When finding nothing may be evidence of something: Anti-forensics and digital tool marks.
Sci Justice
; 59(5): 565-572, 2019 09.
Article
em En
| MEDLINE
| ID: mdl-31472802
ABSTRACT
There are an abundance of measures available to the standard digital device users which provide the opportunity to act in an anti-forensic manner and conceal any potential digital evidence denoting a criminal act. Whilst there is a lack of empirical evidence which evaluates the scale of this threat to digital forensic investigations leaving the true extent of engagement with such tools unknown, arguably the field should take proactive steps to examine and record the capabilities of these measures. Whilst forensic science has long accepted the concept of toolmark analysis as part of criminal investigations, 'digital tool marks' (DTMs) are a notion rarely acknowledged and considered in digital investigations. DTMs are the traces left behind by a tool or process on a suspect system which can help to determine what malicious behaviour has occurred on a device. This article discusses and champions the need for DTM research in digital forensics highlighting the benefits of doing so.
Palavras-chave
Texto completo:
1
Base de dados:
MEDLINE
Assunto principal:
Segurança Computacional
/
Intenção
/
Ciências Forenses
/
Compressão de Dados
/
Anonimização de Dados
/
Tecnologia Disruptiva
Idioma:
En
Ano de publicação:
2019
Tipo de documento:
Article