With the rapid advancement of visual generative models such as Generative Adversarial Networks(GANs)and stable Diffusion,the creation of highly realistic Deepfake through automated forgery has significantly progressed...With the rapid advancement of visual generative models such as Generative Adversarial Networks(GANs)and stable Diffusion,the creation of highly realistic Deepfake through automated forgery has significantly progressed.This paper examines the advancements inDeepfake detection and defense technologies,emphasizing the shift from passive detection methods to proactive digital watermarking techniques.Passive detection methods,which involve extracting features from images or videos to identify forgeries,encounter challenges such as poor performance against unknown manipulation techniques and susceptibility to counter-forensic tactics.In contrast,proactive digital watermarking techniques embed specificmarkers into images or videos,facilitating real-time detection and traceability,thereby providing a preemptive defense againstDeepfake content.We offer a comprehensive analysis of digitalwatermarking-based forensic techniques,discussing their advantages over passivemethods and highlighting four key benefits:real-time detection,embedded defense,resistance to tampering,and provision of legal evidence.Additionally,the paper identifies gaps in the literature concerning proactive forensic techniques and suggests future research directions,including cross-domain watermarking and adaptive watermarking strategies.By systematically classifying and comparing existing techniques,this review aims to contribute valuable insights for the development of more effective proactive defense strategies in Deepfake forensics.展开更多
The smart home platform integrates with Internet of Things(IoT)devices,smartphones,and cloud servers,enabling seamless and convenient services.It gathers and manages extensive user data,including personal information,...The smart home platform integrates with Internet of Things(IoT)devices,smartphones,and cloud servers,enabling seamless and convenient services.It gathers and manages extensive user data,including personal information,device operations,and patterns of user behavior.Such data plays an essential role in criminal inves-tigations,highlighting the growing importance of specialized smart home forensics.Given the rapid advancement in smart home software and hardware technologies,many companies are introducing new devices and services that expand the market.Consequently,scalable and platform-specific forensic research is necessary to support efficient digital investigations across diverse smart home ecosystems.This study thoroughly examines the core components and structures of smart homes,proposing a generalized architecture that represents various operational environments.A three-stage smart home forensics framework is introduced:(1)analyzing application functions to infer relevant data,(2)extracting and processing data from interconnected devices,and(3)identifying data valuable for investigative purposes.The framework’s applicability is validated using testbeds from Samsung SmartThings and Xiaomi Mi Home platforms,offering practical insights for real-world forensic applications.The results demonstrate that the proposed forensic framework effectively acquires and classifies relevant digital evidence in smart home platforms,confirming its practical applicability in smart home forensic investigations.展开更多
The integration of phytochemistry into forensic science has emerged as a groundbreaking frontier,providing unprecedented insights into nature's secrets through the precise application of phytochemical fingerprinti...The integration of phytochemistry into forensic science has emerged as a groundbreaking frontier,providing unprecedented insights into nature's secrets through the precise application of phytochemical fingerprinting of phytotoxins as a cutting-edge approach.This study explores the dynamic intersection of phytochemistry and forensic science,highlighting how the unique phytochemical profiles of toxic plants and their secondary metabolites,serve as distinctive markers for forensic investigations.By utilizing advanced techniques such as Ultra-High-Performance Liquid Chromatography(UHPLC)and High-Resolution Mass Spectrometry(HRMS),the detection and quantification of plant-derived are made more accurate in forensic contexts.Real-world case studies are presented to demonstrate the critical role of plant toxins in forensic outcomes and legal proceedings.The challenges,potential,and future prospects of integrating phytochemical fingerprinting of plant toxins into forensic science were discussed.This review aims to illuminate phytochemical fingerprinting of plant toxins as a promising tool to enhance the precision and depth of forensic analyses,offering new insights into the complex stories embedded in plant toxins.展开更多
Objective:With the continuous changes in social production,the consumption th inking of the masses obviously cannot keep up with the speed of social developmen t,and insurance disputes are increasingly emerging.Among ...Objective:With the continuous changes in social production,the consumption th inking of the masses obviously cannot keep up with the speed of social developmen t,and insurance disputes are increasingly emerging.Among them,the shortcomings of personal injury claims are not prominent,and the theoretical knowledge is not co mplete.In order to improve the quality of professional talents and reduce claims dis putes,the feasibility of integrating forensic medicine into personal injury claims is ex plored.Methods:The professional attributes,subject attributes,knowledge system an d employment data of forensic medicine are analyzed and compared with the actual work of personal injury claims.Main results:Forensic medicine has its uniqueness i n on-site investigation,injury-disease relationship analysis,and resolution of doubts.I t is irreplaceable by other subjects.The subject attributes are consistent with the pe rsonal injury claims major,and personal injury claims itself has basic medical courses,so it is easier to accept forensic medicine.Conclusion:Under the current social bac kground,through the study of the forensic medicine system in the personal injury cl aims major,it has positive practical significance for its professional construction and talent training.展开更多
