Produktbild: Handbook of Digital Forensics of Multimedia Data and Devices

Handbook of Digital Forensics of Multimedia Data and Devices

Aus der Reihe Wiley - IEEE

236,99 €

inkl. gesetzl. MwSt., Versandkostenfrei


Beschreibung

Produktdetails

Einband

Gebundene Ausgabe

Erscheinungsdatum

28.09.2015

Herausgeber

Anthony T. S. Ho + weitere

Verlag

John Wiley & Sons

Seitenzahl

698

Maße (L/B/H)

25/17,5/4,2 cm

Gewicht

1369 g

Auflage

1. Auflage

Sprache

Englisch

ISBN

978-1-118-64050-0

Beschreibung

Produktdetails

Einband

Gebundene Ausgabe

Erscheinungsdatum

28.09.2015

Herausgeber

Verlag

John Wiley & Sons

Seitenzahl

698

Maße (L/B/H)

25/17,5/4,2 cm

Gewicht

1369 g

Auflage

1. Auflage

Sprache

Englisch

ISBN

978-1-118-64050-0

Kundinnen und Kunden meinen

0 Bewertungen

Informationen zu Bewertungen

Zur Abgabe einer Bewertung ist eine Anmeldung im Konto notwendig. Die Authentizität der Bewertungen wird von uns nicht überprüft. Wir behalten uns vor, Bewertungstexte, die unseren Richtlinien widersprechen, entsprechend zu kürzen oder zu löschen.

Die Bewertungen sind nach Format, Anzahl Sterne und Datum sortiert.

Verfassen Sie die erste Bewertung zu diesem Artikel

Helfen Sie anderen Kund*innen durch Ihre Meinung

Kundinnen und Kunden meinen

0 Bewertungen filtern

Die Leseprobe wird geladen.
  • Produktbild: Handbook of Digital Forensics of Multimedia Data and Devices
  • List of Contributors

    Foreword

    Preface

    Acknowledgements

    PART ONE MULTIMEDIA EVIDENCE HANDLING

    1 Digital Forensics Laboratories in Operation: How Are Multimedia

    Data and Devices Handled?

    1.1 Introduction

    1.2 Digital and Electronics Forensic Service, Metropolitan Police

    Service, UK

    1.2.1 Background: Metropolitan Police Service

    1.2.2 Digital and Electronics Forensic Service

    1.2.3 AV Lab: Operational and Procedural Aspects

    1.2.4 Selected Forensic Techniques Used by AV Lab

    1.2.5 Acknowledgements

    1.3 Digital Forensics Team (Including Affiliated AV Team), Surrey

    Police, UK

    1.3.1 Background: Surrey Police

    1.3.2 Structure of Surrey Police's Digital Forensics Team and AV

    Team

    1.3.3 Training and Certification

    1.3.4 Standard Procedure

    1.3.5 Routine Tasks Involving Multimedia Data and Devices

    1.3.6 Submission Formats

    1.3.7 Triage

    1.3.8 Software and Hardware Tools Used for Handling

    Multimedia Data

    1.3.9 Cases Involving Encryption and Child Pornography

    1.3.10 Cases Involving Source Device Identification

    1.3.11 Challenges

    1.3.12 Acknowledgements

    1.4 Shanghai Stars Digital Forensic Centre, Third Research Institute of

    China's Ministry of Public Security

    1.4.1 Background: Third Research Institute of China's Ministry

    of Public Security

    1.4.2 Background: Related Legislations and Regulations

    1.4.3 Overview of SSDFC

    1.4.4 Services Provided

    1.4.5 Procedure

    1.4.6 Workload and Typical Cases

    1.4.7 Software and Hardware Tools Used

    1.4.8 Challenges

    1.4.9 Acknowledgements

    1.5 Discussions

    1.6 Summary

    1.A Appendix: Questionnaires for Interviewing Surrey Police

    and Shanghai Stars Digital Forensic Centre

    References

    2 Standards and Best Practices in Digital and Multimedia Forensics

    2.1 Introduction

    2.2 Overview

    2.2.1 ISO Standards

    2.2.2 Other International/Regional Standards and Guides

    2.2.3 US Standards and Best Practice Guides

    2.2.4 UK Standards and Best Practice Guides

    2.3 Electronic Evidence and Digital Forensics

    2.3.1 International Standards

    2.3.2 National Standards

    2.3.3 Best Practice Guides

    2.3.4 US Guides

    2.3.5 European Guides

    2.4 Multimedia Evidence and Multimedia Forensics

    2.4.1 ASTM E2825-12 'Standard Guide for Forensic Digital

    Image Processing' (2012)

