Suneeta Satpathy - Big Data Analytics and Computing for Digital Forensic Investigations

First edition published 2020

by CRC Press

6000 Broken Sound Parkway NW, Suite 300, Boca Raton, FL 33487-2742

and by CRC Press

2 Park Square, Milton Park, Abingdon, Oxon, OX14 4RN

2020 Taylor & Francis Group, LLC

CRC Press is an imprint of Taylor & Francis Group, LLC

Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use. The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained. If any copyright material has not been acknowledged please write and let us know so we may rectify in any future reprint.

Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced, transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying, microfilming, and recording, or in any information storage or retrieval system, without written permission from the publishers.

For permission to photocopy or use material electronically from this work, access

Trademark notice: Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation without intent to infringe.

ISBN: 978-0-367-45678-8 (hbk)

ISBN: 978-1-003-02474-3 (ebk)

Typeset in Minion Pro

by codeMantra

Visit the Taylor & Francis Web site at

http://www.taylorandfrancis.com

and the CRC Press Web site at

http://www.crcpress.com

D IGITAL FORENSICS AND ITS investigation have contemplated an archetype swing from a customary cellar access to an incorporated access in compilation, broadcasting and scrutiny of prearranged and shapeless information on the whole digital podium fortification and information safety. Nowadays, computer frauds and cybercrime have turn out to be a challenging task due to outsized quantity of data entry, inadequate crime examination modus operandi, rising dimension of data and cargo room capacity for digital examination. The theatrical exponential intensification of computer frauds and cybercrimes has gradually prolonged the research work in the field of digital forensics. Forensics has always been concerned with criminal cases, civil litigation and organization-initiated internal investigations. However, digital forensic investigation of computer frauds and cybercrimes differs from the normal crime investigation, in which the data in the form of 0s and 1s becomes digital evidence.

Digital evidence is of corroborative in nature in the virtual world of 0s and 1s. The fragile scenery of the digital evidence in the virtual world demonstrates its worth and examination from the digital investigation, thereby leading to the fact that finding the source of crime is well-thought-out domain of discourse in the digital forensic neighborhood. Due to storing data to drive organizational strategy, the exponential growth of big data systems over and over again identifies sales, health care sectors, academics domain and many different modes of electronic communication. Since digital investigation dispenses a huge quantity of hesitant information to diminish its qualms in the uncovering process, the forecaster has to assess a bulk of data brought together from diverse origins and unified databases. The forensic assessment of such statistics is palpable; if the records are worthy to an organization, then the information is precious to an investigation of that organization.

Digital forensics and its investigation involving big data require assortment and scrutiny of capacious heterogeneous data and its fine-tuning, filtration and broadcasting that can supplement the on-hand forensics corpse of knowledge and forensic investigative tools and techniques to handle the enormous, dispersed systems. Existing digital forensics investigational tools and well-defined models look for the evidence in mobile devices, stand-alone systems and laptops to gather and analyze unstructured data (e.g., email and document files). The digital investigation of any seized digital drive data demands the calculation of a MD5 or SHA-1 checksum. But with the challenges of big data, it is becoming insufficient to only let somebody to use traditional forensics tools. So the substitute methods for accumulating and examining such capacious data are the call for the hour.

Since digital forensics investigation is a data exhaustive examination and revelation, For improved investigation and uncovering, there is a need for these records to be synchronized and incorporated along with the fusion, correlation, aggregation and apparition practices for demonstrating a huge quantity of data straightaway by integrating valuable data from a variety of resources and assortment of crime uncovering criterion (e.g., menace types, invader actions and intention, consequences of the menace on resources). Integrated visualization of information distribution bars and rules, and revelation of behavior and broad analysis and charts allow investigating agencies to examine disparate regulations and facts at diverse echelon, among any breed of incongruity.

Big data is a paradigm shift in how data is stored and managed, and the same is true for digital forensic investigations of big data. There are many digital investigation models and approaches being developed to capture the digital evidence, but still its timely and accurate recovery, detection, aggregation, correlation and presentation are a distant dream. The field of digital forensics is large and continues to develop; in addition to their constant growth, big data machineries show the way to modify the apparatus and technologies employed for digital forensic explorations. Much work has been done to model digital investigation and to provide digital evidence, but a comprehensive correlated and aggregated merging of big data coming from different heterogeneous sources along with timely and accurate detection and analysis is the need of the hour. A fundamental understanding of digital forensics and its branches are important to examine the process and methods used in investigating digital information. Big data computing and digital forensics book will give the entire spectrum of digital forensics, its investigational tools, big data analytics and its involvement in digital forensics investigation.

T HE EDITORS WOULD LIKE to congratulate and thank all the authors for contributing their chapters, Dr. M.S. Rao, Mr. Sarat Chandra Satpathy, Dr. Sateesh Kumar Pradhan, Mr. Prasanta Parichha, Dr. Subhendu Kumar Pani, Dr. Bhagirathi Nayak, Mr. Ranjan Ganguli, Dr. Satyasundara Mahapatra, Mr. Chandrakant Mallick, Dr. Shweta Shankhwar, Ms. Anasuya Swain and Ms. Pallavi Mishra.

The editors would also like to extend a special thanks to Dr. Sarika Jain, Professor, Department of MCA, NIT, Kurukshetra, for her constant support of generating the turnitin report.

We would also like to thank the subject matter experts who could find their time to review the chapters and deliver those in time.

Finally, a ton of thanks to all the team members of CRC press for their dedicated support and help in publishing this edited book.