Images and videos play an increasingly vital role in daily life and are widely utilized as key evidentiary sources in judicial investigations and forensic analysis.Simultaneously,advancements in image and video proces...Images and videos play an increasingly vital role in daily life and are widely utilized as key evidentiary sources in judicial investigations and forensic analysis.Simultaneously,advancements in image and video processing technologies have facilitated the widespread availability of powerful editing tools,such as Deepfakes,enabling anyone to easily create manipulated or fake visual content,which poses an enormous threat to social security and public trust.To verify the authenticity and integrity of images and videos,numerous approaches have been proposed,which are primarily based on content analysis and their effectiveness is susceptible to interference from various image or video post-processing operations.Recent research has highlighted the potential of file containers analysis as a promising forensic approach that offers efficient and interpretable results.However,there is still a lack of review articles on this kind of approach.In order to fill this gap,we present a comprehensive review of file containers-based image and video forensics in this paper.Specifically,we categorize the existing methods into two distinct stages,qualitative analysis and quantitative analysis.In addition,an overall framework is proposed to organize the exiting approaches.Then,the advantages and disadvantages of the schemes used across different forensic tasks are provided.Finally,we outline the trends in this research area,aiming to provide valuable insights and technical guidance for future research.展开更多
Genetic genealogy provides crucial insights into the complex biological relationships within contemporary and ancient human populations by analyzing shared alleles and chromosomal segments that are identical by descen...Genetic genealogy provides crucial insights into the complex biological relationships within contemporary and ancient human populations by analyzing shared alleles and chromosomal segments that are identical by descent to understand kinship,migration patterns,and population dynamics.Within forensic science,forensic investigative genetic genealogy(FIGG)has gained prominence by leveraging next-generation sequencing technologies and population-specific genomic resources,opening useful investigative avenues.In this review,we synthesize current knowledge,underscore recent advancements,and discuss the growing role of FIGG in forensic genomics.FIGG has been pivotal in revitalizing dormant inquiries and offering genetic leads in numerous cold cases.Its effectiveness relies on the extensive single-nucleotide polymorphism profiles contributed by individuals from diverse populations to specialized genomic databases.Advances in computational genomics and the growth of human genomic databases have spurred a profound shift in the application of genetic genealogy across forensics,anthropology,and ancient DNA studies.As the field progresses,FIGG is evolving from a nascent practice into a more sophisticated and specialized discipline,shaping the future of forensic investigations.展开更多
Electric Vehicle Charging Systems(EVCS)are increasingly vulnerable to cybersecurity threats as they integrate deeply into smart grids and Internet ofThings(IoT)environments,raising significant security challenges.Most...Electric Vehicle Charging Systems(EVCS)are increasingly vulnerable to cybersecurity threats as they integrate deeply into smart grids and Internet ofThings(IoT)environments,raising significant security challenges.Most existing research primarily emphasizes network-level anomaly detection,leaving critical vulnerabilities at the host level underexplored.This study introduces a novel forensic analysis framework leveraging host-level data,including system logs,kernel events,and Hardware Performance Counters(HPC),to detect and analyze sophisticated cyberattacks such as cryptojacking,Denial-of-Service(DoS),and reconnaissance activities targeting EVCS.Using comprehensive forensic analysis and machine learning models,the proposed framework significantly outperforms existing methods,achieving an accuracy of 98.81%.The findings offer insights into distinct behavioral signatures associated with specific cyber threats,enabling improved cybersecurity strategies and actionable recommendations for robust EVCS infrastructure protection.展开更多
In today’s digital era,the rapid evolution of image editing technologies has brought about a significant simplification of image manipulation.Unfortunately,this progress has also given rise to the misuse of manipulat...In today’s digital era,the rapid evolution of image editing technologies has brought about a significant simplification of image manipulation.Unfortunately,this progress has also given rise to the misuse of manipulated images across various domains.One of the pressing challenges stemming from this advancement is the increasing difficulty in discerning between unaltered and manipulated images.This paper offers a comprehensive survey of existing methodologies for detecting image tampering,shedding light on the diverse approaches employed in the field of contemporary image forensics.The methods used to identify image forgery can be broadly classified into two primary categories:classical machine learning techniques,heavily reliant on manually crafted features,and deep learning methods.Additionally,this paper explores recent developments in image forensics,placing particular emphasis on the detection of counterfeit colorization.Image colorization involves predicting colors for grayscale images,thereby enhancing their visual appeal.The advancements in colorization techniques have reached a level where distinguishing between authentic and forged images with the naked eye has become an exceptionally challenging task.This paper serves as an in-depth exploration of the intricacies of image forensics in the modern age,with a specific focus on the detection of colorization forgery,presenting a comprehensive overview of methodologies in this critical field.展开更多
