Current Challenges of Digital Forensics in Cyber Security

Current Challenges of Digital Forensics in Cyber Security

Abhishek Kumar Pandey (Babasaheb Bhimrao Ambedkar University, India), Ashutosh Kumar Tripathi (Babasaheb Bhimrao Ambedkar University, India), Gayatri Kapil (Babasaheb Bhimrao Ambedkar University, India), Virendra Singh (Babasaheb Bhimrao Ambedkar University, India), Mohd. Waris Khan (Babasaheb Bhimrao Ambedkar University, India), Alka Agrawal (Babasaheb Bhimrao Ambedkar University, India), Rajeev Kumar (Babasaheb Bhimrao Ambedkar University, India) and Raees Ahmad Khan (Babasaheb Bhimrao Ambedkar University, India)
Copyright: © 2020 |Pages: 16
DOI: 10.4018/978-1-7998-1558-7.ch003

Abstract

The digital age has undoubtedly revolutionized the life and work of people. However, this sheen of digital technology remains challenged by the spate of cybercrimes that imperil the privacy and data of the end-users. The alarming rise in cybercrimes has become a major concern for cyber specialists. In this grim context, digital forensics has emerged as a boon for cyber specialists because it has proven to be an effective means for investigating cyber-attacks. This chapter reviews the existing tools and approaches in the field of digital forensics in cybersecurity. This chapter also discusses the current challenges and problems that are faced by a forensic investigator. In addition, it enlists the different categories of digital forensics. The study concludes by underlining the importance and the need for extensive research in digital forensic tools.
Chapter Preview
Top

Digital Forensics In Different Perspective

Digital forensic has different domains and types for a different kind of analysis and identification procedure. Some are described below:-

Data Forensics

It deals with digital data. Data forensic is about the process of how to use the data or Metadata for investigation and find real evidence or truth. Data carving is a technique that is used in data forensic. Data carving is a process of retrieving data or files from the raw fragments. (Nadeem Alherbawi, 2013) Gave a detailed description of data carving and proposed a method of data craving to handle the fragmentation issue in the examination of data. Some standard tools for data forensics are shown in figure 1.

Figure 1.

Tree Structure of the Standard Tools

978-1-7998-1558-7.ch003.f01

Figure 1 shows some commonly used data for forensic tools including Bulk Extraction, EVTXtract, and Scalpet. Further, Bulk Extraction, EVTXtract, and Scalpet are used to analyze disk image, a file or a directory and extract any relevant data without changing the file system structure.

Cloud Forensics

Cloud forensics is a subpart of network forensics or in other words cloud forensic is a type of forensic which deals with the huge networks and is related to the investigation of the incident that is done by or over the cloud. The crimes done on the cloud are very difficult to examine because some classical and basic techniques of digital forensic examination do not work on the cloud environment and that's why cloud forensic is gaining more significance (Sonamjain, 2014). But there are limitations in cloud forensic examination. When the cloud is public, the physical access to the cloud is denied for the investigation team because of privacy issues (Burney A., 2016). This becomes a very tough task for the examiners as they cannot investigate the scene without physical accessibility. Some standard tools for cloud forensics which are used during the investigation have been shown in figure 2.

Figure 2.

Tree Structure of the Standard tools for Cloud Forensic

978-1-7998-1558-7.ch003.f02

Figure 2 shows some commonly used data for forensic tools including Frost and UFED Cloud Analyzer. Further, both Frost and UFED Cloud Analyzer tools are very valuable in cloud forensic examination. The basic works of tools are data acquired from API logs, Virtual Disk and gust firewall logs. These procedures of examination facilitate the tasks of the examiners.

Key Terms in this Chapter

Memory Forensics: Memory forensics is the art of analyzing computer memory (RAM) to solve digital crimes.

Android/Mobile Forensics: Mobile device forensics is a branch of digital forensics relating to recovery of digital evidence.

Anti-Forensic Techniques: Anti-forensics methods to ensure the privacy of one's personal data.

Network Forensics: Network forensics is a sub-branch of digital forensics relating to the monitoring and analysis of computer network traffic.

Data Forensics: Data forensics, also known as computer forensics, refers to the study or investigation of digital data and how it is created and used.

Cloud Forensics: Cloud Forensics is cross-discipline between cloud computing and digital forensics.

Complete Chapter List

Search this Book:
Reset