    2.4.2 US SWGs (Scientific Working Groups)

    2.4.3 ENFSI Working Groups

    2.4.4 UK Law Enforcement

    2.5 Digital Forensics Laboratory Accreditation

    2.5.1 International Standards

    2.6 General Quality Assurance (Management)

    2.6.1 ISO 9001:2008 'Quality Management Systems -

    Requirements

    2.6.2 ISO/IEC 27001:2005 'Information Security Management

    Systems - Requirements

    2.6.3 ISO/IEC 27002:2013 'Code of Practice for Information

    Security Controls'

    2.7 Training, Education and Certification on Digital and Multimedia

    Forensics

    2.7.1 Standards and Best Practice Guides

    2.7.2 Certification, Training and Educational Programs

    2.8 Conclusions

    References

    3 A Machine Learning-Based Approach to Digital Triage

    3.1 Introduction

    3.1.1 Chapter Outline

    3.2 Related Work on Digital Triage

    3.2.1 Triage in the Medical Field

    3.2.2 Early Digital Triage Models

    3.2.3 Machine Learning-Based Digital Triage

    3.2.4 Other Multimedia Source Classification Techniques

    3.3 A Machine Learning-Based Digital Triage Framework

    3.3.1 Machine Learning Terminology

    3.3.2 The framework in Detail

    3.3.3 Collection-Data Extraction

    3.3.4 Processing-Feature Extraction, Dataset Creation and

    Processing Algorithms

    3.3.5 Presentation

    3.3.6 Model validation

    3.4 A Child Pornography Exchange Case Study

    3.4.1 Definition of Child Pornography Exchange

    3.4.2 Child Pornography Exchange-State Vector

    3.4.3 Data Corpus

    3.4.4 Learning from Available Data

    3.4.5 Experiment Setup, Results and Discussion

    3.5 Conclusion

    3.6 Challenges and Future Directions for the Digital

    Forensics Community

    References

    4 Forensic Authentication of Digital Audio and Video Files

    4.1 Introduction

    4.2 Examination Requests and Submitted Evidence

    4.2.1 Examination Requests

    4.2.2 Submitted Evidence

    4.2.3 Digital Recording Devices

    4.2.4 Digital File Formats

    4.3 Laboratory Space

    4.4 Laboratory Software and Equipment

    4.4.1 High-Speed Computers, Computer Peripherals, Media

    Readers/Writers, Hardware/Software Write Blockers,

    Professional Headphones, Amplifiers, Cables and

    Connectors

    4.4.2 Proprietary Audio and Video Playback Software

    4.4.3 Digital Data Imaging and Analysis Software

    4.4.4 High-Resolution Audio Waveform Analysis Software

    4.4.5 FFT Analysers and Software

    4.4.6 Spectrographic Analysis Software

    4.4.7 Scientific Computing Software

    4.4.8 Professional Audio and Non-linear Video Editing

    and Playback Software

    4.4.9 Media Conversion/Transcoding Software

    4.4.10 Professional Image Measurement and Processing Software

    4.5 Audio/Video Authentication Examinations

    4.5.1 Overview of Examinations

    4.5.2 Hashing and Imaging

    4.5.3 Playback and Conversion Optimization

    4.5.4 Digital Data Analysis

    4.5.5 Audio Analyses

    4.5.6 Video Analyses

    4.6 Preparation of Work Notes and Laboratory Reports

    4.7 Expert Testimony

    4.8 Case Examples

    4.8.1 Case Example Number 1

    4.8.2 Case Example Number 2

    4.9 Discussion

    References

    PART TWO DIGITAL EVIDENCE EXTRACTION

    5 Photogrammetry in Digital Forensics

    5.1 Introduction

    5.1.1 Lens Distortion

    5.2 Different Methods

    5.2.1 Projective Geometry or Orthorectification

    5.2.2 Space Resection and Multi-image Photogrammetry

    5.2.3 Reverse Projection

    5.3 Measurement Uncertainty

    5.3.1 Difficulties in Creating Reference Recordings

    5.4 Case Studies

    5.4.1 Height Measurement

    5.4.2 Speed Measurement

    5.4.3 Determining the Absolute Position of an Object

    5.5 3D Modelling/Scenario Testing

    5.6 Summary

    References

    6 Advanced Multimedia File Carving

    6.1 Introduction

    6.2 Digtal Data Storage

    6.2.1 Storage Devices

    6.2.2 Logical Data Organization

