With the rapid advancement of visual generative models such as Generative Adversarial Networks(GANs)and stable Diffusion,the creation of highly realistic Deepfake through automated forgery has significantly progressed...With the rapid advancement of visual generative models such as Generative Adversarial Networks(GANs)and stable Diffusion,the creation of highly realistic Deepfake through automated forgery has significantly progressed.This paper examines the advancements inDeepfake detection and defense technologies,emphasizing the shift from passive detection methods to proactive digital watermarking techniques.Passive detection methods,which involve extracting features from images or videos to identify forgeries,encounter challenges such as poor performance against unknown manipulation techniques and susceptibility to counter-forensic tactics.In contrast,proactive digital watermarking techniques embed specificmarkers into images or videos,facilitating real-time detection and traceability,thereby providing a preemptive defense againstDeepfake content.We offer a comprehensive analysis of digitalwatermarking-based forensic techniques,discussing their advantages over passivemethods and highlighting four key benefits:real-time detection,embedded defense,resistance to tampering,and provision of legal evidence.Additionally,the paper identifies gaps in the literature concerning proactive forensic techniques and suggests future research directions,including cross-domain watermarking and adaptive watermarking strategies.By systematically classifying and comparing existing techniques,this review aims to contribute valuable insights for the development of more effective proactive defense strategies in Deepfake forensics.展开更多
The smart home platform integrates with Internet of Things(IoT)devices,smartphones,and cloud servers,enabling seamless and convenient services.It gathers and manages extensive user data,including personal information,...The smart home platform integrates with Internet of Things(IoT)devices,smartphones,and cloud servers,enabling seamless and convenient services.It gathers and manages extensive user data,including personal information,device operations,and patterns of user behavior.Such data plays an essential role in criminal inves-tigations,highlighting the growing importance of specialized smart home forensics.Given the rapid advancement in smart home software and hardware technologies,many companies are introducing new devices and services that expand the market.Consequently,scalable and platform-specific forensic research is necessary to support efficient digital investigations across diverse smart home ecosystems.This study thoroughly examines the core components and structures of smart homes,proposing a generalized architecture that represents various operational environments.A three-stage smart home forensics framework is introduced:(1)analyzing application functions to infer relevant data,(2)extracting and processing data from interconnected devices,and(3)identifying data valuable for investigative purposes.The framework’s applicability is validated using testbeds from Samsung SmartThings and Xiaomi Mi Home platforms,offering practical insights for real-world forensic applications.The results demonstrate that the proposed forensic framework effectively acquires and classifies relevant digital evidence in smart home platforms,confirming its practical applicability in smart home forensic investigations.展开更多
The integration of phytochemistry into forensic science has emerged as a groundbreaking frontier,providing unprecedented insights into nature's secrets through the precise application of phytochemical fingerprinti...The integration of phytochemistry into forensic science has emerged as a groundbreaking frontier,providing unprecedented insights into nature's secrets through the precise application of phytochemical fingerprinting of phytotoxins as a cutting-edge approach.This study explores the dynamic intersection of phytochemistry and forensic science,highlighting how the unique phytochemical profiles of toxic plants and their secondary metabolites,serve as distinctive markers for forensic investigations.By utilizing advanced techniques such as Ultra-High-Performance Liquid Chromatography(UHPLC)and High-Resolution Mass Spectrometry(HRMS),the detection and quantification of plant-derived are made more accurate in forensic contexts.Real-world case studies are presented to demonstrate the critical role of plant toxins in forensic outcomes and legal proceedings.The challenges,potential,and future prospects of integrating phytochemical fingerprinting of plant toxins into forensic science were discussed.This review aims to illuminate phytochemical fingerprinting of plant toxins as a promising tool to enhance the precision and depth of forensic analyses,offering new insights into the complex stories embedded in plant toxins.展开更多
Images and videos play an increasingly vital role in daily life and are widely utilized as key evidentiary sources in judicial investigations and forensic analysis.Simultaneously,advancements in image and video proces...Images and videos play an increasingly vital role in daily life and are widely utilized as key evidentiary sources in judicial investigations and forensic analysis.Simultaneously,advancements in image and video processing technologies have facilitated the widespread availability of powerful editing tools,such as Deepfakes,enabling anyone to easily create manipulated or fake visual content,which poses an enormous threat to social security and public trust.To verify the authenticity and integrity of images and videos,numerous approaches have been proposed,which are primarily based on content analysis and their effectiveness is susceptible to interference from various image or video post-processing operations.Recent research has highlighted the potential of file containers analysis as a promising forensic approach that offers efficient and interpretable results.However,there is still a lack of review articles on this kind of approach.In order to fill this gap,we present a comprehensive review of file containers-based image and video forensics in this paper.Specifically,we categorize the existing methods into two distinct stages,qualitative analysis and quantitative analysis.In addition,an overall framework is proposed to organize the exiting approaches.Then,the advantages and disadvantages of the schemes used across different forensic tasks are provided.Finally,we outline the trends in this research area,aiming to provide valuable insights and technical guidance for future research.展开更多
Genetic genealogy provides crucial insights into the complex biological relationships within contemporary and ancient human populations by analyzing shared alleles and chromosomal segments that are identical by descen...Genetic genealogy provides crucial insights into the complex biological relationships within contemporary and ancient human populations by analyzing shared alleles and chromosomal segments that are identical by descent to understand kinship,migration patterns,and population dynamics.Within forensic science,forensic investigative genetic genealogy(FIGG)has gained prominence by leveraging next-generation sequencing technologies and population-specific genomic resources,opening useful investigative avenues.In this review,we synthesize current knowledge,underscore recent advancements,and discuss the growing role of FIGG in forensic genomics.FIGG has been pivotal in revitalizing dormant inquiries and offering genetic leads in numerous cold cases.Its effectiveness relies on the extensive single-nucleotide polymorphism profiles contributed by individuals from diverse populations to specialized genomic databases.Advances in computational genomics and the growth of human genomic databases have spurred a profound shift in the application of genetic genealogy across forensics,anthropology,and ancient DNA studies.As the field progresses,FIGG is evolving from a nascent practice into a more sophisticated and specialized discipline,shaping the future of forensic investigations.展开更多