The accelerated global adoption of electric vehicles(EVs)is driving significant expansion and increasing complexity within the EV charging infrastructure,consequently presenting novel and pressing cybersecurity challe...The accelerated global adoption of electric vehicles(EVs)is driving significant expansion and increasing complexity within the EV charging infrastructure,consequently presenting novel and pressing cybersecurity challenges.While considerable effort has focused on preventative cybersecurity measures,a critical deficiency persists in structured methodologies for digital forensic analysis following security incidents,a gap exacerbated by system heterogeneity,distributed digital evidence,and inconsistent logging practices which hinder effective incident reconstruction and attribution.This paper addresses this critical need by proposing a novel,data-driven forensic framework tailored to the EV charging infrastructure,focusing on the systematic identification,classification,and correlation of diverse digital evidence across its physical,network,and application layers.Our methodology integrates open-source intelligence(OSINT)with advanced system modeling based on a three-layer cyber-physical system architecture to comprehensively map potential evidentiary sources.Key contributions include a comprehensive taxonomy of cybersecurity threats pertinent to EV charging ecosystems,detailed mappings between these threats and the resultant digital evidence to guide targeted investigations,the formulation of adaptable forensic investigation workflows for various incident scenarios,and a critical analysis of significant gaps in digital evidence availability within current EV charging systems,highlighting limitations in forensic readiness.The practical application and utility of this method are demonstrated through illustrative case studies involving both empirically-derived and virtual incident scenarios.The proposed datadriven approach is designed to significantly enhance digital forensic capabilities,support more effective incident response,strengthen compliance with emerging cybersecurity regulations,and ultimately contribute to bolstering the overall security,resilience,and trustworthiness of this increasingly vital critical infrastructure.展开更多
We are living in a society constructed by many aspects as well as languages.There are many ways to deal with legal cases,language is also an active one among them.As it is proved that resultant of forensic linguistic ...We are living in a society constructed by many aspects as well as languages.There are many ways to deal with legal cases,language is also an active one among them.As it is proved that resultant of forensic linguistic researches do help around.展开更多
In this study, we aimed to study the pattern visual evoked potentials (P-VEPs) in two eyes with varying visual acuity in one eye and to provide an objective estimation of visual acuity by comparing P-VEPs in one and...In this study, we aimed to study the pattern visual evoked potentials (P-VEPs) in two eyes with varying visual acuity in one eye and to provide an objective estimation of visual acuity by comparing P-VEPs in one and two eyes. Thirty subjects were chosen, who had one eye with an acuity of 5.0, 4.85, 4.6, 4.0, or scieropia and obstructed vision and the other eye with an acuity of 5.0, respectively. P-VEPs were detected under the large grating stimuli at 3x4 spatial frequency, moderate grating stimuli (12× 16 spatial frequency) and small grating stimuli (48×64 spatial frequency). Under large grating stimuli, there was no significant difference in P100 peak latency between the groups, nor was there a significant difference between the amplitude of two eyes and the amplitude of one normal-vision eye. Under moderate and small grating stimuli, there was a significant difference in P100 peak latency between the group with both eyes having an acuity of 5.0 and the group with visual acuity below 4.0 in one eye. There was a significant difference in P100 amplitude between the group with visual acuity of 5.0 in both eyes and the group with one normal-vision eye. There was no significant difference in the amplitude of two eyes and the amplitude of one normal-vision eye between any other two groups. In forensic identification, characteristics and variability of P-VEPs in one and two eyes can be used to identify malingering or decline in visual acuity.展开更多
The large scale and distribution of cloud computing storage have become the major challenges in cloud forensics for file extraction. Current disk forensic methods do not adapt to cloud computing well and the forensic ...The large scale and distribution of cloud computing storage have become the major challenges in cloud forensics for file extraction. Current disk forensic methods do not adapt to cloud computing well and the forensic research on distributed file system is inadequate. To address the forensic problems, this paper uses the Hadoop distributed file system (HDFS) as a case study and proposes a forensic method for efficient file extraction based on three-level (3L) mapping. First, HDFS is analyzed from overall architecture to local file system. Second, the 3L mapping of an HDFS file from HDFS namespace to data blocks on local file system is established and a recovery method for deleted files based on 3L mapping is presented. Third, a multi-node Hadoop framework via Xen virtualization platform is set up to test the performance of the method. The results indicate that the proposed method could succeed in efficient location of large files stored across data nodes, make selective image of disk data and get high recovery rate of deleted files.展开更多
Since its birth in the early 90 's,digital forensics has been mainly focused on collecting and examining digital evidence from computers and networks that are controlled and owned by individuals or organizations.A...Since its birth in the early 90 's,digital forensics has been mainly focused on collecting and examining digital evidence from computers and networks that are controlled and owned by individuals or organizations.As cloud computing has recently emerged as a dominant platform for running applications and storing data,digital forensics faces well-known challenges in the cloud,such as data inaccessibility,data and service volatility,and law enforcement lacks control over the cloud.To date,very little research has been done to develop efficient theory and practice for digital forensics in the cloud.In this paper,we present a novel framework,Cloud Foren,which systematically addresses the challenges of forensics in cloud computing.Cloud Foren covers the entire process of digital forensics,from the initial point of complaint to the final point where the evidence is confirmed.The key components of Cloud Foren address some challenges,which are unique to the cloud.The proposed forensic process allows cloud forensic examiner,cloud provider,and cloud customer collaborate naturally.We use two case studies to demonstrate the applicability of Cloud Foren.We believe Cloud Foren holds great promise for more precise and automatic digital forensics in a cloud computing environment.展开更多
As the advent and growing popularity of image rendering software,photorealistic computer graphics are becoming more and more perceptually indistinguishable from photographic images.If the faked images are abused,it ma...As the advent and growing popularity of image rendering software,photorealistic computer graphics are becoming more and more perceptually indistinguishable from photographic images.If the faked images are abused,it may lead to potential social,legal or private consequences.To this end,it is very necessary and also challenging to find effective methods to differentiate between them.In this paper,a novel leading digit law,also called Benford's law,based method to identify computer graphics is proposed.More specifically,statistics of the most significant digits are extracted from image's Discrete Cosine Transform(DCT) coefficients and magnitudes of image's gradient,and then the Support Vector Machine(SVM) based classifiers are built.Results of experiments on the image datasets indicate that the proposed method is comparable to prior works.Besides,it possesses low dimensional features and low computational complexity.展开更多
