Towards Fully Automated Digital Alibis with Social Interaction

Digital traces found on local hard drives as a result of online activities have become very valuable in reconstructing events in digital forensic investigations. This paper demonstrates that forged alibis can be created for online activities and social interactions. In particular, a novel, automated framework is presented that uses social interactions to create false digital alibis. The framework simulates user activity and supports communications via email as well as instant messaging using a chatbot. The framework is evaluated by extracting forensic artifacts and comparing them with the results obtained from a human user study.

[1]  Brian D. Carrier,et al.  File System Forensic Analysis , 2005 .

[2]  Andrew Hoog,et al.  iPhone and iOS Forensics: Investigation, Analysis and Mobile Security for Apple iPhone, iPad and iOS Devices , 2011 .

[3]  Simson L. Garfinkel,et al.  Digital forensics research: The next 10 years , 2010, Digit. Investig..

[4]  Andrew Hoog Android forensics : investigation, analysis, and mobile security for Google Android / Andrew Hoog ; John McCash, technical editor. , 2011 .

[5]  Tom Killalea,et al.  Guidelines for Evidence Collection and Archiving , 2002, RFC.

[6]  Giuseppe Cattaneo,et al.  Automated Construction of a False Digital Alibi , 2011, ARES.

[7]  Edgar R. Weippl,et al.  Social snapshots: digital forensics for online social networks , 2011, ACSAC '11.

[8]  Florian P. Buchholz,et al.  Design and Implementation of Zeitline: a Forensic Timeline Editor , 2005, DFRWS.

[9]  A Min Tjoa,et al.  Availability, Reliability and Security for Business, Enterprise and Health Information Systems - IFIP WG 8.4/8.9 International Cross Domain Conference and Workshop, ARES 2011, Vienna, Austria, August 22-26, 2011. Proceedings , 2011, ARES.

[10]  Giuseppe Cattaneo,et al.  The Forensic Analysis of a False Digital Alibi , 2012, 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.

[11]  Giuseppe Cattaneo,et al.  Automatic, Selective and Secure Deletion of Digital Evidence , 2011, 2011 International Conference on Broadband and Wireless Computing, Communication and Applications.

[12]  Giuseppe Cattaneo,et al.  How to Forge a Digital Alibi on Mac OS X , 2012, CD-ARES.

[13]  Martin Boldt,et al.  Computer forensic timeline visualization tool , 2009 .

[14]  Giuseppe Cattaneo,et al.  On the Construction of a False Digital Alibi on the Android OS , 2011, 2011 Third International Conference on Intelligent Networking and Collaborative Systems.

[15]  Simson L. Garfinkel,et al.  Digital media triage with bulk data analysis and bulk_extractor , 2013, Comput. Secur..