This article consists of 51 pages and 11247 words.
In order to have full access to this article, email us at thedocumentco@hotmail.co.uk
potential for recovery of forensic artifacts
3.1.3 Authentication of the evidence.
5.2 Requirements, Constraints and Scenarios.
7.1 Testing devices and platforms.
9.2 Social, Legal, Ethical and Professional Considerations.
Appendix A – Project Specification..
Appendix B – Interim Progress Report and Meeting Records.
Appendix C – Requirements Specification Document
Appendix E – Project Presentation..
Acknowledgements
potential for recovery of forensic artifacts, I would like to thank (write in your Professor’s name) for guiding me and giving me the opportunity to learn in depth about forensic computing. I would further like to thank the library management at Coventry University in fully abetting me in my thesis work and helping me whenever need be. It would have been difficult for me to undertake my research without their aid.
Last but not the least, I would like to express my gratitude to my parents who allowed me to pursue my Masters in Forensic Computing degree in United Kingdom and who also aided me financially and emotionally. I would also like to thank the Creator for helping me to achieve all the desired goals through the course of this project.
1. Introduction
Social networking sites have undoubtedly made communication and inter-connectivity amongst people across the globe easier but it has also accelerated criminal activities too. Facebook, leading social networking website, has abetted connection and sharing of personal information with friends and family alike. But the fact can’t be denied that Facebook has also indirectly led to an increase in criminal actions especially child grooming. In order to combat this dilemma at rise, potential for recovery of forensic artifacts forensic computing can put into use the study of Facebook artefacts that can easily be excavated from the desktop version of Facebook and the Facebook app.
This thesis will majorly focus on studying what Facebook evidences are, where they are located at and how these relics can be collected for the purpose of forensic computing. This thesis will intimately identify and analyse footprints of Facebook activities such as friend search, wall posts, comments on wall posts and chats and messages shared on Facebook by offenders with the victims. This thesis will also shed light on extracting these footprints from the Random Access Memory (RAM) on PCs, the PC’s browser cache files and the file dumps on the iPhone operating system, i-OS.
1.1 Background to the Project
With the technological boom that was experienced across the globe, inter-connectivity amongst modern world denizens has also sprung. Presently, social networking sites provide an approachable outlet to netizens to connect with anyone and everyone world over. Websites such as Facebook, Twitter and MySpace have effectively eased communication, potential for recovery of forensic artifacts especially Facebook. Created in the year 2004, Facebook is the result of efforts and hard work of Mark Zuckerberg, a Harvard graduate. Facebook has been created by Zuckerberg in order to abet easy and effective communication and sharing of personal information and data through digitally diagraming users’ real domain connections onto network domain.
Facebook can be accessed through the PC’s as well as through mobile phones, PDAS, IPods, etc. While the ease of Facebook accessibility has been conducive towards easier communication, potential for recovery of forensic artifacts it has also the deleterious aspect associated to it that it has made the communication between a victim and the offender easier causing child grooming and child sexual abuse specifically. Facebook has undeniably become an important tool in conducting the child grooming progress. The Facebook technologies, allow reprobates to contact children and even masquerade as children on the internet to gain their trust and cooperation. As understanding springs into the relationship over the time, offenders then tend to lull child victims into undertaking sexual conduct by slowly and steadily inculcating a sexual hint into the relationship.
This criminal dilemma can be curtailed by using forensic computing to study Facebook artefacts. A forensic investigator can use accessible online resources from Facebook in order to initiate an investigation to trace criminal undertakings of paedophiles. Timeline and wall post comments are able to provide geographical data of where any person was on a precise time. This critical data is notorious to reveal the identity of the person, his/her family and friends and other details not easily available otherwise. Therefore, in order to discover and combat felonious arrangements on Facebook, potential for recovery of forensic artifacts relics can be congregated from there and a scientific and criminological investigation can be prepared. Because Facebook is also accessible through mobile devices as well, the fact can’t be denied that criminals have now gained access to their prey via smartphones as well. Consequently, it is imperative that a forensic examination is executed on an offender’s smartphone as well to garner germane proof.
Consequently, child grooming that is occurring on and via Facebook can be effectively curbed by putting into use forensic computing to investigate Facebook artefacts. But it is essential to collect these artefacts from Facebook through the desktop version of Facebook as well as the Facebook app.
1.2 Project Objectives
With the increased chances of social grooming to occur on the highly popular social networking site, Facebook, the main objective of this thesis is to excavate evidences from Facebook of suspicious activities. The evidences will be garnered from both the Facebook desktop version as well as the Facebook app.
This thesis will majorly analyse the following objectives:
- What constitutes artefacts from Facebook?
- Where are the artefacts from Facebook located at?
- How can the artefacts from Facebook be excavated and collected for forensic computing?
These objectives can be further classified as:
- Identify and analyse footprints of the following Facebook activities:
- Friend search on Facebook
- Wall posts on Facebook
- Comments on wall posts on Facebook
- Facebook chat and messages
- Search and extract footprints relevant to Facebook from the following memory zones:
- The volatile memory i.e. RAM
- The browser cache files
- i-OS file system dumps
2 Literature Review
Associated to the increased complexity of the technology are various banes and boons. While technology especially computer and the internet has been conducive towards ease in communication, the fact can’t be denied that it has also abetted computer based crimes across the globe. In order to combat with the computer based crimes, computer technology has witnessed the birth of a new field of study, forensic computing. Forensic computing “is the process of identifying, preserving, analysing and presenting digital evidence in a manner that is legally acceptable” (McKemmish, 1999).
This school of thought encompasses within itself the ability to apply information technology to accumulate digital evidences. As Curtin (2006) adheres that the ability of forensic computing to assist in media and electronic devices analysis and data communication analysis has made it possible to effectively deal with network misuse and data interception. This can be done by monitoring data communications which in result helps to detect and deal with unlawful and criminal behaviour especially the accelerating cyber-crimes.
Cybercrimes are defined as “computer-mediated activities which are either illegal or considered illicit by certain parties and which can be conducted through global electronic networks” (Hale, 2002). Netizens irrespective of caste, creed and colour have often fallen prey to cybercrime. While previously age might have been a factor limiting the cyber users that were hunted down by cyber criminals but today even this difference has been eliminated, now that children are being readily victimised by internet based criminals. This is because the cyberspace in itself is a new and safe entity for predators to target children for criminal acts.
As per David et al. (2000), the unique characteristics of the cyber world such as connectivity, anonymity and data sharing has made it easier for criminals to target children and victimize them, usually without the child realizing it. It is relatively easier for the predator to initiate friendship with the children on the internet which is later conducive towards sharing of personal information, pictures and videos. For an online predator according to Lawrence & Magid (1992) it is easier to befriend a child and to undertake the grooming of that child. This has also become much easier for criminals because of social media specifically social websites that allow strangers to interact with one another.
Dewing (2010) defines social media as any internet based or mobile service that encourages user participation in online exchanges and communities. Services that can be considered to be a part of the social media platform are listed as follows:
a) Blogs: A blog is an online journal often…
Recent Comments