On March 26,2010 an underwater explosion(UWE)led to the sinking of the ROKS Cheonan.The official Multinational Civilian-Military Joint Investigation Group(MCMJIG)report concluded that the cause of the underwater explo...On March 26,2010 an underwater explosion(UWE)led to the sinking of the ROKS Cheonan.The official Multinational Civilian-Military Joint Investigation Group(MCMJIG)report concluded that the cause of the underwater explosion was a 250 kg net explosive weight(NEW)detonation at a depth of 6 9 m from a DPRK"CHT-02D"torpedo.Kim and Gitterman(2012a)determined the NEW and seismic magnitude as 136 kg at a depth of approximately 8m and 2.04,respectively using basic hydrodynamics based on theoretical and experimental methods as well as spectral analysis and seismic methods.The purpose of this study was to clarify the cause of the UWE via more detailed methods using bubble dynamics and simulation of propellers as well as forensic seismology.Regarding the observed bubble pulse period of 0.990 s,0.976 s and 1.030 s were found in case of a 136NEW at a detonation depth of 8 m using the boundary element method(BEM)and 3D bubble shape simulations derived for a 136kg NEW detonation at a depth of 8 m approximately 5 m portside from the hull centerline.Here we show through analytical equations,models and 3D bubble shape simulations that the most probable cause of this underwater explosion was a 136 kg NEW detonation at a depth of 8m attributable to a ROK littoral"land control"mine(LCM).展开更多
Turnaround time (TAT), is the total time interval from when a request for forensic laboratory analysis is received until when the results are collected by the client. The performance of the forensic science laboratory...Turnaround time (TAT), is the total time interval from when a request for forensic laboratory analysis is received until when the results are collected by the client. The performance of the forensic science laboratory (FSL) is affected by extended TAT in the case-file and sample processing steps necessitating critical analysis reported in this paper. The total TAT was obtained as the sum of measured time interval for each work station (six of which were studied). Extended TAT leads not only to customer complaints, but also paves way for customers to seek for services from competitors, leading to lost competitive edge for the FSL. This study was conducted to establish the baseline data on TAT (between 2014 and 2015) to enable implementation of corrective actions. Six casefile processing steps were identified for which starting and completion times were recorded in dates, giving TAT values in days. The TAT data for each step was collected as each case file is processed and analyzed separately using statistical analysis while comparing the data for the two years (Y2014 and Y2015) and?among?three forensic science laboratory disciplines (biology/DNA, chemistry and toxicology). The overall turnaround time (TTAT) was?the?highest for forensic biology/DNA compared to forensic toxicology and chemistry. The analysis time (TAT2) was the longest of all six case-file processing steps. Using Pareto analysis, the three major steps necessitating root-cause analysis and intervention to minimize TAT were analysis turnaround time (TAT2), report collection time (TAT6) and report review time (TAT4). It was concluded that the causes for extended TAT are within control by the FSL management, although financial and human resources are required.展开更多
Digital forensics is the science of identifying, extracting, analyzing and presenting the digital evidence that has been stored in the digital devices. Various digital tools and techniques are being used to achieve th...Digital forensics is the science of identifying, extracting, analyzing and presenting the digital evidence that has been stored in the digital devices. Various digital tools and techniques are being used to achieve this. Our paper explains forensic analysis steps in the storage media, hidden data analysis in the file system, network forensic methods and cyber crime data mining. This paper proposes a new tool which is the combination of digital forensic investigation and crime data mining. The proposed system is designed for finding motive, pattern of cyber attacks and counts of attacks types happened during a period. Hence the proposed tool enables the system administrators to minimize the system vulnerability.展开更多
Blind forensics of JPEG image tampering as a kind of digital image blind forensics technology is gradually becoming a new research hotspot in the field of image security. Firstly, the main achievements of domestic and...Blind forensics of JPEG image tampering as a kind of digital image blind forensics technology is gradually becoming a new research hotspot in the field of image security. Firstly, the main achievements of domestic and foreign scholars in the blind forensic technology of JPEG image tampering were briefly described. Then, according to the different methods of tampering and detection, the current detection was divided into two types: double JPEG compression detection and block effect inconsistency detection. This paper summarized the existing methods of JPEG image blind forensics detection, and analyzed the two methods. Finally, the existing problems and future research trends were analyzed and prospected to provide further theoretical support for the research of JPEG image blind forensics technology.展开更多
According to the requirement of computer forensic and network forensic, a novel forensic computing model is presented, which exploits XML/OEM/RM data model, Data fusion technology, forensic knowledgebase, inference me...According to the requirement of computer forensic and network forensic, a novel forensic computing model is presented, which exploits XML/OEM/RM data model, Data fusion technology, forensic knowledgebase, inference mechanism of expert system and evidence mining engine. This model takes advantage of flexility and openness, so it can be widely used in mining evidence.展开更多
基金supported by the National Fund Cultivation Project from China People’s Police University(Grant Number:JJPY202402)National Natural Science Foundation of China(Grant Number:62172165).