Electric Vehicle Charging Systems(EVCS)are increasingly vulnerable to cybersecurity threats as they integrate deeply into smart grids and Internet ofThings(IoT)environments,raising significant security challenges.Most...Electric Vehicle Charging Systems(EVCS)are increasingly vulnerable to cybersecurity threats as they integrate deeply into smart grids and Internet ofThings(IoT)environments,raising significant security challenges.Most existing research primarily emphasizes network-level anomaly detection,leaving critical vulnerabilities at the host level underexplored.This study introduces a novel forensic analysis framework leveraging host-level data,including system logs,kernel events,and Hardware Performance Counters(HPC),to detect and analyze sophisticated cyberattacks such as cryptojacking,Denial-of-Service(DoS),and reconnaissance activities targeting EVCS.Using comprehensive forensic analysis and machine learning models,the proposed framework significantly outperforms existing methods,achieving an accuracy of 98.81%.The findings offer insights into distinct behavioral signatures associated with specific cyber threats,enabling improved cybersecurity strategies and actionable recommendations for robust EVCS infrastructure protection.展开更多
Artifcial Intelligence (AI) is being applied to improve the efciency of software systems used in various domains, especially in the health and forensic sciences. Explainable AI (XAI) is one of the felds of AI that int...Artifcial Intelligence (AI) is being applied to improve the efciency of software systems used in various domains, especially in the health and forensic sciences. Explainable AI (XAI) is one of the felds of AI that interprets and explains the methods used in AI. One of the techniques used in XAI to provide such interpretations is by computing the rel-evanceof the input features to the output of an AI model. File fragment classifcation is one of the vital issues of fle carving in Cyber Forensics (CF) and becomes challenging when the flesystem metadata is missing. Other major challenges it faces are: proliferation of fle formats, fle embeddings, automation, We leverage and utilize interpretations provided by XAI to optimize the classifcation of fle fragments and propose a novel sifting approach, named SIFT (Sifting File Types). SIFT employs TF-IDF to assign weight to a byte (feature), which is used to select features from a fle fragment. Threshold-based LIME and SHAP (the two XAI techniques) feature relevance values are computed for the selected features to optimize fle fragment classifcation. To improve multinomial classifcation, a Multilayer Per-ceptronmodel is developed and optimized with fve hidden layers, each layer with i × n neurons, where i = the layer number and n = the total number of classes in the dataset. When tested with 47,482 samples of 20 fle types (classes), SIFT achieves a detection rate of 82.1% and outperforms the other state-of-the-art techniques by at least 10%. To the best of our knowledge, this is the frst efort of applying XAI in CF for optimizing fle fragment classifcation.展开更多
In today’s digital era,the rapid evolution of image editing technologies has brought about a significant simplification of image manipulation.Unfortunately,this progress has also given rise to the misuse of manipulat...In today’s digital era,the rapid evolution of image editing technologies has brought about a significant simplification of image manipulation.Unfortunately,this progress has also given rise to the misuse of manipulated images across various domains.One of the pressing challenges stemming from this advancement is the increasing difficulty in discerning between unaltered and manipulated images.This paper offers a comprehensive survey of existing methodologies for detecting image tampering,shedding light on the diverse approaches employed in the field of contemporary image forensics.The methods used to identify image forgery can be broadly classified into two primary categories:classical machine learning techniques,heavily reliant on manually crafted features,and deep learning methods.Additionally,this paper explores recent developments in image forensics,placing particular emphasis on the detection of counterfeit colorization.Image colorization involves predicting colors for grayscale images,thereby enhancing their visual appeal.The advancements in colorization techniques have reached a level where distinguishing between authentic and forged images with the naked eye has become an exceptionally challenging task.This paper serves as an in-depth exploration of the intricacies of image forensics in the modern age,with a specific focus on the detection of colorization forgery,presenting a comprehensive overview of methodologies in this critical field.展开更多
The accelerated global adoption of electric vehicles(EVs)is driving significant expansion and increasing complexity within the EV charging infrastructure,consequently presenting novel and pressing cybersecurity challe...The accelerated global adoption of electric vehicles(EVs)is driving significant expansion and increasing complexity within the EV charging infrastructure,consequently presenting novel and pressing cybersecurity challenges.While considerable effort has focused on preventative cybersecurity measures,a critical deficiency persists in structured methodologies for digital forensic analysis following security incidents,a gap exacerbated by system heterogeneity,distributed digital evidence,and inconsistent logging practices which hinder effective incident reconstruction and attribution.This paper addresses this critical need by proposing a novel,data-driven forensic framework tailored to the EV charging infrastructure,focusing on the systematic identification,classification,and correlation of diverse digital evidence across its physical,network,and application layers.Our methodology integrates open-source intelligence(OSINT)with advanced system modeling based on a three-layer cyber-physical system architecture to comprehensively map potential evidentiary sources.Key contributions include a comprehensive taxonomy of cybersecurity threats pertinent to EV charging ecosystems,detailed mappings between these threats and the resultant digital evidence to guide targeted investigations,the formulation of adaptable forensic investigation workflows for various incident scenarios,and a critical analysis of significant gaps in digital evidence availability within current EV charging systems,highlighting limitations in forensic readiness.The practical application and utility of this method are demonstrated through illustrative case studies involving both empirically-derived and virtual incident scenarios.The proposed datadriven approach is designed to significantly enhance digital forensic capabilities,support more effective incident response,strengthen compliance with emerging cybersecurity regulations,and ultimately contribute to bolstering the overall security,resilience,and trustworthiness of this increasingly vital critical infrastructure.展开更多
