Hai-Cheng Chu

Live Data Mining Concerning Social Networking Forensics Based on a Facebook Session Through Aggregation of Social Data

Social Networking Service (SNS) emerges to be one of the most promising directions of web applications regarding the next generation of Internet technology evolutions. Substantively, innumerable global on-line community members share common interests with each other via the User Generated Content (UGC) platforms. Facebook is one of them and it facilitates the social networking participants to deliver the digital contents to authorized consumers or specific groups. As cybercrimes mushroom in recent years, more and more digital crime investigations have strong relations to Facebook. Unarguably, Facebook has been exploited via global perpetrators. Consequently, we spotlight on live data acquisition within the RAM of the desktop PC with emphasis on some distinct strings that could be found in order to reconstruct the previous Facebook session, which plays an extremely precious role for the associate digital forensics investigators to incubate additional thoughtful decisions concerning the discovery of breadcrumb digital evidences in this unparalleled cybercrime incidents era.

The Partial Digital Evidence Disclosure in Respect to the Instant Messaging Embedded in Viber Application Regarding an Android Smart Phone

As Android Operating System (OS) for smart phones become pervasive, more and more end users are taking advantage of the contemporary Instant Messaging (IM) tools with high availability and agile mobility. Unfortunately, the cyber criminals or hacktivists are abusing this state-of-the-art mobile communication gadget to fulfill illegal conspiracies. The content with regard to the IM is a critical success factor in cracking some complicated cyber crime cases in a timely manner. The paper significantly contributes to the research arena of Digital Forensics (DF) practitioners and researchers respecting partial digital evidence disclosure in a generic Viber session in Android mobile OS due to the commonness of IM under contemporary ubiquitous on-demand computing infrastructures. Being accumulated with sophisticated researches both in Android smart phones and the Viber Application Program (AP), this paper is capable of utilizing some specific search string in regard to the image of the Random Access Memory (RAM) in order to disclose the digital breadcrumb in terms of the received IM and the cellular phone number in previous Viber sessions as probative evidenced in a court of law.

Efficient identity authentication and encryption technique for high throughput RFID system

Radio Frequency Identification RFID technology provides a seamless link between physical world and the information system in cyber space. However, the emerging Internet of Things and cloud systems are full of security holes, which introduce new challenging security problems in both tag identification and data privacy. In this paper, we present efficient methods for identity authentication and data encryption to enhance RFID privacy. The proposed techniques aim to ensure no adversary interacting with the tags and the reader, to infer any information on a tags identity from the communication. The main idea, a symmetric cryptography technique, termed as Advanced Encryption Standard, was applied to implement both mutual authentication and data encryption between the front and back ends of RFID systems. The Advanced Encryption Standard cryptographic algorithm was adopted because of its low hardware complexity and high security strength. In addition, the proposed key management protocol is proved resistant to several known RFID attacks such as Man-in-the-Middle, Denial-of-Service, replay, clone attack, and backward/forward traceability. The computational time complexity of the proposed scheme through the entire identity authentication and data encryption phases is 3Tencrypt+1Tnonce+4Txor, which is superior to most existing approaches. The proposed scheme was also proved to be able to provide higher data encryption performance than other symmetric cryptographic algorithms with regard to the same level of security strength. Copyright

Digital evidence discovery of networked multimedia smart devices based on social networking activities

Unquestionably, networked multimedia smart devices are commonly adopted in contemporary ubiquitous wireless computing era with unprecedented evolving pace in terms of mobility, portability, and pervasiveness. Regrettably, those technology-oriented gadgets are phenomenally exploited by cyber criminals or get involved in computer-related incidents unknowingly. Substantively, the detection, prevention, and the related digital forensics of the above scenarios are becoming tremendously urgent both in public and private sectors. Therefore, in this research, we investigate the scenario when state-of-the-art wireless communication technologies are integrated with the networked smart devices where digital evidences may exist and they could be disclosed when appropriate standard operating procedures are suitably applied. Accordingly, in this paper, a PDA with the built-in GPS navigation functionality via the ubiquitous Wi-Fi connection to a popular social networking platform (facebook) is cross examined concerning the related digital evidence collecting and discovering in terms of revealing previous facebook user accounts on the mobile device without shutting off the power. The research provides a generic framework for the digital forensics specialists to contemplate when the networked smart devices are involved in the related criminal investigation cases especially when omnipresent social networking platforms are becoming the new avenue for the escalating, stringent, and heinous cybercrimes.