文摘With the rapid advancement of visual generative models such as Generative Adversarial Networks(GANs)and stable Diffusion,the creation of highly realistic Deepfake through automated forgery has significantly progressed.This paper examines the advancements inDeepfake detection and defense technologies,emphasizing the shift from passive detection methods to proactive digital watermarking techniques.Passive detection methods,which involve extracting features from images or videos to identify forgeries,encounter challenges such as poor performance against unknown manipulation techniques and susceptibility to counter-forensic tactics.In contrast,proactive digital watermarking techniques embed specificmarkers into images or videos,facilitating real-time detection and traceability,thereby providing a preemptive defense againstDeepfake content.We offer a comprehensive analysis of digitalwatermarking-based forensic techniques,discussing their advantages over passivemethods and highlighting four key benefits:real-time detection,embedded defense,resistance to tampering,and provision of legal evidence.Additionally,the paper identifies gaps in the literature concerning proactive forensic techniques and suggests future research directions,including cross-domain watermarking and adaptive watermarking strategies.By systematically classifying and comparing existing techniques,this review aims to contribute valuable insights for the development of more effective proactive defense strategies in Deepfake forensics.
文摘The smart home platform integrates with Internet of Things(IoT)devices,smartphones,and cloud servers,enabling seamless and convenient services.It gathers and manages extensive user data,including personal information,device operations,and patterns of user behavior.Such data plays an essential role in criminal inves-tigations,highlighting the growing importance of specialized smart home forensics.Given the rapid advancement in smart home software and hardware technologies,many companies are introducing new devices and services that expand the market.Consequently,scalable and platform-specific forensic research is necessary to support efficient digital investigations across diverse smart home ecosystems.This study thoroughly examines the core components and structures of smart homes,proposing a generalized architecture that represents various operational environments.A three-stage smart home forensics framework is introduced:(1)analyzing application functions to infer relevant data,(2)extracting and processing data from interconnected devices,and(3)identifying data valuable for investigative purposes.The framework’s applicability is validated using testbeds from Samsung SmartThings and Xiaomi Mi Home platforms,offering practical insights for real-world forensic applications.The results demonstrate that the proposed forensic framework effectively acquires and classifies relevant digital evidence in smart home platforms,confirming its practical applicability in smart home forensic investigations.
文摘The integration of phytochemistry into forensic science has emerged as a groundbreaking frontier,providing unprecedented insights into nature's secrets through the precise application of phytochemical fingerprinting of phytotoxins as a cutting-edge approach.This study explores the dynamic intersection of phytochemistry and forensic science,highlighting how the unique phytochemical profiles of toxic plants and their secondary metabolites,serve as distinctive markers for forensic investigations.By utilizing advanced techniques such as Ultra-High-Performance Liquid Chromatography(UHPLC)and High-Resolution Mass Spectrometry(HRMS),the detection and quantification of plant-derived are made more accurate in forensic contexts.Real-world case studies are presented to demonstrate the critical role of plant toxins in forensic outcomes and legal proceedings.The challenges,potential,and future prospects of integrating phytochemical fingerprinting of plant toxins into forensic science were discussed.This review aims to illuminate phytochemical fingerprinting of plant toxins as a promising tool to enhance the precision and depth of forensic analyses,offering new insights into the complex stories embedded in plant toxins.
文摘Objective:With the continuous changes in social production,the consumption th inking of the masses obviously cannot keep up with the speed of social developmen t,and insurance disputes are increasingly emerging.Among them,the shortcomings of personal injury claims are not prominent,and the theoretical knowledge is not co mplete.In order to improve the quality of professional talents and reduce claims dis putes,the feasibility of integrating forensic medicine into personal injury claims is ex plored.Methods:The professional attributes,subject attributes,knowledge system an d employment data of forensic medicine are analyzed and compared with the actual work of personal injury claims.Main results:Forensic medicine has its uniqueness i n on-site investigation,injury-disease relationship analysis,and resolution of doubts.I t is irreplaceable by other subjects.The subject attributes are consistent with the pe rsonal injury claims major,and personal injury claims itself has basic medical courses,so it is easier to accept forensic medicine.Conclusion:Under the current social bac kground,through the study of the forensic medicine system in the personal injury cl aims major,it has positive practical significance for its professional construction and talent training.
