The Art of Piecewise Hashing: A Step Toward Better Evidence Provability

Authors

  • Aswin Gopalakrishnan TIFAC-CORE in Cyber Security, Amrita School of Engineering, Amrita Vishwa Vidyapeetham, Coimbatore, India
  • Emanuele Vineti Vrije University, the Netherlands
  • Ashok Kumar Mohan TIFAC-CORE in Cyber Security, Amrita School of Engineering, Amrita Vishwa Vidyapeetham, Coimbatore, India
  • M. Sethumadhavan TIFAC-CORE in Cyber Security, Amrita School of Engineering, Amrita Vishwa Vidyapeetham, Coimbatore, India

DOI:

https://doi.org/10.13052/2245-1439.719

Keywords:

Hashing, Piecewise, Acquisition, Certificate, admissibility, Litigation, Artifact, Corruption, Validation, Authenticity, Memory-block

Abstract

The integrity of digital evidence is believed to be the paramount trait in the world of cyber forensics. Cybercrime investigators face myriad challenges in the process similar to accommodating the call for bulk digital evidence. In due course extraction of useful information while maintaining the integrity and absolute protection against data degradation is mandatory. In this manuscript, we propose a novel approach by applying cryptographic hashing technique to only selected significant portions of the digital evidence, so even if the overall hash does not match, investigators could still verify the integrity of those critical sections of the evidence.We put forward two notions in this manuscript; former is heterogeneous piecewise hashing which is a flexible version of the piecewise hashing strategy, and latter is a novel evidence certification strategy which formalizes evidence provability process completely.

 

Downloads

Download data is not yet available.

Author Biographies

Aswin Gopalakrishnan, TIFAC-CORE in Cyber Security, Amrita School of Engineering, Amrita Vishwa Vidyapeetham, Coimbatore, India

Aswin Gopalakrishnan received M.Sc. Computer System Security from Vrije University, the Netherlands, and M.Tech in Cyber Security from Amrita Vishwa Vidyapeetham, India. He is currently functioning as a security analyst in Secura, a cyber security organization based out of the Netherlands. He aspires to practice, acquire and improve his skills as a security information analyst. His specialty lies in safeguarding computers and networks by establishing and enforcing system access controls, maintaining disaster preparedness, developing a framework for checks and levels of access while recommending improvements. He is also familiar with the full spectrum of project management skills backed by complete Software Development Life Cycle (SDLC) and IT service delivery expertise.

Emanuele Vineti, Vrije University, the Netherlands

Emanuele Vineti from 2012 was following his Bachelor degree in Computer Science at the University of Modena, Italy. In 2015 he moved to the Netherlands in the University of Groningen for a research project on a power grid optimization. Later that year he achieved his Bachelor degree with a distinction. In 2016, he began his M.Sc studies in Computer Science with the core track in computer system security. From January 2018 he is working on his Master Thesis research at the Vrije University of Amsterdam.

Ashok Kumar Mohan, TIFAC-CORE in Cyber Security, Amrita School of Engineering, Amrita Vishwa Vidyapeetham, Coimbatore, India

Ashok Kumar Mohan, M.Tech specialized in Cyber Security, is a Research Associate at TIFAC-CORE in Cyber Security, Amrita Vishwa Vidyapeetham, Coimbatore, Tamil Nadu, India. He is currently a PhD scholar doing his research in the area of Cyber Forensics funded by Ministry of Electronics & Information Technology (Government of India) under Visvesvaraya PhD scheme for Electronics and IT. He is currently pursuing his research over the cyber security core vicinity in Metadata Forensics, Wireless Security Auditing, Rumor Prediction in Social Media Networks and Slack Space Analysis of NTFS File Systems. He is also the Certified EC-Council Instructor (CEI) for ethical hacking and penetration testing certification courses at the research centre.

M. Sethumadhavan, TIFAC-CORE in Cyber Security, Amrita School of Engineering, Amrita Vishwa Vidyapeetham, Coimbatore, India

M. Sethumadhavan received his PhD from Calicut Regional Engineering College. Currently, he is a Professor of Mathematics and Computer Science, Amrita Vishwa Vidyapeetham, Coimbatore. His research interest include Cryptography and other solutions for Cyber Security

References

Winter, C., Schneider, M., and Yannikos, Y. (2013). F2S2: Fast forensic similarity search through indexing piecewise hash signatures. Digital Investigation, 10(4), 361–371.

Chen, L., and Wang, G. (2008). An efficient piecewise hashing method for computer forensics. In First International Workshop on Knowledge Discovery and Data Mining, WKDD, 635–638.

Nickel, C., Zhou, X., and Busch, C. (2009). Template protection via piecewise hashing. In Fifth International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIH-MSP’09, 1056–1060.

Jose, J., Pande, K. S., and Murty, N. S. (2015). A memory architecture using linear and nonlinear feedback shift registers for data security. In IEEE International Conference on Computational Intelligence and Computing Research (ICCIC), 1–5.

