Computer forensic

Effective Approaches to Malware Detection in Online Social Networks (Based on the title, this doesn’t seem like a paper on digital forensics. It looks like a paper on security scanning.)

Introduction

(In a short research paper, do not provide a generic introduction. For example, stating that “Social media use has increased in recent years” is so general that it does not help your paper. Provide an introduction to your research topic and move into the details.) Social media use has increased in recent years. The term social media is used to refer to the communication platforms that enhance the use of community-based communal interactions, collaboration, and content-sharing. Social media has changed the way people experience life and relate with each other. The increase in the use of social media has led to an increase in the data being generated. As a result, serious cybercrimes are developing, and malicious activities are growing on these platforms. Cyberpunk implements different tactics (Tactics for what?) to aim at users of internet community (Aslan & Samet, 2020). These forms of misuse of social media using mobile devices allow cybercriminals to utilize the services for malicious purposes and to disseminate confidential information. A survey by The Office for National Statistics estimates 3.6 million fraud cases and more than two million cases of computer misuse offenses every year (Fakiha, 2020). Most of these crimes are committed, with the main motivation being financial gain. Cybercrime activities are also committed to damage the victims' reputation and loss of integrity and availability of data. Social media has been used to ensure that malicious attacks are committed. The criminal behaviors and evidence of crimes are all found on social media sites. Many crimes have been associated to social media in this digital age. Through interactive social media platforms, offenders can engage in illicit practices, including fraud, cyberstalking, and cyberbullying. (Ok…so there is malicious activity occurring within social media platforms. I did not see the digital forensics topic.)

Digital forensics agencies, especially dDigital forensics investigators, need to take advantage of social media platforms to enhance security and as a means of surveillance. (As a means of survelliance?) Using digital forensic tools and techniques enhances the review of the information on social media. (OSINT is not digital forensics.) Monitoring and analyzing criminal activities on social media need digital forensics officers to understand the key player in these crimes. (This appears to be focused on monitoring of activity. This isn’t really digital forensics. I hope you are going to talk about the preservation and analysis issues.) Thus, in the last few years, online social networks have increased in society and the nations. Facebook has over 1.5 billion users, with 272 million in Europe, 346 million in Latin America and Africa, and 198 million in Canada and the United States (Arshad et al., 2019). It means that there is excessive use of the OSNs makes them attractive for the cybercriminals to perform their digital crimes, which include child pornography, grooming, and harassment. At the same time, due to the widespread use of the OSNs and the diversity of digital devices, digital forensics investigators seek help to solve and prevent the crimes associated with the OSNs, collection of evidence, and the identification of the criminals and their locations. The examination of the activities of the users in OSNs is an important link to determine the missing information about a person linked to a particular crime. However, digital Digital forensics investigators face significant problems due to a lack of consistency and legal framework supporting the investigations of the OSNs. (This seems like it is more of a paper on law enforcement’s ability to search OSNs to perform surveillance.)

OSNs and Digital Forensics Investigation of Crimes

The OSNs is suitable to identify the individuals' links, making it easier for the investigators to investigate crime. Using Social Network Analysis assists in investigating different forms of crime and identifying the involved parties where malware is involved (Chan et al., 2019). Organized crime groups, fraud rings, and accidents are examples of some crimes that can cause malware (They can “cause malware?” That wording is off. Do you mean they can use malware?) and using OSN suitable to investigate it.

Organized Crime Groups

The social network digital forensics analysis can provide the investigative bodies about the gangs and give information such as the gang members, their victims, reach, activities, and their impact on society as well as how the introduced the malware into the network. The network analysis enables the investigators to identify the key individuals for their targeting and distinguish the core gang members from the peripheral members.

Fraud Rings

The fraud rings are a group of people who use digital platforms to spread malware and fraudulently acquire and move their money. The fraudsters work to defraud companies and individuals using different tricks. The mapping of the network operations and linking the claims to groups can help digital forensics investigators quickly move forward with their investigations. (So you’re talking about performing a link analysis which is what is performed by law enforcement and members of the intelligence community? Is that a standard investigation or is it a digital forensic investigation.)