基金supported in part by Natural Science Foundation of Hubei Province of China under Grant 2023AFB016the 2022 Opening Fund for Hubei Key Laboratory of Intelligent Vision Based Monitoring for Hydroelectric Engineering under Grant 2022SDSJ02the Construction Fund for Hubei Key Laboratory of Intelligent Vision Based Monitoring for Hydroelectric Engineering under Grant 2019ZYYD007.
文摘Images and videos play an increasingly vital role in daily life and are widely utilized as key evidentiary sources in judicial investigations and forensic analysis.Simultaneously,advancements in image and video processing technologies have facilitated the widespread availability of powerful editing tools,such as Deepfakes,enabling anyone to easily create manipulated or fake visual content,which poses an enormous threat to social security and public trust.To verify the authenticity and integrity of images and videos,numerous approaches have been proposed,which are primarily based on content analysis and their effectiveness is susceptible to interference from various image or video post-processing operations.Recent research has highlighted the potential of file containers analysis as a promising forensic approach that offers efficient and interpretable results.However,there is still a lack of review articles on this kind of approach.In order to fill this gap,we present a comprehensive review of file containers-based image and video forensics in this paper.Specifically,we categorize the existing methods into two distinct stages,qualitative analysis and quantitative analysis.In addition,an overall framework is proposed to organize the exiting approaches.Then,the advantages and disadvantages of the schemes used across different forensic tasks are provided.Finally,we outline the trends in this research area,aiming to provide valuable insights and technical guidance for future research.
基金supported by the National Natural Science Foundation of China(82202078)the Major Project of the National Social Science Foundation of China(23&ZD203)+3 种基金the Open Project of the Key Laboratory of Forensic Genetics of the Ministry of Public Security(2022FGKFKT05)the Center for Archaeological Science of Sichuan University(23SASA01)the 1‧3‧5 Project for Disciplines of Excellence,West China Hospital,Sichuan University(ZYJC20002)the Sichuan Science and Technology Program(2024NSFSC1518).
文摘Genetic genealogy provides crucial insights into the complex biological relationships within contemporary and ancient human populations by analyzing shared alleles and chromosomal segments that are identical by descent to understand kinship,migration patterns,and population dynamics.Within forensic science,forensic investigative genetic genealogy(FIGG)has gained prominence by leveraging next-generation sequencing technologies and population-specific genomic resources,opening useful investigative avenues.In this review,we synthesize current knowledge,underscore recent advancements,and discuss the growing role of FIGG in forensic genomics.FIGG has been pivotal in revitalizing dormant inquiries and offering genetic leads in numerous cold cases.Its effectiveness relies on the extensive single-nucleotide polymorphism profiles contributed by individuals from diverse populations to specialized genomic databases.Advances in computational genomics and the growth of human genomic databases have spurred a profound shift in the application of genetic genealogy across forensics,anthropology,and ancient DNA studies.As the field progresses,FIGG is evolving from a nascent practice into a more sophisticated and specialized discipline,shaping the future of forensic investigations.
文摘Electric Vehicle Charging Systems(EVCS)are increasingly vulnerable to cybersecurity threats as they integrate deeply into smart grids and Internet ofThings(IoT)environments,raising significant security challenges.Most existing research primarily emphasizes network-level anomaly detection,leaving critical vulnerabilities at the host level underexplored.This study introduces a novel forensic analysis framework leveraging host-level data,including system logs,kernel events,and Hardware Performance Counters(HPC),to detect and analyze sophisticated cyberattacks such as cryptojacking,Denial-of-Service(DoS),and reconnaissance activities targeting EVCS.Using comprehensive forensic analysis and machine learning models,the proposed framework significantly outperforms existing methods,achieving an accuracy of 98.81%.The findings offer insights into distinct behavioral signatures associated with specific cyber threats,enabling improved cybersecurity strategies and actionable recommendations for robust EVCS infrastructure protection.
基金supported by Basic Science Research Program through the National Research Foundation of Korea(NRF)funded by the Ministry of Education(2021R1I1A3049788).
文摘In today’s digital era,the rapid evolution of image editing technologies has brought about a significant simplification of image manipulation.Unfortunately,this progress has also given rise to the misuse of manipulated images across various domains.One of the pressing challenges stemming from this advancement is the increasing difficulty in discerning between unaltered and manipulated images.This paper offers a comprehensive survey of existing methodologies for detecting image tampering,shedding light on the diverse approaches employed in the field of contemporary image forensics.The methods used to identify image forgery can be broadly classified into two primary categories:classical machine learning techniques,heavily reliant on manually crafted features,and deep learning methods.Additionally,this paper explores recent developments in image forensics,placing particular emphasis on the detection of counterfeit colorization.Image colorization involves predicting colors for grayscale images,thereby enhancing their visual appeal.The advancements in colorization techniques have reached a level where distinguishing between authentic and forged images with the naked eye has become an exceptionally challenging task.This paper serves as an in-depth exploration of the intricacies of image forensics in the modern age,with a specific focus on the detection of colorization forgery,presenting a comprehensive overview of methodologies in this critical field.