The power system frequency fluctuations could be captured by digital recordings and extracted to compare with a reference database for forensic timestamp verification.It is known as the Electric Network Frequency(ENF)...The power system frequency fluctuations could be captured by digital recordings and extracted to compare with a reference database for forensic timestamp verification.It is known as the Electric Network Frequency(ENF)criterion,enabled by the properties of random fluctuations and intra-grid consistency.In essence,this is a task of matching a short random sequence within a long reference,whose accuracy is mainly concerned with whether this match could be uniquely correct.In this paper,we comprehensively analyze the factors affecting the reliability of ENF matching,including the length of test recording,length of reference,temporal resolution,and Signal-to-Noise Ratio(SNR).For synthetic analysis,we incorporate the first-order AutoRegressive(AR)ENF model and propose an efficient Time-Frequency Domain noisy ENF synthesis method.Then,the reliability analysis schemes for both synthetic and real-world data are respectively proposed.Through a comprehensive study,we quantitatively reveal that while the SNR is an important external factor to determine whether timestamp verification is viable,the length of test recording is the most important inherent factor,followed by the length of reference.However,the temporal resolution has little impact on performance.Finally,a practical workflow of the ENF-based audio timestamp verification system is proposed,incorporating the discovered results.展开更多
Digital forensics aims to uncover evidence of cybercrimes within compromised systems.These cybercrimes are often perpetrated through the deployment of malware,which inevitably leaves discernible traces within the comp...Digital forensics aims to uncover evidence of cybercrimes within compromised systems.These cybercrimes are often perpetrated through the deployment of malware,which inevitably leaves discernible traces within the compromised systems.Forensic analysts are tasked with extracting and subsequently analyzing data,termed as artifacts,from these systems to gather evidence.Therefore,forensic analysts must sift through extensive datasets to isolate pertinent evidence.However,manually identifying suspicious traces among numerous artifacts is time-consuming and labor-intensive.Previous studies addressed such inefficiencies by integrating artificial intelligence(AI)technologies into digital forensics.Despite the efforts in previous studies,artifacts were analyzed without considering the nature of the data within them and failed to prove their efficiency through specific evaluations.In this study,we propose a system to prioritize suspicious artifacts from compromised systems infected with malware to facilitate efficient digital forensics.Our system introduces a double-checking method that recognizes the nature of data within target artifacts and employs algorithms ideal for anomaly detection.The key ideas of this method are:(1)prioritize suspicious artifacts and filter remaining artifacts using autoencoder and(2)further prioritize suspicious artifacts and filter remaining artifacts using logarithmic entropy.Our evaluation demonstrates that our system can identify malicious artifacts with high accuracy and that its double-checking method is more efficient than alternative approaches.Our system can significantly reduce the time required for forensic analysis and serve as a reference for future studies.展开更多
Detecting hate speech automatically in social media forensics has emerged as a highly challenging task due tothe complex nature of language used in such platforms. Currently, several methods exist for classifying hate...Detecting hate speech automatically in social media forensics has emerged as a highly challenging task due tothe complex nature of language used in such platforms. Currently, several methods exist for classifying hatespeech, but they still suffer from ambiguity when differentiating between hateful and offensive content and theyalso lack accuracy. The work suggested in this paper uses a combination of the Whale Optimization Algorithm(WOA) and Particle Swarm Optimization (PSO) to adjust the weights of two Multi-Layer Perceptron (MLPs)for neutrosophic sets classification. During the training process of the MLP, the WOA is employed to exploreand determine the optimal set of weights. The PSO algorithm adjusts the weights to optimize the performanceof the MLP as fine-tuning. Additionally, in this approach, two separate MLP models are employed. One MLPis dedicated to predicting degrees of truth membership, while the other MLP focuses on predicting degrees offalse membership. The difference between these memberships quantifies uncertainty, indicating the degree ofindeterminacy in predictions. The experimental results indicate the superior performance of our model comparedto previous work when evaluated on the Davidson dataset.展开更多
The AGCU X Plus STR system is a newly developed multiplex PCR kit that detects 32 X-chromosomal STR loci simultaneously.These are DXS6807,DXS9895,linkage group 1(DXS10148,DXS10135,DXS8378),DXS9902,DXS6795,DXS6810,DXS1...The AGCU X Plus STR system is a newly developed multiplex PCR kit that detects 32 X-chromosomal STR loci simultaneously.These are DXS6807,DXS9895,linkage group 1(DXS10148,DXS10135,DXS8378),DXS9902,DXS6795,DXS6810,DXS10159,DXS10162,DXS10164,DXS7132,linkage group 2(DXS10079,DXS10074,DXS10075),DXS981,DXS6800,DXS6803,DXS6809,DXS6789,DXS7424,DXS101,DXS7133,GATA172D05,GATA165B12,linkage group 3(DXS10103,HPRTB,DXS10101),GATA31E08 and linkage group 4(DXS8377,DXS10134,DXS7423).A major advantage of this kit is that it takes into account linkage between loci,in addition to detecting more X-STR loci.In order to evaluate the forensic application of 32 X-STR fl uorescence amplifi cation system,PCR settings,sensitivity,species specifi city,stability,DNA mixtures,concordance,stutter,sizing precision,and population genetics investigation were evaluated according to the Scientific Working Group on DNA Analysis Methods(SWGDAM)developmental validation guidelines.The study showed that the genotyping results of each locus were signifi cantly accurate when the DNA template was at least 62.5 pg.Complete profi les were obtained for the 1∶1 and 1∶3 combinations.A total of 209 unrelated individuals from Southern Chinese Han community,consisting of 84 females and 125 males,were selected for population studies,and 285 allele profi les were detected from 32 X-STR loci.The polymorphism information content(PIC)ranged from 0.2721 in DXS6800,to 0.9105 in DXS10135,with an average of 0.6798.DXS10135(PIC=0.9105)was the most polymorphic locus,with discrimination power(DP)of 0.9164 and 0.9871 for the male and female.The cumulative PD_(F),PD_(M),MEC_(trio) and MEC_(duo) valu es were all greater than 0.999999999.There were 78 different DXS10103-HPRTB-DXS10101 haplotypes among the 125 males,and the haplotype diversity was 0.9810.There was no signifi cant difference in the cumulative PD_(F),PD_(M),MEC_(trio) and MEC_(duo) values whether considering linkage or not.In summary,the new X-STR multiplex typing system is effective and reliable,which can be useful in human genetic analysis and kinship testing as a potent complement to autosomal STR typing.展开更多
