to the FBI this is a new category of homicide for personal causes, in utero kidnapping or fetal abduction Autor: Susana P. García Roversi DOI: https://doi.org/10.25058/1794600X.104 Revista Misión Jurídica / ISSN 1794-600X / E-ISSN 2661-9067 Vol. 8 - Núm. 9/ Julio - Diciembre de 2015 / pp. 177 - 196 UNA NUEVA CATEGORÍA DE HOMICIDIOS POR CAUSAS PERSONALES SEGÚN EL FBI. SECUESTRO* “IN UTERO” O RAPTO FETAL (FETAL ABDUCTION)** ACCORDING TO THE FBI THIS IS A NEW CATHEGORY OF HOMICIDE FOR PERSONAL CAUSES, IN UTERO KIDNAPPING OR FETAL ABDUCTION UMA NOVA CATEGORIA DE ASSASSINATO POR MOTIVOS PESSOAIS, DE ACORDO COM O FBI SEQUESTRO "IN UTERO" OU RAPTO FETAL (FETAL ABDUCTION) Susana P. García Roversi a [email protected] Fecha de recepción: 6 de julio de 2015 Fecha de revisión: 12 de agosto de 2015 Fecha de aceptación: 18 de agosto de 2015 RESUMEN Este delito consiste en el secuestro de un bebé nonato por medio de una extracción coercitiva del vientre materno en una macabra réplica, primitiva y brutal, de un procedimiento de cesárea. La madre, generalmente, es atraída por la delincuente –99 % mujeres– con engaños y falsas promesas de ayuda, luego de sumir a la madre en la inconsciencia, la perpetradora corta su vientre –literalmente–, extrae el nonato y se lo lleva con fines de apropiación. Las futuras madres son asesinadas –antes o después del proceso–, o mueren * La autora no está de acuerdo con la figura de “secuestro” o de “rapto”; en su opinión se trata, simple, llana y cruelmente hablando, de robo de fetos o nonatos, en concurrencia con el homicidio de la madre.
    [Show full text]
  • Kuwait Gathers GCC Ambassadors SEE PAGE 9 2 Friday Local Friday, December 18, 2020
    FREE Established 1961 Friday ISSUE NO: 18312 JAMADA ALAWWAL 3, 1442 AH FRIDAY, DECEMBER 18, 2020 MPs call for probe over suspected France’s Macron tests Australian Open gets February start 8 forgery in speaker election 15 positive for COVID 37 as virus hits second Slam season Kuwait gathers GCC Ambassadors SEE PAGE 9 2 Friday Local Friday, December 18, 2020 Why I’m choosing Why I am choosing to vaccinate not to vaccinate SCRIBBLER’S NOTEBOOK JUST KIDDIN’, SERIOUSLY By Jamie Etheridge By Sahar Moussa [email protected] [email protected] understanding of the universe, our natural uwait is now gearing up for a t is a fact that since March, when view this vaccine as a solution to many world and ourselves incredible gains over nationwide vaccine campaign, the COVID-19 caught the world off guard, problems, according to Al-Qabas Arabic the last few centuries. until this day, many people have lost daily, 46 percent of Kuwaitis said they will recently approved I K Still a thousand years from now, if their health, lives, loved ones or jobs due to refuse to take the vaccine, 39 percent said Pfizer/BioNTech vaccine for SARS- humans continue to exist, they may look the pandemic. Since then, many pharma- they will take it, while 15 percent are not COVID-19. The Ministry of Health has back on our methods and think them ill- ceutical companies have been trying their sure. already begun registration on its website, conceived and fueled by misunderstanding, best to find a vaccine against the coron- You might ask what this vaccine is, or where anyone in Kuwait can register.
