DETECTION OF CYBER-CRIMES VIA DIGITAL FORENSIC ARTIFACTS: AN IN-DEPTH ANALYSIS
Keywords:
Artifacts, Cyber-crimes, Digital Forensics, InvestigationsAbstract
Memory forensics has emerged as a pivotal aspect of digital forensics in the cybersecurity domain, particularly in light of the increasing prevalence of fileless malware that operates exclusively within a system’s RAM. This paper delves into the intricacies of memory forensics, highlighting the challenges and stages involved in the investigation process. The challenges discussed encompass the complexities of acquiring data from secure operating systems, ensuring the integrity of memory snapshots, and the inherently volatile nature of memory. The investigation stages outlined include identifying rogue processes, detecting anomalies, examining network artifacts, and conducting thorough investigations of RAM dumps. The findings underscore the critical role of memory forensics in unveiling evidence that remains elusive in traditional disk-based forensics, such as encrypted data and traces of fileless malware. The paper underscores the necessity for ongoing research and development in memory forensics to keep pace with the evolving tactics of cybercriminals and to refine the tools and techniques utilized in digital investigations. Recommendations for future research encompass the development of more sophisticated memory acquisition methods, the application of machine learning and artificial
References
RAND Corporation. Technological developments and the future of cybercrime. Available from: https:// www.rand.org/randeurope/research/projects/ technological-developments-cybercrime.
World Economic Forum. How cyber security is evolving with cyber-crime attacks. Available from: https://www.weforum.org/agenda/2021/11/cyber security-evolving-cyber-crime-attacks/
World Economic Forum. Fraud and cybercrime are the most common crimes committed against businesses. Available from: https://www.weforum.org/agenda/ 2022/07/fraud-cybercrime-financial-business/
NIST Publishes Review of Digital Forensic Methods | NIST. Available from: https://www.nist.gov/news events/news/2022/05/nist-publishes-review-digital forensic-methods
Best Practices Every Digital Forensics Expert Should Follow | Packetlabs. Available from: https:// www.packetlabs.net/best-practices-every-digital forensics-expert-should-follow/
Cybercrime Module 4 Key Issues: Standards and best practices for digital forensics | UNODC. Available from: https://www.unodc.org/e4j/en/cybercrime/module-4/ key-issues/standards-and-best-practices-for-digital forensics.html
National Institute of Justice. Digital Evidence and Forensics. Available from: https://nij.ojp.gov/topics/ articles/digital-evidence-and-forensics
Egyptian Journal of Forensic Sciences. Electronic evidence and its authenticity in forensic evidence. Available from: https://ejfs.springeropen.com/articles/ 10.1186/s41935-021-00222-
Qubes OS: A reasonably secure operating system. Available from: https://www.qubes-os.org/
Qubes, Whonix, or Tails: which Linux distro should you use for anonymity? Available from: https:// www.comparitech.com/blog/information-security/ qubes-whonix-tails-linux-distro-anonymity/
10 Most Secure Operating Systems. Available from: https://secureblitz.com/most-secure-operating systems/
Top 5 Secure Operating Systems for Privacy and Anonymity. Available from: https://www.stationx.net/ secure-operating-systems/
Forensics Colleges. A Guide to Digital Forensics and Cybersecurity Tools. Available from: https:// www.forensicscolleges.com/blog/resources/digital forensics-cybersecurity-tools
Cyber Insight. Forensic Analysis Tools: Comparing FTK and Autopsy. Available from: https:// cyberinsight.co/forensic-analysis-tools-comparing ftk-and-autopsy/
Autopsy. Digital Forensics. Available from: https:// www.autopsy.com/
Belkasoft. Belkasoft RAM Capturer: Volatile Memory Acquisition Tool. Available from: https:// belkasoft.com/ram-capturer
Infosec. Top 7 Computer Forensics Tools for Digital Evidence Collection. Available from: https://
resources.infosecinstitute.com/topic/top-7-computer forensics-tools-digital-evidence-collection/ 18. Magnet Forensics. Digital Forensics Tools: The Ultimate Guide (2022). Available from: https:// www.magnetforensics.com/blog/digital-forensics tools-the-ultimate-guide/
Nyholm H, Monteith K, Lyles S, Gallegos M, DeSantis M, Donaldson J, Taylor C. The Evolution of Volatile
Memory Forensics. J Cybersecur Priv. 2022;2(3):556- 572. doi: 10.3390/jcp2030028. Available from: https:// www.mdpi.com/2504-2289/2/3/28
Messina G. Computer Forensics: Memory Forensics. Infosec. 2019 Jul 6. Available from: https:// resources.infosecinstitute.com/topic/computer forensics-memory-forensics/