Signature verification involves vague situations in which a signature could resemble many reference samples ormight differ because of handwriting variances. By presenting the features and similarity score of signature...Signature verification involves vague situations in which a signature could resemble many reference samples ormight differ because of handwriting variances. By presenting the features and similarity score of signatures from thematching algorithm as fuzzy sets and capturing the degrees of membership, non-membership, and indeterminacy,a neutrosophic engine can significantly contribute to signature verification by addressing the inherent uncertaintiesand ambiguities present in signatures. But type-1 neutrosophic logic gives these membership functions fixed values,which could not adequately capture the various degrees of uncertainty in the characteristics of signatures. Type-1neutrosophic representation is also unable to adjust to various degrees of uncertainty. The proposed work exploresthe type-2 neutrosophic logic to enable additional flexibility and granularity in handling ambiguity, indeterminacy,and uncertainty, hence improving the accuracy of signature verification systems. Because type-2 neutrosophiclogic allows the assessment of many sources of ambiguity and conflicting information, decision-making is moreflexible. These experimental results show the possible benefits of using a type-2 neutrosophic engine for signatureverification by demonstrating its superior handling of uncertainty and variability over type-1, which eventuallyresults in more accurate False Rejection Rate (FRR) and False Acceptance Rate (FAR) verification results. In acomparison analysis using a benchmark dataset of handwritten signatures, the type-2 neutrosophic similaritymeasure yields a better accuracy rate of 98% than the type-1 95%.展开更多
The development of high technology,for public life to provide a justification at the same time,also encouraged the spirit of cybercrime,to become more and more rampant.In network crime,electronic data is usually used ...The development of high technology,for public life to provide a justification at the same time,also encouraged the spirit of cybercrime,to become more and more rampant.In network crime,electronic data is usually used as the main evidence to determine the facts of the crime and plays an important role in the smooth trial of the case.But because electronic data on dependent,concealment,easy destructive strong science and technology,the forensics work is now in trouble.The mature use of blockchain technology can avoid existing problems to a certain extent,which is helpful to the smooth progress of electronic forensics.This paper on electronic evidence how to more effectively,combined with research blockchain technology,improve the efficiency of electronic evidence collection work.展开更多
In recent years,visual facial forgery has reached a level of sophistication that humans cannot identify fraud,which poses a significant threat to information security.A wide range of malicious applications have emerge...In recent years,visual facial forgery has reached a level of sophistication that humans cannot identify fraud,which poses a significant threat to information security.A wide range of malicious applications have emerged,such as deepfake,fake news,defamation or blackmailing of celebrities,impersonation of politicians in political warfare,and the spreading of rumours to attract views.As a result,a rich body of visual forensic techniques has been proposed in an attempt to stop this dangerous trend.However,there is no comprehensive,fair,and unified performance evaluation to enlighten the community on best performing methods.The authors present a systematic benchmark beyond traditional surveys that provides in-depth insights into facial forgery and facial forensics,grounding on robustness tests such as contrast,brightness,noise,resolution,missing information,and compression.The authors also provide a practical guideline of the benchmarking results,to determine the characteristics of the methods that serve as a comparative reference in this never-ending war between measures and countermeasures.The authors’source code is open to the public.展开更多
Vehicle data is one of the important sources of traffic accident digital forensics.We propose a novel method using long short-term memory-deep belief network by binary encoding(LSTM-BiDBN)controller area network ident...Vehicle data is one of the important sources of traffic accident digital forensics.We propose a novel method using long short-term memory-deep belief network by binary encoding(LSTM-BiDBN)controller area network identifier(CAN ID)to extract the event sequence of CAN IDs and the semantic of CAN IDs themselves.Instead of detecting attacks only aimed at a specific CAN ID,the proposed method fully considers the potential interaction between electronic control units.By this means,we can detect whether the vehicle has been invaded by the outside,to online determine the responsible party of the accident.We use our LSTM-BiDBN to distinguish attack-free and abnormal situations on CAN-intrusion-dataset.Experimental results show that our proposed method is more effective in identifying anomalies caused by denial of service attack,fuzzy attack and impersonation attack with an accuracy value of 97.02%,a false-positive rate of 6.09%,and a false-negative rate of 1.94%compared with traditional methods.展开更多
We are living in a society constructed by many aspects as well as languages.There are many ways to deal with legal cases,language is also an active one among them.As it is proved that resultant of forensic linguistic ...We are living in a society constructed by many aspects as well as languages.There are many ways to deal with legal cases,language is also an active one among them.As it is proved that resultant of forensic linguistic researches do help around.展开更多
In this study, we aimed to study the pattern visual evoked potentials (P-VEPs) in two eyes with varying visual acuity in one eye and to provide an objective estimation of visual acuity by comparing P-VEPs in one and...In this study, we aimed to study the pattern visual evoked potentials (P-VEPs) in two eyes with varying visual acuity in one eye and to provide an objective estimation of visual acuity by comparing P-VEPs in one and two eyes. Thirty subjects were chosen, who had one eye with an acuity of 5.0, 4.85, 4.6, 4.0, or scieropia and obstructed vision and the other eye with an acuity of 5.0, respectively. P-VEPs were detected under the large grating stimuli at 3x4 spatial frequency, moderate grating stimuli (12× 16 spatial frequency) and small grating stimuli (48×64 spatial frequency). Under large grating stimuli, there was no significant difference in P100 peak latency between the groups, nor was there a significant difference between the amplitude of two eyes and the amplitude of one normal-vision eye. Under moderate and small grating stimuli, there was a significant difference in P100 peak latency between the group with both eyes having an acuity of 5.0 and the group with visual acuity below 4.0 in one eye. There was a significant difference in P100 amplitude between the group with visual acuity of 5.0 in both eyes and the group with one normal-vision eye. There was no significant difference in the amplitude of two eyes and the amplitude of one normal-vision eye between any other two groups. In forensic identification, characteristics and variability of P-VEPs in one and two eyes can be used to identify malingering or decline in visual acuity.展开更多
基金supported by the National Fund Cultivation Project from China People’s Police University(Grant Number:JJPY202402)National Natural Science Foundation of China(Grant Number:62172165).
