Search results for " Forensics"

showing 10 items of 30 documents

Hypervisor Memory Introspection and Hypervisor Based Malware Honeypot

2020

Memory acquisition is a tool used in advanced forensics and malware analysis. Various methods of memory acquisition exist. Such solutions are ranging from tools based on dedicated hardware to software-only solutions. We proposed a hypervisor based memory acquisition tool. [22]. Our method supports ASLR and Modern operating systems which is an innovation compared to past methods [27, 36]. We extend the hypervisor assisted memory acquisition by adding mass storage device honeypots for the malware to cross and propose hiding the hypervisor using bluepill technology.

021110 strategic defence & security studiesAtomicitySoftware_OPERATINGSYSTEMSHoneypotComputer science0211 other engineering and technologiesHypervisor02 engineering and technologycomputer.software_genreVirtualizationMemory forensicsMass storage0202 electrical engineering electronic engineering information engineeringOperating systemMalware020201 artificial intelligence & image processingMalware analysiscomputer
researchProduct

Safety Protocols for Forensic Inspections in the Time of COVID-19: An Approach to Protect Practitioners

2022

The COVID-19 pandemic has impacted the entire world in ways that were unimaginable in 2019. It has changed how professionals work and interact with one another. To ensure the safety of experts and attorneys, forensic inspection procedures must evolve while still providing a reliable foundation for expert testimony. Traditional field inspections require attendees to be physically present and in generally close proximity. Inspecting artifacts may also require that individual components be serially examined by multiple experts, which increases the risk of transmitting the disease. The authors propose a new approach to forensic inspections aimed at protecting consultants from the biological ris…

2019-20 coronavirus outbreakCoronavirus disease 2019 (COVID-19)business.industrySevere acute respiratory syndrome coronavirus 2 (SARS-CoV-2)Energy Engineering and Power Technologymedicine.diseaseInspection Feeds COVID-19 Forensics Three-dimensional displays Safety ProtocolsIndustrial and Manufacturing EngineeringSettore ING-IND/33 - Sistemi Elettrici Per L'EnergiaControl and Systems EngineeringMedicineMedical emergencyElectrical and Electronic Engineeringbusiness
researchProduct

Shot-dead CT-virtopsy: our experience

2016

Learning objectives Background Findings and procedure details Conclusion Personal information References

Computer Applications-GeneralComputer Applications-Virtual imaginggenetic structuresComputer Applications-3DForensic / Necropsy studies CT Computer Applications-3D Computer Applications-General Computer Applications-Virtual imaging ForensicseducationForensic / Necropsy studiesCTForensics
researchProduct

Experiencing with electronic image stabilization and PRNU through scene content image registration

2021

Abstract This paper explores content-based image registration as a means of dealing with and understanding better Electronic Image Stabilization (EIS) in the context of Photo Response Non-Uniformity (PRNU) alignment. A novel and robust solution to extrapolate the transformation relating the different image output formats for a given device model is proposed. This general approach can be adapted to specifically extract the scale factor (and, when appropriate, the translation) so as to align native resolution images to video frames, with or without EIS on, and proceed to compare PRNU patterns. Comparative evaluations show that the proposed approach outperforms those based on brute-force and p…

Computer scienceElectronic image stabilizationImage registrationContext (language use)Camera and video source identification02 engineering and technology01 natural sciencesMultimedia forensicsArtificial Intelligence0103 physical sciences0202 electrical engineering electronic engineering information engineeringComputer vision010306 general physicsImage registrationSettore ING-INF/05 - Sistemi Di Elaborazione Delle InformazioniNative resolutionImage registration Electronic Image Stabilization PRNU Camera and video source identification Multimedia forensicsSettore INF/01 - Informaticabusiness.industryPRNUTracking systemScale factorImage stabilizationIdentification (information)Transformation (function)Signal Processing020201 artificial intelligence & image processingComputer Vision and Pattern RecognitionArtificial intelligencebusinessSoftware
researchProduct

Coping with uncertainty in the assessment of atmospheric pollution with lichen transplants

2019

In the assessment of atmospheric deposition using lichen transplants, coping with uncertainty is mandatory in cases of environmental forensics, when understanding whether an area is polluted or not, or tracing a given pollution source is of paramount importance. In this article, we have suggested a method based on the calculation of exposed-to-control ratios of element concentrations and on the quantification of the overall uncertainty associated with such calculation, which proved to be very robust and can be applied in most cases using a minimum of three replicates. The method allowed the selection of significantly accumulated elements i.e. those polluting the site under study, as well as…

Coping (psychology)010504 meteorology & atmospheric sciencesenvironmental forensicsAtmospheric pollutionHeavy metals010501 environmental sciencesManagement Monitoring Policy and Law01 natural sciencesAir quality; biomonitoring; environmental forensics; heavy metalsAir qualitybiomonitoringBiomonitoringEnvironmental scienceheavy metalsWater resource managementLichenWaste Management and DisposalAir quality indexenvironmental forensic0105 earth and related environmental sciencesEnvironmental Forensics
researchProduct

Strukturētu datu grafu vizualizācija virtuālā realitātē kā rīks lai asistētu noziegumu digitālā izmeklēšanā

2022

Maģistra darbā „Strukturētu datu grafu vizualizācija virtuālā realitātē kā rīks lai asistētu noziegumu digitālā izmeklēšanā” tiek apskatīti pētījumi par datu apstrādes metodēm digitālā izmeklēšanā un datu attēlošanas paņēmieniem. Darba mērķis ir, balstoties uz pētījumu analīzi, izstrādāt reālus un funkcionējošus, divus savstarpēji atkarīgus, rīku prototipus, kas veiktu kriminālprocesa laikā izgūto datu apstrādi, izveidojot starp tām saistības, vienā un veiktu skaidru un saprotamu apstrādāto datu attēlošanu otrā.