Breitinger, F., Baier, H., and Beckingham, J. (2012). Security and implementation analysis of the similarity digest sdhash. In First international baltic conference on network security & forensics (nesefo).

Mohan, A. K., and Kumar, T. G. (2015). Secure Seed-Based Sturdy OTP via Convenient Carry-on Device. In Artificial Intelligence and Evolutionary Algorithms in Engineering System, 447–455. Springer, New Delhi.

Jason Jordaan, Digital Forensics and Corruption (2013).

Electronic CSI, A Guide for First Responders, 2nd edition, National Institute of Justice (2008).

Electronic CSI, A Guide for First Responders, 2nd edition, National Institute of Justice (2008).

Reys, A., and Wiles, J. (2007). Cyber Crime and Digital Forensics, 401.

Kumar, K., Sofat, S., Jain, S. K., and Aggarwal, N. (2012). SIGNIFICANCE of hash value generation in digital forensic: A case study. International Journal of Engineering Research and Development. Available at: http://www. ijerd. com/paper/vol2-issue5 I, 2056470

Harbour, and Dcfidd. (2002). Defense Computer Forensics Lab.

Kornblum, J. (2006). Identifying almost identical files using context triggered piecewise hashing. Digital investigation, 3, 91–97.

Martínez, V. G., Álvarez, F. H., and Encinas, L. H. (2014). State of the art in similarity preserving hashing functions. In Proceedings of the International Conference on Security and Management (SAM) 1. The Steering Committee of The World Congress in Computer Science, Computer Engineering and Applied Computing (WorldComp).

Andreeva, E., Mennink, B., and Preneel, B. (2015). Open problems in hash function security. Designs, Codes and Cryptography, 77(2–3), 611–631.

DFRWS 2001 USA, A Road Map for Digital Forensic Research (2004).

George Reis, Digital Image Integrity (2004).

Che-Yen Wen, Kun-Ta Yang, (2006). Image authentication for digital image evidence.

Shanmugam, K. (2011). Validating digital forensic evidence (Doctoral dissertation, Brunel University School of Engineering and Design PhD Theses).

Solomon, M. G., Rudolph, K., Tittel, E., Broom, N., and Barrett, D. (2011). Computer forensics jumpstart. John Wiley & Sons.

Ernesto Dal, Martin A. Rossi, Electronic Forensics Education Needs of Law Enforcement (2004).

Armstrong, H., and Russo, P. (2006). Corruption and Inefficiency, Theory and Evidence from Electrical Utilities.

Gordon E. Pelton, Computer Evidence Destroyed (2004).

Imsand, E. S., and Hamilton, J. A. (2004). Auburn University, Digital Battlefield Forensics.

Lázaro, P. G. C. (2004). Forensic computing from a computer security perspective.

Edmond, G. (2014). Contextual bias and cross-contamination in the forensic sciences the corrosive implications for investigations.

Khanna, H. (2017). Digital spectrographic cross-correlation: tests of sensitivity.

Hua, G., Bi, G., and Thing, V. L. (2017). On Practical Issues of ENF Based Audio Forensics.

Rasmussen, J. O. (2015). Ensuring end-to-end protection of video integrity.

Courtesy of serre-lab.clps.brown.edu Available at: http://serre-lab.clps.brown.edu/wp-contentuploads/2012/08/example-medium-quali.jpg

Timothy, A., Dunton, An Introduction to Time Waveform Analysis, Available at: http://reliabilityweb.com/articles/entry/anintroductiontotimewaveformanalysis

Zeltser, L. Hex-Editors, Available at: https://digital-forensics.sans.org/blog/2010/09/29/hex-editors-for-malware-analysis

Phil Manchester, Authenticity and Integrity of Audio Evidences, Available at: http://www.soundonsound.com/techniques/introduction-forensic-audiotop

Deloitte, Preserving Evidence of Cyber Crime, Available at: http://deloitte.wsj.com/cio/2014/12/03/computer-forensics-preserving-evidence-of-cyber-crime/

ASG Group, Computer Forensics and Spoliation of Evidence, Available at: https://asginvestigations.com/attorney-services/spoliation-of-evidence/

Gubanov, Y.Digital Evidence Types, Available at: https://www.forensicmag.com/article/2012/05/retrieving-digital-evidence-methods-techniques-and-issues-part-1

Edward John Primeau, Wav Components, Available at: http://www.audioforensicexpert.com/tag/audio-evidence/

Dawate, Sound Wave Components, Available at: hhttps://blogs.msdn.microsoft.com/dawate/2009/06/23/intro-to-audio-programming-part-2-demystifying-the-wav-format/

Downloads

Published

2018-01-05

How to Cite

1.
Gopalakrishnan A, Vineti E, Mohan AK, Sethumadhavan M. The Art of Piecewise Hashing: A Step Toward Better Evidence Provability. JCSANDM [Internet]. 2018 Jan. 5 [cited 2024 Nov. 22];7(1-2):109-30. Available from: https://journals.riverpublishers.com/index.php/JCSANDM/article/view/5283

Issue

2018: Vol 7 Iss 1-2

Section

Articles