文摘With the rapid advancement of visual generative models such as Generative Adversarial Networks(GANs)and stable Diffusion,the creation of highly realistic Deepfake through automated forgery has significantly progressed.This paper examines the advancements inDeepfake detection and defense technologies,emphasizing the shift from passive detection methods to proactive digital watermarking techniques.Passive detection methods,which involve extracting features from images or videos to identify forgeries,encounter challenges such as poor performance against unknown manipulation techniques and susceptibility to counter-forensic tactics.In contrast,proactive digital watermarking techniques embed specificmarkers into images or videos,facilitating real-time detection and traceability,thereby providing a preemptive defense againstDeepfake content.We offer a comprehensive analysis of digitalwatermarking-based forensic techniques,discussing their advantages over passivemethods and highlighting four key benefits:real-time detection,embedded defense,resistance to tampering,and provision of legal evidence.Additionally,the paper identifies gaps in the literature concerning proactive forensic techniques and suggests future research directions,including cross-domain watermarking and adaptive watermarking strategies.By systematically classifying and comparing existing techniques,this review aims to contribute valuable insights for the development of more effective proactive defense strategies in Deepfake forensics.
文摘The smart home platform integrates with Internet of Things(IoT)devices,smartphones,and cloud servers,enabling seamless and convenient services.It gathers and manages extensive user data,including personal information,device operations,and patterns of user behavior.Such data plays an essential role in criminal inves-tigations,highlighting the growing importance of specialized smart home forensics.Given the rapid advancement in smart home software and hardware technologies,many companies are introducing new devices and services that expand the market.Consequently,scalable and platform-specific forensic research is necessary to support efficient digital investigations across diverse smart home ecosystems.This study thoroughly examines the core components and structures of smart homes,proposing a generalized architecture that represents various operational environments.A three-stage smart home forensics framework is introduced:(1)analyzing application functions to infer relevant data,(2)extracting and processing data from interconnected devices,and(3)identifying data valuable for investigative purposes.The framework’s applicability is validated using testbeds from Samsung SmartThings and Xiaomi Mi Home platforms,offering practical insights for real-world forensic applications.The results demonstrate that the proposed forensic framework effectively acquires and classifies relevant digital evidence in smart home platforms,confirming its practical applicability in smart home forensic investigations.
文摘The integration of phytochemistry into forensic science has emerged as a groundbreaking frontier,providing unprecedented insights into nature's secrets through the precise application of phytochemical fingerprinting of phytotoxins as a cutting-edge approach.This study explores the dynamic intersection of phytochemistry and forensic science,highlighting how the unique phytochemical profiles of toxic plants and their secondary metabolites,serve as distinctive markers for forensic investigations.By utilizing advanced techniques such as Ultra-High-Performance Liquid Chromatography(UHPLC)and High-Resolution Mass Spectrometry(HRMS),the detection and quantification of plant-derived are made more accurate in forensic contexts.Real-world case studies are presented to demonstrate the critical role of plant toxins in forensic outcomes and legal proceedings.The challenges,potential,and future prospects of integrating phytochemical fingerprinting of plant toxins into forensic science were discussed.This review aims to illuminate phytochemical fingerprinting of plant toxins as a promising tool to enhance the precision and depth of forensic analyses,offering new insights into the complex stories embedded in plant toxins.
基金supported in part by Natural Science Foundation of Hubei Province of China under Grant 2023AFB016the 2022 Opening Fund for Hubei Key Laboratory of Intelligent Vision Based Monitoring for Hydroelectric Engineering under Grant 2022SDSJ02the Construction Fund for Hubei Key Laboratory of Intelligent Vision Based Monitoring for Hydroelectric Engineering under Grant 2019ZYYD007.
文摘Images and videos play an increasingly vital role in daily life and are widely utilized as key evidentiary sources in judicial investigations and forensic analysis.Simultaneously,advancements in image and video processing technologies have facilitated the widespread availability of powerful editing tools,such as Deepfakes,enabling anyone to easily create manipulated or fake visual content,which poses an enormous threat to social security and public trust.To verify the authenticity and integrity of images and videos,numerous approaches have been proposed,which are primarily based on content analysis and their effectiveness is susceptible to interference from various image or video post-processing operations.Recent research has highlighted the potential of file containers analysis as a promising forensic approach that offers efficient and interpretable results.However,there is still a lack of review articles on this kind of approach.In order to fill this gap,we present a comprehensive review of file containers-based image and video forensics in this paper.Specifically,we categorize the existing methods into two distinct stages,qualitative analysis and quantitative analysis.In addition,an overall framework is proposed to organize the exiting approaches.Then,the advantages and disadvantages of the schemes used across different forensic tasks are provided.Finally,we outline the trends in this research area,aiming to provide valuable insights and technical guidance for future research.
基金supported by the National Natural Science Foundation of China(82202078)the Major Project of the National Social Science Foundation of China(23&ZD203)+3 种基金the Open Project of the Key Laboratory of Forensic Genetics of the Ministry of Public Security(2022FGKFKT05)the Center for Archaeological Science of Sichuan University(23SASA01)the 1‧3‧5 Project for Disciplines of Excellence,West China Hospital,Sichuan University(ZYJC20002)the Sichuan Science and Technology Program(2024NSFSC1518).