    6.2.3 Forensic Data Investigation

    6.3 File Carving of Binary Data

    6.4 Multimedia Data Structures

    6.4.1 Digital Images

    6.4.2 Audio Data

    6.4.3 Video Data

    6.5 File Carving of Multimedia Data

    6.5.1 Image File Carving

    6.5.2 Audio File Carving

    6.5.3 Video File Carving

    6.5.4 Special Considerations for Multimedia

    6.6 Content Identification

    6.6.1 Cryptographic Hashing

    6.6.2 Fuzzy Hashing

    6.6.3 Perceptual Hashing

    6.6.4 Searching and Indexing of Hashes

    6.7 File Carving Frameworks

    6.7.1 Current Practice and Existing Solutions

    6.7.2 Framework Requirements

    6.7.3 An Example Framework

    6.7.4 Case Study

    6.8 Conclusions

    References

    7 On Forensic Use of Biometrics

    7.1 Introduction

    7.2 Biometrics Performance Metrics

    7.3 Face: The Natural Means for Human Recognition

    7.3.1 Forensic Face Recognition

    7.3.2 Automatic Face Recognition Techniques

    7.3.3 Challenges and Trends of Face Recognition

    7.3.4 Summary

    7.4 Ears as a Means of Forensic Identification

    7.4.1 Earprints in Forensics

    7.4.2 From Earprints to Ear Images

    7.4.3 Ear Morphology Features

    7.4.4 Summary

    7.5 Conclusions

    References

    8 Multimedia Analytics for Image Collection Forensics

    8.1 Introduction

    8.2 Data and Tasks

    8.3 Multimedia Analysis

    8.4 Visual Analytics Processes

    8.5 ChronoBrowser

    8.5.1 Visualizations

    8.5.2 Visual Analytics Processes

    8.6 MediaTable

    8.6.1 Visualizations

    8.6.2 Visual Analytics Processes

    8.7 An Example Scenario

    8.8 Future Outlook

    References

    PART THREE MULTIMEDIA DEVICE AND SOURCE FORENSICS

    9 Forensic Camera Model Identification

    9.1 Introduction

    9.2 Forensic Source Identification

    9.2.1 Identification Granularity

    9.2.2 Intra- and Inter-Class Similarity, Feature Space

    Representation

    9.2.3 Digital Camera Acquisition Characteristics

    9.3 Digital Camera Model Identification

    9.4 Benchmarking Camera Model Identification Algorithms

    9.4.1 A Dataset Template for Camera Model Identification

    Research

    9.4.2 The Dresden Image Database

    9.4.3 Benchmarking Procedure

    9.5 Model-Specific Characteristics of Digital Camera Components

    9.5.1 Compression Parameters, Metadata, and File Format

    9.5.2 Lens Distortion

    9.5.3 CFA and Demosaicing

    9.5.4 Camera Response Function

    9.5.5 Summary and Limitations

    9.6 Black Box Camera Model Identification

    9.6.1 General-Purpose Image Descriptors

    9.6.2 Dresden Image Database Case Study: Closed-Set Camera

    Model Identification

    9.6.3 Summary

    9.7 Camera Model Identification in Open Sets

    9.7.1 Dresden Image Database Case Study: One-Class SVM

    9.7.2 Summary and Outlook

    9.8 Model-Specific Characteristics in Device-Level Identification

    9.9 Open Challenges Towards Practical Applications

    References

    10 Printer and Scanner Forensics

    10.1 Introduction

    10.1.1 Comparison with Digital Image Forensics

    10.1.2 Document Lifecycle

    10.2 Printer Forensics

    10.2.1 Working Principles of Laser Printers and Inkjet Printers

    10.2.2 Flowchart of Printer Forensics

    10.2.3 Laser Printer Forensics

    10.2.4 Inkjet Printer Forensics

    10.3 Scanner Forensics

    10.3.1 Flowchart of Scanner Forensics

    10.3.2 Sensor Noise

    10.3.3 Dust and Scratches

    10.4 Photocopier Identification

    10.4.1 Contact Between Printer and photocopier

    10.4.2 Character Signature

    10.5 Forgery Detection for Printed and Scanned Documents

    10.5.1 Flowchart of Forgery Detection

    10.5.2 Forgery Detection for Printed Documents

    10.5.3 Forgery Detection for Scanned Documents

    10.6 Sample Algorithms with Case Studies

    10.6.1 Printer Identification

    10.6.2 Scanner Identification

    10.6.3 Document Forgery Detection

    10.7 Open Problems and Challenges