A partially reconstructed previous Gmail session by live digital evidences investigation through volatile data acquisition

The essence of this paper is to illustrate live data acquisition within the random access memory of a notebook trying to utilize the collected digital evidences in order to partially reconstruct previous Gmail session, which could be probative digital evidence in a court of law. The proposed framework is essentially crucial for the investigation of certain related cybercrimes on the basis of the digital breadcrumb trails being professionally disclosed and appropriately handled. Without loss of generality, the volatile data would vanish forever when the power of the computing devices is no longer sustainable. This research pinpoints the imminent threat of IT savvy cyber criminals and the corresponding counter procedures used to crack criminal cases if web-based e-mail utilities are essentially involved. This paper is focused on the prevalent e-mail utility, Gmail, as the research subject. At last, live digital evidence acquisition must be accurately fulfilled before the seizure of the computing devices in the crime scene to avoid irreversible investigation procedures which mean the digital evidences could be deleted, resulting in the loss of probative evidence. Copyright

The social networking investigation of metadata of forensic artifacts of a typical WeChat session under Windows

Digital forensics-related investigations have been a relative competitive research area by the computer specialists or law enforcement agency officers to confirm or refuse the assumptions with respect to the cybercrime scenes. WeChat is one of the most popular instant messaging application programs in contemporary age. While applying WeChat, there is precious information deposited in the computing devices that could be supportive evidences in a court of law. Hence, this research is focusing on the application of WeChat on the desktop PC under Windows 7 by means of the acquisition of volatile digital evidences in order to provide supporting information for some cybercrime cases. This paper provides generic investigation methods conducting forensic sound analysis on WeChat from the aspect of data volatility of the computing devices. By means of the proposed methodologies, the digital forensics specialists should be able to gather critical digital traces to confirm the previous actions of a WeChat user or even to reconstruct the crime scene to prove the suspect is guilty or innocent in a court of law. Copyright

The disclosure of evaporating digital trails respecting the combinations of Gmail and IE for pervasive multimedia

Unquestionably, the proliferation of mobile devices has dominated the main streams in contemporary ubiquitous wireless networks. Unfortunately, the misappropriating of those state-of-the-art gadgets has resulted in unprecedented information security issues in next generation cyberspace security arena. This paper illustrates the essence of generic procedures to provide the probative digital evidences for a typical Gmail Chat session in connection with the IE browser under different scenarios. When the computer-related information security issues arise with regard to the company, the corporate information incident response team should be able to disclose and preserve the evaporating digital trails following the right procedures to avoid the volatile characteristics in their natures. Furthermore, the design of the experiments of the paper identifies four cases to demonstrate the feasibility, availability, reliability, and traceability among them, which are essential for the corporate information security staffs to seriously consider when mushrooming cyber crimes are unknowingly and hastily burgeoning in an unparalleled manner. The organizations might have to scrutinize the negligible digital trails with cognitive expertise instead of entirely relying on law enforcement agencies from the public sectors due to the time constraints as well as publicity concerns or the minor computing resource policy violation unwarily occurred by the employees accordingly.

The digital forensics of GPS path records and the discovery of previous Facebook IDs on a Pocket PC PDA

Predominantly, because of the pervasiveness of information technology and the affordable and competitive prices of contemporary mobile computing devices, more and more personal navigation devices (PNDs) are substantively embedded with Global Positioning System (GPS) functionality and ubiquitous networks connectivity. Therefore, the digital forensics of PNDs digital evidences becomes an urgent research issue. Meanwhile, Facebook has become a globally foremost social networking service platform. Consequently, the discovery of previous Facebook IDs on PNDs has been focused in some criminal case investigations. This paper conducts the related experiments on a Pocket PC PDA to illustrate the essence of the research. Via the design of the experiments that were carried on the Pocket PC PDA, we concluded previous user(s) information concerning the digital forensics of Facebook user account(s) that might be disclosed on the current mobile computing device. The discussions and conclusions of the paper can provide digital forensics experts as paradigms or frameworks for future related criminal case investigations regarding GPS and social networking when Facebook is involved. Copyright

A Case Study for Forensic Investigation Concerning Malformed Flash Drive and Unknown Graphic Image Files

Under the UC infrastructures, hundreds of thousands of digital graphics images are distributed via mobile devices as well as PCs encompassing from on-line auctions to e-mail attachments. Although different graphics files are with distinct file formats, they contain unique characteristics within their file headers, which provide essential guidelines for DF specialists when they confront with the uncharted clues during the digital investigation. Nowadays, digital images are widely used in the Internet communicating activities and this raises the security issue alert due to the factor that Internet criminal behaviors are exhaustively spreading worldwide. Steganography is widely integrated with the graphics files, which is one kind of information hiding technique. Apparently, steganography was utilized to hide confidential messages or information in many occasions from leisure purpose to crime motivation or even the propagation of terrorism information using the Internet on-line forums as the platform. Only insiders or the DF specialists are capable of retrieving the invisible messages, which result in a great challenge to information security in FCC.