文摘Genetic genealogy provides crucial insights into the complex biological relationships within contemporary and ancient human populations by analyzing shared alleles and chromosomal segments that are identical by descent to understand kinship,migration patterns,and population dynamics.Within forensic science,forensic investigative genetic genealogy(FIGG)has gained prominence by leveraging next-generation sequencing technologies and population-specific genomic resources,opening useful investigative avenues.In this review,we synthesize current knowledge,underscore recent advancements,and discuss the growing role of FIGG in forensic genomics.FIGG has been pivotal in revitalizing dormant inquiries and offering genetic leads in numerous cold cases.Its effectiveness relies on the extensive single-nucleotide polymorphism profiles contributed by individuals from diverse populations to specialized genomic databases.Advances in computational genomics and the growth of human genomic databases have spurred a profound shift in the application of genetic genealogy across forensics,anthropology,and ancient DNA studies.As the field progresses,FIGG is evolving from a nascent practice into a more sophisticated and specialized discipline,shaping the future of forensic investigations.
文摘Electric Vehicle Charging Systems(EVCS)are increasingly vulnerable to cybersecurity threats as they integrate deeply into smart grids and Internet ofThings(IoT)environments,raising significant security challenges.Most existing research primarily emphasizes network-level anomaly detection,leaving critical vulnerabilities at the host level underexplored.This study introduces a novel forensic analysis framework leveraging host-level data,including system logs,kernel events,and Hardware Performance Counters(HPC),to detect and analyze sophisticated cyberattacks such as cryptojacking,Denial-of-Service(DoS),and reconnaissance activities targeting EVCS.Using comprehensive forensic analysis and machine learning models,the proposed framework significantly outperforms existing methods,achieving an accuracy of 98.81%.The findings offer insights into distinct behavioral signatures associated with specific cyber threats,enabling improved cybersecurity strategies and actionable recommendations for robust EVCS infrastructure protection.
文摘Artifcial Intelligence (AI) is being applied to improve the efciency of software systems used in various domains, especially in the health and forensic sciences. Explainable AI (XAI) is one of the felds of AI that interprets and explains the methods used in AI. One of the techniques used in XAI to provide such interpretations is by computing the rel-evanceof the input features to the output of an AI model. File fragment classifcation is one of the vital issues of fle carving in Cyber Forensics (CF) and becomes challenging when the flesystem metadata is missing. Other major challenges it faces are: proliferation of fle formats, fle embeddings, automation, We leverage and utilize interpretations provided by XAI to optimize the classifcation of fle fragments and propose a novel sifting approach, named SIFT (Sifting File Types). SIFT employs TF-IDF to assign weight to a byte (feature), which is used to select features from a fle fragment. Threshold-based LIME and SHAP (the two XAI techniques) feature relevance values are computed for the selected features to optimize fle fragment classifcation. To improve multinomial classifcation, a Multilayer Per-ceptronmodel is developed and optimized with fve hidden layers, each layer with i × n neurons, where i = the layer number and n = the total number of classes in the dataset. When tested with 47,482 samples of 20 fle types (classes), SIFT achieves a detection rate of 82.1% and outperforms the other state-of-the-art techniques by at least 10%. To the best of our knowledge, this is the frst efort of applying XAI in CF for optimizing fle fragment classifcation.
基金supported by Basic Science Research Program through the National Research Foundation of Korea(NRF)funded by the Ministry of Education(2021R1I1A3049788).
文摘In today’s digital era,the rapid evolution of image editing technologies has brought about a significant simplification of image manipulation.Unfortunately,this progress has also given rise to the misuse of manipulated images across various domains.One of the pressing challenges stemming from this advancement is the increasing difficulty in discerning between unaltered and manipulated images.This paper offers a comprehensive survey of existing methodologies for detecting image tampering,shedding light on the diverse approaches employed in the field of contemporary image forensics.The methods used to identify image forgery can be broadly classified into two primary categories:classical machine learning techniques,heavily reliant on manually crafted features,and deep learning methods.Additionally,this paper explores recent developments in image forensics,placing particular emphasis on the detection of counterfeit colorization.Image colorization involves predicting colors for grayscale images,thereby enhancing their visual appeal.The advancements in colorization techniques have reached a level where distinguishing between authentic and forged images with the naked eye has become an exceptionally challenging task.This paper serves as an in-depth exploration of the intricacies of image forensics in the modern age,with a specific focus on the detection of colorization forgery,presenting a comprehensive overview of methodologies in this critical field.
基金supported by the National Research Foundation of Korea(NRF)grant funded by the Korea government(MSIT)(RS-2023-00242528,50%)supported by a grant from the Korea Electric Power Corporation(R24XO01-4,50%)for basic research and development projects starting in 2024.
文摘The accelerated global adoption of electric vehicles(EVs)is driving significant expansion and increasing complexity within the EV charging infrastructure,consequently presenting novel and pressing cybersecurity challenges.While considerable effort has focused on preventative cybersecurity measures,a critical deficiency persists in structured methodologies for digital forensic analysis following security incidents,a gap exacerbated by system heterogeneity,distributed digital evidence,and inconsistent logging practices which hinder effective incident reconstruction and attribution.This paper addresses this critical need by proposing a novel,data-driven forensic framework tailored to the EV charging infrastructure,focusing on the systematic identification,classification,and correlation of diverse digital evidence across its physical,network,and application layers.Our methodology integrates open-source intelligence(OSINT)with advanced system modeling based on a three-layer cyber-physical system architecture to comprehensively map potential evidentiary sources.Key contributions include a comprehensive taxonomy of cybersecurity threats pertinent to EV charging ecosystems,detailed mappings between these threats and the resultant digital evidence to guide targeted investigations,the formulation of adaptable forensic investigation workflows for various incident scenarios,and a critical analysis of significant gaps in digital evidence availability within current EV charging systems,highlighting limitations in forensic readiness.The practical application and utility of this method are demonstrated through illustrative case studies involving both empirically-derived and virtual incident scenarios.The proposed datadriven approach is designed to significantly enhance digital forensic capabilities,support more effective incident response,strengthen compliance with emerging cybersecurity regulations,and ultimately contribute to bolstering the overall security,resilience,and trustworthiness of this increasingly vital critical infrastructure.
