Introduction
With the meteoric rise in the use of information and communication technologies by almost every individual in modern societies, an increase in cyber/digital nefarious activities was expected to follow.
Commonly encountered issues nowadays are hacking using malware, blackmailing using ransomware, digital manipulation of images, and biometric data such as the face, voice, or digital fingerprints of the users. Digital forensics is comprised of the techniques, the methods, and even the software tools that aim to identify or prevent the aforementioned issues.
Digital Forensics. Image Credit: Microgen/Shutterstock.com
The Effect of Social Media
Social media has advertently aided in the spread of misinformation (fake news) via the depiction of entirely altered images or by image tampering, which is the partial intentional modification of an image. To battle this ongoing problem active and passive image forgery detection methods have been developed. Active methods require information regarding the original image. Watermarking is an active method that is employed to provide authenticated multimedia content.
Watermarking focuses on robustness, security, capacity, and invisibility of an image and is based on the spatial domain which uses the LSB and spread spectrum (SS). Bamatraf et al. demonstrated an algorithm that combines LSB and the inverse bit. The proposed algorithm was tested using the peak signal-to-noise ratio (PSNR) and then compared with traditional LSB, yielding favorable results. Watermarks can also be implemented using the frequency domain. The four most common techniques are DWT, DCT, DFT, and singular value decomposition.
Passive methods take advantage of the intrinsic information of images without the need for additional information. An example of a passive method would be the source camera identification technique. The acquisition of an image by its corresponding digital camera leaves evidence in the image which can be traced by the aforementioned technique. Under the umbrella term of source camera identification techniques, it has been found that the most popular ones are the photo response non-uniformity, the feature extraction, and finally the camera response function.
Smart Cities and Digital Security
A smart city (i.e. London, Dubai) facilitates efficient data gathering of its habitants which is used to improve the diverse operations that occur within the city. Smart cities aim for smooth and seamless communication between the users and the devices, however, the biometric data (voice, face) acquired by these devices could potentially be used or appropriated for nefarious purposes. There have been cases reported where synthetically generated biometric data has been used to impersonate multiple identities or other cases where defamation of individuals occurred by the use of face-swapping with no obvious visual artifacts.
Digital forensics is employed in this kind of case to address three questions: What is the origin of a video/image? Has the video/image been modified? Can the relationship between visually similar images be deduced? For this task, multimedia phylogeny can be used. Multimedia phylogeny is the process of deciphering the multiple alterations a video/image has been subjected to.
When a single video or image is modified numerous times, this will result in a great number of near duplicates that may be uploaded on the internet. The best way to proceed when using this method is to deduce the original image and then determine the relationships between these near duplicates.
Digital Forensics | Davin Teo | TEDxHongKongSalon
Reliability of Digital Forensic Tools
As is the case with the already established crime scene forensics, digital forensics must produce accurate, reliable, and reproducible results so that can be deemed admissible in a court of law. For this reason, the tools used to gather digital evidence must be transparent and should have the ability to be subjected to scrutiny, to confirm their reliability to generate valid digital evidence.
Currently, however, there is no specific international standard for digital forensic tools. Some countries have adopted ISO 17025 which was initially created for testing and calibration laboratories. ISO 1725 stipulates that a laboratory shall have access to equipment (that includes software too) ‘’that is required for the correct performance of laboratory activities and that can influence the results’’.
Nevertheless, these digital tools remain a gray area, and their verification is still far from being considered a trivial task. Wu et al. in their review researched the Computer Forensics Tool Testing catalog database, which is a database for academically peer-reviewed digital forensic tools, and found out that none of them are admissible for actual casework/forensic use. That finding, however, does not undermine their suitability for digital forensic investigations.
A Way Forward
Digital forensics is a relatively new domain; therefore there is still a lot of room to improve their efficacy, which will, in turn, lead to admissibility in a court of law. The freely available tools should come with detailed documentation describing their use and should follow a standardized format.
Tool quality, maintainability, and reliability should also be tested by a unified set of guidelines. This might mean requiring stricter coding standards and allowing only specific repository locations for all digital forensic tools.
Sources:
- Wu et al. Digital forensic tools: Recent advances and enhancing the status quo, Forensic Science International: Digital Investigation 2020
- Ross et al. Security in smart cities: A brief review of digital forensic schemes for biometric data, Pattern Recognition Letters 2020
- Ferreira et al. A review of digital image forensics, Computers and Electrical Engineering 2020
- Van Beek et al. Digital forensics as a service: Stepping up the game, Forensic Science International: Digital Investigation 2020
Further Reading