Development of Digital Forensic Framework for Anti-Forensic and Profiling Using Open Source Intelligence in Cyber Crime Investigation
Abstract
Abstract. Cybercrime is a crime that increases every year. The development of cyber crime occurs by utilizing mobile devices such as smartphones. So it is necessary to have a scientific discipline that studies and handles cybercrime activities. Digital forensics is one of the disciplines that can be utilized in dealing with cyber crimes. One branch of digital forensic science is mobile forensics which studies forensic processes on mobile devices. However, in its development, cybercriminals also apply various techniques used to thwart the forensic investigation process. The technique used is called anti-forensics.
Purpose: It is necessary to have a process or framework that can be used as a reference in handling cybercrime cases in the forensic process. This research will modify the digital forensic investigation process. The stages of digital forensic investigations carried out consist of preparation, preservation, acquisition, examination, analysis, reporting, and presentation stages. The addition of the use of Open Source Intelligence (OSINT) and toolset centralization at the analysis stage is carried out to handle anti-forensics and add information from digital evidence that has been obtained in the previous stage.
Methods/Study design/approach: This research will modify the digital forensic investigation process. The stages of digital forensic investigations carried out consist of preparation, preservation, acquisition, examination, analysis, reporting, and presentation stages. The addition of the use of Open Source Intelligence (OSINT) and toolset centralization at the analysis stage is carried out to handle anti-forensics and add information from digital evidence that has been obtained in the previous stage. By testing the scenario data, the results are obtained in the form of processing additional information from the files obtained and information related to user names.
Result/Findings: The result is a digital forensic phase which concern on anti-forensic identification on media files and utilizing OSINT to perform crime suspect profiling based on the evidence collected in digital forensic investigation phase.
Novelty/Originality/Value: Found 3 new types of findings in the form of string data, one of which is a link, and 7 new types in the form of usernames which were not found in the use of digital forensic tools. From a total of 408 initial data and new findings with a total of 10 findings, the percentage of findings increased by 2.45%.
References
[2] W. A. Al-Khater, S. Al-Maadeed, A. A. Ahmed, A. S. Sadiq, and M. K. Khan, "Comprehensive review of cybercrime detection techniques," IEEE Access, vol. 8, pp. 137293-137311, 2020, doi: 10.1109/ACCESS.2020.3011259.
[3] M. Gul and E. Kugu, "A survey on anti-forensics techniques," 2017 International Artificial Intelligence and Data Processing Symposium (IDAP), pp. 1-6, 2017, doi: 10.1109/IDAP.2017.8090341.
[4] I. Riadi, A. Yudhana, and M. C. F. Putra, "Forensic tool comparison on instagram digital evidence based on android with the nist method," Scientific Journal of Informatics, vol. 5, no. 2, pp. 235-247, 2018, doi: 10.15294/sji.v5i2.16545.
[5] H. Arshad, E. Omlara, I. O. Abiodun, and A. Aminu, "A semi-automated forensic investigation model for online social networks," Computers & Security, vol. 97, p. 101946, 2020, doi: 10.1016/j.cose.2020.101946.
[6] K. Budiman, N. Zaatsiyah, U. Niswah, and F. M. N. Faizi, "Analysis of sexual harassment tweet sentiment on twitter in Indonesia using naïve Bayes method through national institute of standard and technology digital forensic acquisition approach," Journal of Advances in Information Systems and Technology, vol. 2, no. 2, pp. 21-30, 2020, doi: 10.15294/jaist.v2i2.44305.
[7] R. Montasari, "A comprehensive digital forensic investigation process model," International Journal of Electronic Security and Digital Forensics, vol. 8, no. 4, pp. 285-302, 2016, doi: 10.1504/IJESDF.2016.079430.
[8] Y.-J. Jang and J. Kwak, "Digital forensics investigation methodology applicable for social network services," Multimedia Tools and Applications, vol. 74, pp. 5029-5040, 2015, doi: 10.1007/s11042-014-2061-8.