    [Show full text]
  • Combating Terrorism: Evolving Asian Perspectives Editor: Shruti Pandalai
    COMBATING TERRORISM Evolving Asian Perspectives COMBATING TERRORISM Evolving Asian Perspectives Editor Shruti Pandalai INSTITUTE FOR DEFENCE STUDIES & ANALYSES NEW DELHI PENTAGON PRESS LLPLLP Combating Terrorism: Evolving Asian Perspectives Editor: Shruti Pandalai First Published in 2019 Copyright © Institute for Defence Studies and Analyses, New Delhi ISBN 978-93-86618-81-8 All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without first obtaining written permission of the copyright owner. Disclaimer: The views expressed in this book are those of the authors and do not necessarily reflect those of the Institute for Defence Studies and Analyses, or the Government of India. Published by PENTAGON PRESS LLP 206, Peacock Lane, Shahpur Jat New Delhi-110049 Phones: 011-64706243, 26491568 Telefax: 011-26490600 email: [email protected] website: www.pentagonpress.in In association with Institute for Defence Studies and Analyses No. 1, Development Enclave, New Delhi-110010 Phone: +91-11-26717983 Website: www.idsa.in Printed at Avantika Printers Private Limited. Contents Foreword ix Acknowledgements xiii List of Abbreviations xv List of Tables and Figures xix Introduction xxi India’s Quest for a Global Convention on Combating Terrorism: An Overview of Regional Responses and Recurring Challenges Shruti Pandalai SECTION ONE NORMS AND THE GLOBAL WAR ON TERROR: CHALLENGES FOR ASIA Special Insight
    [Show full text]
  • A Descriptive Study of Patterns in Fetal Abductions Kerry E
    Regis University ePublications at Regis University All Regis University Theses Fall 2012 Fetal Attraction: a Descriptive Study of Patterns in Fetal Abductions Kerry E. Arquette Regis University Follow this and additional works at: https://epublications.regis.edu/theses Part of the Criminology and Criminal Justice Commons Recommended Citation Arquette, Kerry E., "Fetal Attraction: a Descriptive Study of Patterns in Fetal Abductions" (2012). All Regis University Theses. 245. https://epublications.regis.edu/theses/245 This Thesis - Open Access is brought to you for free and open access by ePublications at Regis University. It has been accepted for inclusion in All Regis University Theses by an authorized administrator of ePublications at Regis University. For more information, please contact [email protected]. Regis University College for Professional Studies Graduate Programs Final Project/Thesis Disclaimer Use of the materials available in the Regis University Thesis Collection (“Collection”) is limited and restricted to those users who agree to comply with the following terms of use. Regis University reserves the right to deny access to the Collection to any person who violates these terms of use or who seeks to or does alter, avoid or supersede the functional conditions, restrictions and limitations of the Collection. The site may be used only for lawful purposes. The user is solely responsible for knowing and adhering to any and all applicable laws, rules, and regulations relating or pertaining to use of the Collection. All content in this Collection is owned by and subject to the exclusive control of Regis University and the authors of the materials. It is available only for research purposes and may not be used in violation of copyright laws or for unlawful purposes.
    [Show full text]
  • Brewington Move Is Likely Next Step for Sumter School District
    Brewington move is likely next step for Sumter School District ternative instructional program, Davis Elementary School campus, Alternative program was which was housed at Mayewood, is which is less than two miles away, still operational on campus a next step to work on. this school year. However, Brew- Hamm and Canty spoke last ington Academy, the district’s al- of Mayewood this year week after the district’s board of ternative school for middle and trustees voted 5-3-1 on Monday to high school children with disciplin- BY BRUCE MILLS SUNDAY, MAY 19, 2019 $1.75 approve the administration’s new ary issues, remained open on the [email protected] financial recovery plan to include Mayewood campus after adminis- SERVING SOUTH CAROLINA SINCE OCTOBER 15, 1894 middle school students remaining tration couldn’t find a suitable fa- With the closure of Mayewood at this year’s newly named R.E. cility to house the program last Middle School now settled, Sumter Davis K-8 College Preparatory year. School District Interim Superinten- Academy. Brewington’s enrollment fluctu- dent Debbie Hamm and school After the school board voted to ates because it’s considered a board Chairman the Rev. Ralph close Mayewood in April 2018, mid- Canty say moving the district’s al- dle-schoolers moved to the R.E. SEE BREWINGTON, PAGE A9 4 SECTIONS, 26 PAGES | VOL. 124, NO. 150 IN TODAY’S EDITION ‘My policeman’ See you at the festival Our guide lists event and entertainment schedules, pageant winners and more for this year’s Iris Festival LOCAL Edgy ‘Avenue Q’ play opens Thursday A5 PHOTOS BY MICAH GREEN / THE SUMTER ITEM Senior Cpl.