Accidents Investigations

Using social network analysis is an effective way of facilitating digital forensics investigations of suspicious accidents caused by malware. (I do not follow this. Suspicious accidents caused by malware. I do not know what you mean. Are you talking insurance fraud?) It enables the digital forensics officers to visualize and identify the claimants. The pre-planned or staged accidents are increasing, and it is important to ensure sufficient evidence in convicting these crimes (Iqbal et al., 2019). The investigative bodies are concerned about researching the involved parties in social media to identify the incidents of frauds and link crimes to actions. (It sounds like you are listing the types of crimes being perpetrated. Where is the application of digital forensics?)

Crimes Committed using OSNs

The OSN is a resource for information, and criminals can use it to commit different crimes. Social media is a conducive platform for criminal activities because it is hard to define criminal activities (Kaur et al., 2018). Thus, social media is a major platform for propagating malware. Social media also serves as a source of information for the criminals who use it to commit traditional crimes such as domestic violence, kidnapping, and burglary. The aggressive patterns in social media have also exposed them for use in bigger forms of crime such as terrorism and organized crimes. The crimes committed using social media include classical and digital crimes. (If you’re moving into malware, go to that direction. It seems like you are talking about various crimes. You state that they use malware and now you are going back to talk about the various crimes again.)

Classical Crimes

The classical crimes are those that are committed using the traditional known approaches. (What is a “traditional known approach?”) People use social media to update sensitive information such as their current location and the time they will be away from home. It is also a norm for one to give information on social media on the activities they will be conducting. From this information, the criminals such as thieves can introduce malware and use it to facilitate digitally based crimes. According to Yang et al. (2018), 78% of burglars target specific assets, and 74% of the Google Street View is important in providing information for home burglars. Thus, OSNs increase the number of classical crimes by providing more information.

Digital Crimes

Digital crimes are those that are committed using online platforms. There are several illegal activities in the OSNs, including illegal access, an interception by technical means when it comes to transmissions in digital devices, and social engineering crimes. With the growth in online platforms, there has been an increase in online credit card fraud, cyber threats, and cyber frauds. The digital crimes on OSNs are cyber-based and social engineering approaches that helps in committing and perpetrating crimes. (We are on to page 6/7 and I haven’t seen the digital forensic elment to the paper yet.)

Forensic Tools Aiding in digital Forensics and OSNs Analysis

The investigative officers and the companies behind the OSNs have a confidential duty to ensure that they protect people's privacy. It is these privacy aspects that have become a barrier and an obstacle to the enhancement of OSNs and crime investigations. In an act to prevent a crime, the digital forensics officers should deal with the incidents involving the OSNs. The investigative officers use different software and tools to collect and analyze the data. Digital forensics investigations can be private, national, or global, dealing with aspects of kidnapping, rape, or murder. The major challenges the investigating officers face are the tools to use in collecting and analyzing data from the OSNs to enhance the process of solving the crime. Examining people's activities helps to determine their feelings when they post and share information on OSNs. Suzor et al. (2019) explained that the photos of an individual could indicate their happiness or comments expressing some form of problems. (Is the interpretation of these photos forensically sound? Is it something that meets the Daubert and Frye standards for digital forensic examiners? It doesn’t seem like it.) Thus, visualization and geographically presenting the users' activities are some tools used during OSNs' digital forensics investigations. (This doesn’t seem like digital forensics to me. It seems that you are stating that law enforcement and private investigators can perform an analysis of online activity to generate investigative leads perhaps. The tie to digital forensics is tenuous.)

OSNs' Role in Legal Proceedings

The OSNs provide an unrestricted source of information on the potential suspects and the victim profiles. The acquisition and mining of the information can be in real-time. The changes in the scope of crimes have made it necessary to have serious digital forensics crimes investigations consider examining the digital devices of both victims and the suspects. The use of data available in these devices is to find the traces and the history of digital activities that can shed more light on the crime. OSNs evidence during criminal cases is common (Cordeiro et al., 2018). (What is that evidence? How is it legally obtained? How is it preserved? How is it analyzed from a forensic perspective?) The prosecution and the defense lawyers use the information to enhance the quality of the evidence. However, the dDefense lawyers can seek to subpoena the social media companies when accessing the protected social media data. The advancement of rights and the protection of individuals have provided a hiding place for the offenders to continue their offenses.