基金supported by the National Research Foundation of Korea(NRF)grant funded by the Korea government(MSIT)(RS-2023-00242528,50%)supported by a grant from the Korea Electric Power Corporation(R24XO01-4,50%)for basic research and development projects starting in 2024.
文摘The accelerated global adoption of electric vehicles(EVs)is driving significant expansion and increasing complexity within the EV charging infrastructure,consequently presenting novel and pressing cybersecurity challenges.While considerable effort has focused on preventative cybersecurity measures,a critical deficiency persists in structured methodologies for digital forensic analysis following security incidents,a gap exacerbated by system heterogeneity,distributed digital evidence,and inconsistent logging practices which hinder effective incident reconstruction and attribution.This paper addresses this critical need by proposing a novel,data-driven forensic framework tailored to the EV charging infrastructure,focusing on the systematic identification,classification,and correlation of diverse digital evidence across its physical,network,and application layers.Our methodology integrates open-source intelligence(OSINT)with advanced system modeling based on a three-layer cyber-physical system architecture to comprehensively map potential evidentiary sources.Key contributions include a comprehensive taxonomy of cybersecurity threats pertinent to EV charging ecosystems,detailed mappings between these threats and the resultant digital evidence to guide targeted investigations,the formulation of adaptable forensic investigation workflows for various incident scenarios,and a critical analysis of significant gaps in digital evidence availability within current EV charging systems,highlighting limitations in forensic readiness.The practical application and utility of this method are demonstrated through illustrative case studies involving both empirically-derived and virtual incident scenarios.The proposed datadriven approach is designed to significantly enhance digital forensic capabilities,support more effective incident response,strengthen compliance with emerging cybersecurity regulations,and ultimately contribute to bolstering the overall security,resilience,and trustworthiness of this increasingly vital critical infrastructure.
文摘We are living in a society constructed by many aspects as well as languages.There are many ways to deal with legal cases,language is also an active one among them.As it is proved that resultant of forensic linguistic researches do help around.
文摘In this study, we aimed to study the pattern visual evoked potentials (P-VEPs) in two eyes with varying visual acuity in one eye and to provide an objective estimation of visual acuity by comparing P-VEPs in one and two eyes. Thirty subjects were chosen, who had one eye with an acuity of 5.0, 4.85, 4.6, 4.0, or scieropia and obstructed vision and the other eye with an acuity of 5.0, respectively. P-VEPs were detected under the large grating stimuli at 3x4 spatial frequency, moderate grating stimuli (12× 16 spatial frequency) and small grating stimuli (48×64 spatial frequency). Under large grating stimuli, there was no significant difference in P100 peak latency between the groups, nor was there a significant difference between the amplitude of two eyes and the amplitude of one normal-vision eye. Under moderate and small grating stimuli, there was a significant difference in P100 peak latency between the group with both eyes having an acuity of 5.0 and the group with visual acuity below 4.0 in one eye. There was a significant difference in P100 amplitude between the group with visual acuity of 5.0 in both eyes and the group with one normal-vision eye. There was no significant difference in the amplitude of two eyes and the amplitude of one normal-vision eye between any other two groups. In forensic identification, characteristics and variability of P-VEPs in one and two eyes can be used to identify malingering or decline in visual acuity.
基金Supported by the National High Technology Research and Development Program of China(863 Program)(2015AA016006)the National Natural Science Foundation of China(60903220)
文摘The large scale and distribution of cloud computing storage have become the major challenges in cloud forensics for file extraction. Current disk forensic methods do not adapt to cloud computing well and the forensic research on distributed file system is inadequate. To address the forensic problems, this paper uses the Hadoop distributed file system (HDFS) as a case study and proposes a forensic method for efficient file extraction based on three-level (3L) mapping. First, HDFS is analyzed from overall architecture to local file system. Second, the 3L mapping of an HDFS file from HDFS namespace to data blocks on local file system is established and a recovery method for deleted files based on 3L mapping is presented. Third, a multi-node Hadoop framework via Xen virtualization platform is set up to test the performance of the method. The results indicate that the proposed method could succeed in efficient location of large files stored across data nodes, make selective image of disk data and get high recovery rate of deleted files.
文摘Since its birth in the early 90 's,digital forensics has been mainly focused on collecting and examining digital evidence from computers and networks that are controlled and owned by individuals or organizations.As cloud computing has recently emerged as a dominant platform for running applications and storing data,digital forensics faces well-known challenges in the cloud,such as data inaccessibility,data and service volatility,and law enforcement lacks control over the cloud.To date,very little research has been done to develop efficient theory and practice for digital forensics in the cloud.In this paper,we present a novel framework,Cloud Foren,which systematically addresses the challenges of forensics in cloud computing.Cloud Foren covers the entire process of digital forensics,from the initial point of complaint to the final point where the evidence is confirmed.The key components of Cloud Foren address some challenges,which are unique to the cloud.The proposed forensic process allows cloud forensic examiner,cloud provider,and cloud customer collaborate naturally.We use two case studies to demonstrate the applicability of Cloud Foren.We believe Cloud Foren holds great promise for more precise and automatic digital forensics in a cloud computing environment.