    [Show full text]
  • Fetal Attraction: a Descriptive Study of Patterns in Fetal Abductions Kerry E
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by ePublications at Regis University Regis University ePublications at Regis University All Regis University Theses Fall 2012 Fetal Attraction: a Descriptive Study of Patterns in Fetal Abductions Kerry E. Arquette Regis University Follow this and additional works at: https://epublications.regis.edu/theses Part of the Criminology and Criminal Justice Commons Recommended Citation Arquette, Kerry E., "Fetal Attraction: a Descriptive Study of Patterns in Fetal Abductions" (2012). All Regis University Theses. 245. https://epublications.regis.edu/theses/245 This Thesis - Open Access is brought to you for free and open access by ePublications at Regis University. It has been accepted for inclusion in All Regis University Theses by an authorized administrator of ePublications at Regis University. For more information, please contact [email protected]. Regis University College for Professional Studies Graduate Programs Final Project/Thesis Disclaimer Use of the materials available in the Regis University Thesis Collection (“Collection”) is limited and restricted to those users who agree to comply with the following terms of use. Regis University reserves the right to deny access to the Collection to any person who violates these terms of use or who seeks to or does alter, avoid or supersede the functional conditions, restrictions and limitations of the Collection. The site may be used only for lawful purposes. The user is solely responsible for knowing and adhering to any and all applicable laws, rules, and regulations relating or pertaining to use of the Collection. All content in this Collection is owned by and subject to the exclusive control of Regis University and the authors of the materials.
    [Show full text]
  • 40Th Annual Meeting
    AMERICAN ACADEMY OF PSYCHIATRY AND THE LAW 40TH ANNUAL MEETING October 29 - November 1, 2009 Baltimore, Maryland The American Academy of Psychiatry and the Law is accredited by the Accreditation Council for Continuing Medical Education (ACCME) to sponsor continuing medical education for physicians. The American Academy of Psychiatry and the Law designates this educational activity for a maximum of 31.75 AMA PRA Category 1 Credits™. Physicians should only claim credit commensurate with the extent of their participation in the activity. Fortieth Annual Meeting American Academy of Psychiatry and the Law October 29 - November 1, 2009 Baltimore, Maryland OFFICERS OF THE ACADEMY Patricia R. Recupero, MD, JD Brian Crowley, MD President Councilor Stephen B. Billick, MD Annette L. Hanson, MD President-Elect Councilor Jagannathan Srinivasaraghavan, MD Stuart A. Anfang, MD Vice President Councilor Jeffrey D. Janofsky, MD Mark Hauser, MD Immediate Past President Councilor Victoria L. Harris, MD, MPH Susan Hatters Friedman, MD Secretary Councilor Debra A. Pinals, MD Robert L. Trestman, MD, PhD Treasurer Councilor Liza H. Gold, MD Robert Weinstock, MD Councilor Councilor Alec W. Buchanan, MD, PhD Councilor PAST PRESIDENTS Jeffrey S. Janofsky, MD 2007-08 Richard T. Rada, MD 1990-91 Alan R. Felthous, MD 2006-07 Joseph D. Bloom, MD 1989-90 Robert I. Simon, MD 2005-06 William H. Reid, MD, MPH 1988-89 Robert T.M. Phillips, MD, PhD 2004-05 Richard Rosner, MD 1987-88 Robert Wettstein, MD 2003-04 J. Richard Ciccone, MD 1986-87 Roy J. O’Shaughnessy, MD 2002-03 Selwyn M. Smith, MD 1985-86 Larry H. Strasburger, MD 2001-02 Phillip J.
    [Show full text]