基金funded by National Natural Science Foundation of China(No.62272347,62072343,and 61802284)National Key Research Development Program of China(No.2019QY(Y)0206).
文摘The power system frequency fluctuations could be captured by digital recordings and extracted to compare with a reference database for forensic timestamp verification.It is known as the Electric Network Frequency(ENF)criterion,enabled by the properties of random fluctuations and intra-grid consistency.In essence,this is a task of matching a short random sequence within a long reference,whose accuracy is mainly concerned with whether this match could be uniquely correct.In this paper,we comprehensively analyze the factors affecting the reliability of ENF matching,including the length of test recording,length of reference,temporal resolution,and Signal-to-Noise Ratio(SNR).For synthetic analysis,we incorporate the first-order AutoRegressive(AR)ENF model and propose an efficient Time-Frequency Domain noisy ENF synthesis method.Then,the reliability analysis schemes for both synthetic and real-world data are respectively proposed.Through a comprehensive study,we quantitatively reveal that while the SNR is an important external factor to determine whether timestamp verification is viable,the length of test recording is the most important inherent factor,followed by the length of reference.However,the temporal resolution has little impact on performance.Finally,a practical workflow of the ENF-based audio timestamp verification system is proposed,incorporating the discovered results.
基金supported by the MSIT(Ministry of Science and ICT),Korea,under the ITRC(Information Technology Research Center)support program(IITP-2024-RS-2024-00437494)supervised by the IITP(Institute for Information&Communications Technology Planning&Evaluation).
文摘Digital forensics aims to uncover evidence of cybercrimes within compromised systems.These cybercrimes are often perpetrated through the deployment of malware,which inevitably leaves discernible traces within the compromised systems.Forensic analysts are tasked with extracting and subsequently analyzing data,termed as artifacts,from these systems to gather evidence.Therefore,forensic analysts must sift through extensive datasets to isolate pertinent evidence.However,manually identifying suspicious traces among numerous artifacts is time-consuming and labor-intensive.Previous studies addressed such inefficiencies by integrating artificial intelligence(AI)technologies into digital forensics.Despite the efforts in previous studies,artifacts were analyzed without considering the nature of the data within them and failed to prove their efficiency through specific evaluations.In this study,we propose a system to prioritize suspicious artifacts from compromised systems infected with malware to facilitate efficient digital forensics.Our system introduces a double-checking method that recognizes the nature of data within target artifacts and employs algorithms ideal for anomaly detection.The key ideas of this method are:(1)prioritize suspicious artifacts and filter remaining artifacts using autoencoder and(2)further prioritize suspicious artifacts and filter remaining artifacts using logarithmic entropy.Our evaluation demonstrates that our system can identify malicious artifacts with high accuracy and that its double-checking method is more efficient than alternative approaches.Our system can significantly reduce the time required for forensic analysis and serve as a reference for future studies.
文摘Detecting hate speech automatically in social media forensics has emerged as a highly challenging task due tothe complex nature of language used in such platforms. Currently, several methods exist for classifying hatespeech, but they still suffer from ambiguity when differentiating between hateful and offensive content and theyalso lack accuracy. The work suggested in this paper uses a combination of the Whale Optimization Algorithm(WOA) and Particle Swarm Optimization (PSO) to adjust the weights of two Multi-Layer Perceptron (MLPs)for neutrosophic sets classification. During the training process of the MLP, the WOA is employed to exploreand determine the optimal set of weights. The PSO algorithm adjusts the weights to optimize the performanceof the MLP as fine-tuning. Additionally, in this approach, two separate MLP models are employed. One MLPis dedicated to predicting degrees of truth membership, while the other MLP focuses on predicting degrees offalse membership. The difference between these memberships quantifies uncertainty, indicating the degree ofindeterminacy in predictions. The experimental results indicate the superior performance of our model comparedto previous work when evaluated on the Davidson dataset.
文摘The AGCU X Plus STR system is a newly developed multiplex PCR kit that detects 32 X-chromosomal STR loci simultaneously.These are DXS6807,DXS9895,linkage group 1(DXS10148,DXS10135,DXS8378),DXS9902,DXS6795,DXS6810,DXS10159,DXS10162,DXS10164,DXS7132,linkage group 2(DXS10079,DXS10074,DXS10075),DXS981,DXS6800,DXS6803,DXS6809,DXS6789,DXS7424,DXS101,DXS7133,GATA172D05,GATA165B12,linkage group 3(DXS10103,HPRTB,DXS10101),GATA31E08 and linkage group 4(DXS8377,DXS10134,DXS7423).A major advantage of this kit is that it takes into account linkage between loci,in addition to detecting more X-STR loci.In order to evaluate the forensic application of 32 X-STR fl uorescence amplifi cation system,PCR settings,sensitivity,species specifi city,stability,DNA mixtures,concordance,stutter,sizing precision,and population genetics investigation were evaluated according to the Scientific Working Group on DNA Analysis Methods(SWGDAM)developmental validation guidelines.The study showed that the genotyping results of each locus were signifi cantly accurate when the DNA template was at least 62.5 pg.Complete profi les were obtained for the 1∶1 and 1∶3 combinations.A total of 209 unrelated individuals from Southern Chinese Han community,consisting of 84 females and 125 males,were selected for population studies,and 285 allele profi les were detected from 32 X-STR loci.The polymorphism information content(PIC)ranged from 0.2721 in DXS6800,to 0.9105 in DXS10135,with an average of 0.6798.DXS10135(PIC=0.9105)was the most polymorphic locus,with discrimination power(DP)of 0.9164 and 0.9871 for the male and female.The cumulative PD_(F),PD_(M),MEC_(trio) and MEC_(duo) valu es were all greater than 0.999999999.There were 78 different DXS10103-HPRTB-DXS10101 haplotypes among the 125 males,and the haplotype diversity was 0.9810.There was no signifi cant difference in the cumulative PD_(F),PD_(M),MEC_(trio) and MEC_(duo) values whether considering linkage or not.In summary,the new X-STR multiplex typing system is effective and reliable,which can be useful in human genetic analysis and kinship testing as a potent complement to autosomal STR typing.