Authentication of Evidence and Privacy Issues

The authentication of the evidence acquired from the OSNs presents a major challenge. Criminals can make fake profiles and disguise under another personality. Such acts are in themselves criminal since they add up to identity theft. The criminals are also able to acquire data using password theft or hacking. Therefore, the admissibility of the evidence acquired from the OSNs depends on whether the investigating officers can prove and authenticate such evidence's authorship. The authentication deals with issues of preservation of the evidence and the assurance that there was no form of tampering (Vo et al., 2020). (I’m having a tough time following this.) Therefore, even though the OSNs present a huge amount of data that can be used as evidence in resolving crimes, there is a gap in the extent to which they can go due to the lack of effective policies and the complexity of the online platforms.

Anti-forensic Techniques in Evidence Analysis

The acquisition of evidence in the OSNs faces several technical challenges. (I haven’t seen how you showed how it is forensically collected.) Using anti-forensic techniques involves using the approaches that the criminals use in hiding the evidence or distracting the investigative process. Fakiha. (2020) explained that using encryption can hide evidence, covert channeling, storage space data hiding (What is this?) , and residual data wiping. The encryption process refers to where storage of data in an illegible form, and only those with the decryption keys can access it. The problem with these techniques is that the investigative bodies cannot acquire valuable information to enable the prosecution to continue the court processes. The decoding of the encrypted files is a tedious and time-consuming one.

In some cases, it is impossible to decode it, which makes the efforts of the investigative bodies futile. Using steganography (So you’re stating the bad actors are using steganography to store content online. Where and how is this being done? Do you have any supporting evidence?) is a method of protecting data to ensure its confidentiality. The document's Digital Forensic and Information Security must be known to reveal the hidden documents and extract them. Thus, using these methods ensures that data is hiding of data across networks and bypassing intrusions. Once data is not easily accessible, it causes complexities to the digital forensics investigations and hence becomes almost impossible to retrieve the data.

Residual wiping of data is a major approach used by criminals to erase the traces of the manipulations they perform in the systems. Trail obstruction and attacks against the tools used in digital forensic investigations ensure that the DFIs cannot find any form of evidence. The criminals use trail obstruction to mislead the DFIs and ensure the investigative process is ineffective. Vo et al. (2020) explained that one of the common methods used by criminals is defragmentation, where they break evidence into parts and store it in different storage spaces. The DFIs must work to reorganize the files and ensure that they bring together a comprehensive report which is a difficult and time-consuming process. The criminals can also modify the metadata to mislead the DFIs. The modifications result in the misalignment of the operating procedure of information in the systems, making the evidence disorderly and difficult to follow. The greatest problem is that the criminals launch denial of service attacks against the investigative tools that the investigators use. These include compression bombs, zipped file bombs, and regular expression (v et al., 2020). These attacks are meant to destroy the reliability of the collected evidence or destroy it.

Challenges of using OSNs in Digital Forensics Crime Investigation

There are several challenges to using OSNs in digital forensics crime investigations. One of the problems is the legal challenges. The investigators find problems in their processes due to a lack of universal guidelines regarding the OSNs and investigations. There is an increase in the use of social media, but there is a lack of a unifying legal framework for the different jurisdictions (Albladi & Weir, 2018). The ambiguity in the form of a lack of policies has led to the cybercriminals targeting their attacks on jurisdictions with inadequate legal frameworks. There are also resource challenges that face the investigative bodies. Technological advancements are a major challenge to the performance of the investigators. Cybercriminals have access to tools and techniques that help them to dodge digital forensics investigations. The OSNs experience massive data that is prone to assessment during investigations. The DFIs must identify the most relevant data and use the relevant tools to combat the activities of the criminals. However, the resources are few, which limits the process's execution.

Conclusion

The use of social media evidence is a powerful tool and asset to use during digital forensics. The crimes committed on social media need to be resolved using data from social platforms. There is need for legalities and ethics to ensure proper maintenance of evidence using critical approaches. It is important to have a good means of associating information to suite investigator’s use.

The heterogeneity in the OSNs can be overcome by developing efficient and innovative forensics tools. The DFIs need to enhance their performance by using the best and most effective digital forensics investigation tools because the criminals are using all methods to obstruct investigations. Using methods such as machine learning can enhance the process of acquiring data and enhancing data analysis to enhance visibility into the investigations.

References