[9] S. Rekhis and N. Boudriga, "A system for formal digital forensic investigation aware of anti-forensic attacks," IEEE transactions on information forensics and security, vol. 7, no. 2, pp. 635-650, 2011, doi: 10.1109/TIFS.2011.2176117.
[10] H. Riaz and M. A. Tahir, "Analysis of VMware virtual machine in forensics and anti-forensics paradigm," 6th International Symposium on Digital Forensic and Security (ISDFS), pp. 1-6, 2018 2018, doi: 10.1109/ISDFS.2018.8355375.
[11] A. Magalhães and J. P. Magalhães, "Textractor: An OSINT tool to extract and analyse audio/video content," Innovation, Engineering and Entrepreneurship, vol. 505, pp. 3-9, 2019 2019, doi: 10.1007/978-3-319-91334-6_1.
[12] J. Pastor-Galindo, P. Nespoli, F. G. Mármol, and G. M. Pérez, "The not yet exploited goldmine of OSINT: Opportunities, open challenges and future trends," IEEE Access, vol. 8, pp. 10282-10304, 2020, doi: 10.1109/ACCESS.2020.2965257.
[13] D. Quick and K.-K. R. Choo, "Digital forensic intelligence: Data subsets and Open Source Intelligence (DFINT+ OSINT): A timely and cohesive mix," Future Generation Computer Systems, vol. 78, pp. 558-567, 2018, doi: 10.1016/j.future.2016.12.032.
[14] A. Al-Dhaqm, S. Abd Razak, R. A. Ikuesan, V. R. Kebande, and K. Siddique, "A review of mobile forensic investigation process models," IEEE access, vol. 8, pp. 173359-173375, 2020, doi: 10.1109/ACCESS.2020.3014615.
[15] S. Al-khateeb and N. Agarwal, "Social cyber forensics: leveraging open source information and social network analysis to advance cyber security informatics," Computational and Mathematical Organization Theory, vol. 26, no. 4, pp. 412-430, 2020, doi: 10.1007/s10588-019-09296-3.
[16] T. Tajuddin, A. Abd Manaf, N. F. Awang, S. R. M. Dawam, N. R. Ali, and R. Amat, "Crime Suspect Profiling (CSP) for forensic investigation on smartphone," 2019 4th International Conference and Workshops on Recent Advances and Innovations in Engineering (ICRAIE), pp. 1-6, 2019 2019, doi: 10.1109/ICRAIE47735.2019.9037772.
[17] J. K. Alhassan, R. T. Oguntoye, S. Misra, A. Adewumi, R. Maskeliūnas, and R. Damaševičius, "Comparative evaluation of mobile forensic tools," Proceedings of the International Conference on Information Technology & Systems (ICITS 2018), pp. 105-114, 2018 2018, doi: 10.1007/978-3-319-73450-7_11.
[18] M. Riskiyadi, "Investigasi forensik terhadap bukti digital dalam mengungkap cybercrime," Cyber Security dan Forensik Digital, vol. 3, no. 2, pp. 12-21, 2020, doi: 10.14421/csecurity.2020.3.2.2144.
[19] S. Soltani and S. A. H. Seno, "A survey on digital evidence collection and analysis," 7th International Conference on Computer and Knowledge Engineering (ICCKE), pp. 247-253, 2017 2017, doi: 10.1109/ICCKE.2017.8167885.
[20] A. P. Kuncoro, I. Riadi, and A. Luthfi, "Mobile forensics development of mobile banking application using static forensic," International Journal of Computer Applications, vol. 975, no. 1, 160, p. 8887, 2017.
[21] M. Goel and V. Kumar, "Layered framework for mobile forensics analysis," Proceedings of 2nd international conference on advanced computing and software engineering (icacse), 2019 2019, doi: 10.2139/ssrn.3351029.