文摘As the advent and growing popularity of image rendering software,photorealistic computer graphics are becoming more and more perceptually indistinguishable from photographic images.If the faked images are abused,it may lead to potential social,legal or private consequences.To this end,it is very necessary and also challenging to find effective methods to differentiate between them.In this paper,a novel leading digit law,also called Benford's law,based method to identify computer graphics is proposed.More specifically,statistics of the most significant digits are extracted from image's Discrete Cosine Transform(DCT) coefficients and magnitudes of image's gradient,and then the Support Vector Machine(SVM) based classifiers are built.Results of experiments on the image datasets indicate that the proposed method is comparable to prior works.Besides,it possesses low dimensional features and low computational complexity.
文摘On March 26,2010 an underwater explosion(UWE)led to the sinking of the ROKS Cheonan.The official Multinational Civilian-Military Joint Investigation Group(MCMJIG)report concluded that the cause of the underwater explosion was a 250 kg net explosive weight(NEW)detonation at a depth of 6 9 m from a DPRK"CHT-02D"torpedo.Kim and Gitterman(2012a)determined the NEW and seismic magnitude as 136 kg at a depth of approximately 8m and 2.04,respectively using basic hydrodynamics based on theoretical and experimental methods as well as spectral analysis and seismic methods.The purpose of this study was to clarify the cause of the UWE via more detailed methods using bubble dynamics and simulation of propellers as well as forensic seismology.Regarding the observed bubble pulse period of 0.990 s,0.976 s and 1.030 s were found in case of a 136NEW at a detonation depth of 8 m using the boundary element method(BEM)and 3D bubble shape simulations derived for a 136kg NEW detonation at a depth of 8 m approximately 5 m portside from the hull centerline.Here we show through analytical equations,models and 3D bubble shape simulations that the most probable cause of this underwater explosion was a 136 kg NEW detonation at a depth of 8m attributable to a ROK littoral"land control"mine(LCM).
文摘Turnaround time (TAT), is the total time interval from when a request for forensic laboratory analysis is received until when the results are collected by the client. The performance of the forensic science laboratory (FSL) is affected by extended TAT in the case-file and sample processing steps necessitating critical analysis reported in this paper. The total TAT was obtained as the sum of measured time interval for each work station (six of which were studied). Extended TAT leads not only to customer complaints, but also paves way for customers to seek for services from competitors, leading to lost competitive edge for the FSL. This study was conducted to establish the baseline data on TAT (between 2014 and 2015) to enable implementation of corrective actions. Six casefile processing steps were identified for which starting and completion times were recorded in dates, giving TAT values in days. The TAT data for each step was collected as each case file is processed and analyzed separately using statistical analysis while comparing the data for the two years (Y2014 and Y2015) and?among?three forensic science laboratory disciplines (biology/DNA, chemistry and toxicology). The overall turnaround time (TTAT) was?the?highest for forensic biology/DNA compared to forensic toxicology and chemistry. The analysis time (TAT2) was the longest of all six case-file processing steps. Using Pareto analysis, the three major steps necessitating root-cause analysis and intervention to minimize TAT were analysis turnaround time (TAT2), report collection time (TAT6) and report review time (TAT4). It was concluded that the causes for extended TAT are within control by the FSL management, although financial and human resources are required.
文摘Digital forensics is the science of identifying, extracting, analyzing and presenting the digital evidence that has been stored in the digital devices. Various digital tools and techniques are being used to achieve this. Our paper explains forensic analysis steps in the storage media, hidden data analysis in the file system, network forensic methods and cyber crime data mining. This paper proposes a new tool which is the combination of digital forensic investigation and crime data mining. The proposed system is designed for finding motive, pattern of cyber attacks and counts of attacks types happened during a period. Hence the proposed tool enables the system administrators to minimize the system vulnerability.
文摘Blind forensics of JPEG image tampering as a kind of digital image blind forensics technology is gradually becoming a new research hotspot in the field of image security. Firstly, the main achievements of domestic and foreign scholars in the blind forensic technology of JPEG image tampering were briefly described. Then, according to the different methods of tampering and detection, the current detection was divided into two types: double JPEG compression detection and block effect inconsistency detection. This paper summarized the existing methods of JPEG image blind forensics detection, and analyzed the two methods. Finally, the existing problems and future research trends were analyzed and prospected to provide further theoretical support for the research of JPEG image blind forensics technology.
基金Supported by the Scientific and TechnologicalBureau of the Ministry of Public Security of P.R.China ,the Projectof the Network Supervising Bureau(2005yycxhbst117) the Project ofthe 15th Overall Plan of Education Department of Hubei Province(2004d349) the Project of the 15th Overall Plan of Social ScienceFund of Hubei Province([2005]073)
文摘According to the requirement of computer forensic and network forensic, a novel forensic computing model is presented, which exploits XML/OEM/RM data model, Data fusion technology, forensic knowledgebase, inference mechanism of expert system and evidence mining engine. This model takes advantage of flexility and openness, so it can be widely used in mining evidence.