文摘Signature verification involves vague situations in which a signature could resemble many reference samples ormight differ because of handwriting variances. By presenting the features and similarity score of signatures from thematching algorithm as fuzzy sets and capturing the degrees of membership, non-membership, and indeterminacy,a neutrosophic engine can significantly contribute to signature verification by addressing the inherent uncertaintiesand ambiguities present in signatures. But type-1 neutrosophic logic gives these membership functions fixed values,which could not adequately capture the various degrees of uncertainty in the characteristics of signatures. Type-1neutrosophic representation is also unable to adjust to various degrees of uncertainty. The proposed work exploresthe type-2 neutrosophic logic to enable additional flexibility and granularity in handling ambiguity, indeterminacy,and uncertainty, hence improving the accuracy of signature verification systems. Because type-2 neutrosophiclogic allows the assessment of many sources of ambiguity and conflicting information, decision-making is moreflexible. These experimental results show the possible benefits of using a type-2 neutrosophic engine for signatureverification by demonstrating its superior handling of uncertainty and variability over type-1, which eventuallyresults in more accurate False Rejection Rate (FRR) and False Acceptance Rate (FAR) verification results. In acomparison analysis using a benchmark dataset of handwritten signatures, the type-2 neutrosophic similaritymeasure yields a better accuracy rate of 98% than the type-1 95%.
基金President’s Fund Natural Science Project Plan of Tarim University,“Research on Blockchain-based Electronic Evidence Fixation Method”(Project No.:TDZKSS202439)。
文摘The development of high technology,for public life to provide a justification at the same time,also encouraged the spirit of cybercrime,to become more and more rampant.In network crime,electronic data is usually used as the main evidence to determine the facts of the crime and plays an important role in the smooth trial of the case.But because electronic data on dependent,concealment,easy destructive strong science and technology,the forensics work is now in trouble.The mature use of blockchain technology can avoid existing problems to a certain extent,which is helpful to the smooth progress of electronic forensics.This paper on electronic evidence how to more effectively,combined with research blockchain technology,improve the efficiency of electronic evidence collection work.
基金QuỹĐổi mới sáng tạo Vingroup,Grant/Award Number:VINIF.2020.ThS.BK.10。
文摘In recent years,visual facial forgery has reached a level of sophistication that humans cannot identify fraud,which poses a significant threat to information security.A wide range of malicious applications have emerged,such as deepfake,fake news,defamation or blackmailing of celebrities,impersonation of politicians in political warfare,and the spreading of rumours to attract views.As a result,a rich body of visual forensic techniques has been proposed in an attempt to stop this dangerous trend.However,there is no comprehensive,fair,and unified performance evaluation to enlighten the community on best performing methods.The authors present a systematic benchmark beyond traditional surveys that provides in-depth insights into facial forgery and facial forensics,grounding on robustness tests such as contrast,brightness,noise,resolution,missing information,and compression.The authors also provide a practical guideline of the benchmarking results,to determine the characteristics of the methods that serve as a comparative reference in this never-ending war between measures and countermeasures.The authors’source code is open to the public.
基金the National Key R&D Program of China(No.2017YFA60700602)。
文摘Vehicle data is one of the important sources of traffic accident digital forensics.We propose a novel method using long short-term memory-deep belief network by binary encoding(LSTM-BiDBN)controller area network identifier(CAN ID)to extract the event sequence of CAN IDs and the semantic of CAN IDs themselves.Instead of detecting attacks only aimed at a specific CAN ID,the proposed method fully considers the potential interaction between electronic control units.By this means,we can detect whether the vehicle has been invaded by the outside,to online determine the responsible party of the accident.We use our LSTM-BiDBN to distinguish attack-free and abnormal situations on CAN-intrusion-dataset.Experimental results show that our proposed method is more effective in identifying anomalies caused by denial of service attack,fuzzy attack and impersonation attack with an accuracy value of 97.02%,a false-positive rate of 6.09%,and a false-negative rate of 1.94%compared with traditional methods.
文摘We are living in a society constructed by many aspects as well as languages.There are many ways to deal with legal cases,language is also an active one among them.As it is proved that resultant of forensic linguistic researches do help around.
文摘In this study, we aimed to study the pattern visual evoked potentials (P-VEPs) in two eyes with varying visual acuity in one eye and to provide an objective estimation of visual acuity by comparing P-VEPs in one and two eyes. Thirty subjects were chosen, who had one eye with an acuity of 5.0, 4.85, 4.6, 4.0, or scieropia and obstructed vision and the other eye with an acuity of 5.0, respectively. P-VEPs were detected under the large grating stimuli at 3x4 spatial frequency, moderate grating stimuli (12× 16 spatial frequency) and small grating stimuli (48×64 spatial frequency). Under large grating stimuli, there was no significant difference in P100 peak latency between the groups, nor was there a significant difference between the amplitude of two eyes and the amplitude of one normal-vision eye. Under moderate and small grating stimuli, there was a significant difference in P100 peak latency between the group with both eyes having an acuity of 5.0 and the group with visual acuity below 4.0 in one eye. There was a significant difference in P100 amplitude between the group with visual acuity of 5.0 in both eyes and the group with one normal-vision eye. There was no significant difference in the amplitude of two eyes and the amplitude of one normal-vision eye between any other two groups. In forensic identification, characteristics and variability of P-VEPs in one and two eyes can be used to identify malingering or decline in visual acuity.