    10.8 Conclusions

    References

    11 Microphone Forensics

    11.1 Introduction

    11.2 Pattern Recognition for Microphone Forensics

    11.2.1 Pattern Recognition and Its Sub-Disciplines

    11.2.2 State-of-the-Art in Pattern Recognition-Based

    Microphone Forensics

    11.3 Guidelines for Microphone Registratio

    11.4 Case Studies

    11.4.1 Investigation Tasks

    11.4.2 Implementation of the Statistical Pattern

    Recognition Pipeline

    11.4.3 Evaluation Setups

    11.4.4 Evaluation Results

    11.5 Chapter Summary

    References

    12 Forensic Identification of Printed Documents

    12.1 Introduction

    12.1.1 Hardware Considerations

    12.1.2 Performance Characterization

    12.2 Special Materials

    12.3 Substrate Forensics

    12.3.1 FiberFingerprint

    12.3.2 Laser Speckle

    12.3.3 Substrate Scanning

    12.3.4 PaperSpeckle

    12.3.5 Practical Considerations

    12.4 Print Forensics

    12.4.1 Authenticating Printed Glyphs

    12.4.2 Model Based Authentication

    12.4.3 Authenticating Printed Halftones

    12.4.4 Authenticating Data-Bearing Halftones

    12.5 Real World Example: Currency Protection

    12.6 Summary and Ecosystem Considerations

    References

    PART FOUR MULTIMEDIA CONTENT FORENSICS

    13 Digital Image Forensics with Statistical Analysis

    13.1 Introduction

    13.1.1 Digital Image Forensics

    13.1.2 Background

    13.2 Detecting Region Duplication

    13.2.1 Problem Definition

    13.2.2 Related Works

    13.2.3 Proposed Method

    13.2.4 Performance Analysis

    13.3 Exposing Splicing Forgery

    13.3.1 Problem Definition

    13.3.2 Related Works

    13.3.3 Proposed Method

    13.3.4 Performance Analysis

    13.4 Case Studies

    13.4.1 Region Duplication Forgeries

    13.4.2 Splicing Forgeries

    13.5 Other Applications

    13.5.1 Detecting Audio Splicing

    13.5.2 Exposing Video Forgery

    13.6 Summary

    References

    14 Camera-Based Image Forgery Detection

    14.1 Introduction

    14.2 Camera Structure

    14.2.1 Optics

    14.2.2 Sensors

    14.2.3 Image Processing Pipeline

    14.3 Camera-Based Forgery Detection Methods

    14.3.1 Optics-Based Forgery Detection

    14.3.2 Sensors-Based Forgery Detection

    14.3.3 Image Processing Pipeline-Based Forgery Detection

    14.4 Forgery Detection Based on PFA: A Case Study

    14.4.1 Forgery Detection Based on PFA

    14.4.2 Algorithm

    14.4.3 Test Results

    14.4.4 Discussion

    14.5 Conclusion

    References

    15 Image and Video Processing History Recovery

    15.1 Introduction

    15.2 Coding Artifacts

    15.2.1 JPEG Compression

    15.2.2 Double JPEG Compression

    15.2.3 Video Compression

    15.2.4 Video Re-encoding

    15.3 Editing Artifacts

    15.3.1 Resampling

    15.3.2 Image Enhancement

    15.4 Estimation of Processing Parameters

    15.4.1 Estimation of Coding Parameters

    15.4.2 Estimation of Editing Parameters

    15.4.3 Artifact Localization

    15.5 Case Studies

    15.5.1 Localization of Forgeries in JPEG Images

    15.5.2 Localization of Forgeries in MPEG-2 Videos

    15.6 Conclusions

    References

    16 Anti-Forensics of Multimedia Data and Countermeasures

    16.1 Introduction

    16.2 Anti-forensic Approaches Proposed in the Literature

    16.2.1 Anti-forensics of Acquisition Fingerprints

    16.2.2 Anti-forensic of Compression Fingerprints

    16.2.3 Anti-forensic of Editing Fingerprints

    16.3 Case Study: JPEG Image Forensics

    16.3.1 JPEG Compression and JPEG Compression Footprints

    16.3.2 JPEG Compression Anti-forensics

    16.3.3 Analysis of Anti-forensic Dithering

    16.3.4 Countering JPEG Compression Anti-forensics

    16.4 Trade-off between Forensics and Anti-forensics

    16.4.1 Performance Analysis of Anti-forensics

    16.4.2 Interplay between Forger and Forensic Analyst Using

    Game Theory

    16.5 Conclusions

    References

    Index