Datu attēlošanaData processingDigital forensicsDatorzinātneDatu apstrādeDigitālā izmeklēšana
researchProduct

Event Reconstruction

2014

Event reconstruction is one of the most important step in digital forensic investigations. It allows investigators to have a clear view of the events that have occurred over time. Event reconstruction is a complex task which requires exploration of a large amount of events due to the pervasiveness of new technologies nowadays. Any evidence produced at the end of the investigative process must also meet the requirements of the courts, such as reproducibility, verifiability, validation, etc. After defining the most important concepts of event reconstruction, a survey of the challenges of this field and solutions proposed so far is given in this chapter. Irish Research Council Science Foundati…

EngineeringDigital ForensicEmerging technologiesProcess (engineering)[INFO.INFO-OH]Computer Science [cs]/Other [cs.OH]Digital forensicsEvent Reconstruction02 engineering and technologyField (computer science)Task (project management)[INFO.INFO-CY]Computer Science [cs]/Computers and Society [cs.CY]020204 information systemsMachine learning0202 electrical engineering electronic engineering information engineeringEvent reconstructionbusiness.industryStatisticsDigital holography020207 software engineeringData science[ INFO.INFO-CY ] Computer Science [cs]/Computers and Society [cs.CY][INFO.INFO-OH] Computer Science [cs]/Other [cs.OH][INFO.INFO-CY] Computer Science [cs]/Computers and Society [cs.CY]Terahertz imaging[ INFO.INFO-OH ] Computer Science [cs]/Other [cs.OH]State (computer science)businessSparsity
researchProduct

PROVA TECNICA E CONTRADDITTORIO NEL PROCESSO PENALE

2023

When science and the criminal process come into contact, cognitive mechanisms are set in motion aimed at reorganizing knowledge belonging to worlds other than the legal one. In this context, the actors of the trial scene are forced to move on a hybrid terrain in which judicial epistemology and scientific epistemology mix. Such a fascinating picture pushes the scholar of the criminal process to seek interpretations suitable for explaining the multiple dilemmas that the phenomenon entails. Starting from a historical-legislative excursus of the expert evidence, the proposed analysis examines the different channels through which expert knowledge enters the process, starting from the investigati…

Expert witness right to confrontation cross examination scientific epistemology judicial epistemology digital forensics forensic genetics investigations best practices freedoms and fundamental rights of the person BARD system of the controls of the decisionSettore IUS/16 - Diritto Processuale Penale
researchProduct

FISH: Face Intensity-Shape Histogram representation for automatic face splicing detection

2019

Abstract Tampered images spread nowadays over any visual media influencing our judgement in many aspects of our life. This is particularly critical for face splicing manipulations, where recognizable identities are put out of context. To contrast these activities on a large scale, automatic detectors are required. In this paper, we present a novel method for automatic face splicing detection, based on computer vision, that exploits inconsistencies in the lighting environment estimated from different faces in the scene. Differently from previous approaches, we do not rely on an ideal mathematical model of the lighting environment. Instead, our solution, built upon the concept of histogram-ba…

ExploitComputer scienceLighting environmentContext (language use)02 engineering and technologyImage Forensics Scene level analysis Geometric Constraints Lighting environment Face splicing detectionHistogram0202 electrical engineering electronic engineering information engineeringMedia TechnologyComputer visionElectrical and Electronic EngineeringRepresentation (mathematics)Settore ING-INF/05 - Sistemi Di Elaborazione Delle InformazioniIdeal (set theory)Scene level analysisSettore INF/01 - Informaticabusiness.industryImage forensicContrast (statistics)020207 software engineeringGeometric constraintFace (geometry)Signal Processing020201 artificial intelligence & image processingFace splicing detectionComputer Vision and Pattern RecognitionArtificial intelligencebusinessScale (map)
researchProduct

Hypervisor memory acquisition for ARM

2021

Abstract Cyber forensics use memory acquisition in advanced forensics and malware analysis. We propose a hypervisor based memory acquisition tool. Our implementation extends the volatility memory forensics framework by reducing the processor's consumption, solves the in-coherency problem in the memory snapshots and mitigates the pressure of the acquisition on the network and the disk. We provide benchmarks and evaluation.

Hardware_MEMORYSTRUCTURESComputer scienceHypervisorcomputer.software_genreMemory forensicsComputer Science ApplicationsPathology and Forensic MedicineMedical Laboratory TechnologyData_FILESOperating systemMemory acquisitionVolatility (finance)Malware analysisLawcomputerInformation SystemsForensic Science International: Digital Investigation
researchProduct