数字调查涵盖了全计算机世界与犯罪和安全有关的一系列广泛主题。本出版物的主要支柱是数字证据,具有出处、完整性和真实性的核心品质。这一广泛引用的出版物促进了将数字证据用于法律目的的创新和进步,包括刑事司法、事件应对、网络犯罪分析、网络风险管理、民事和监管事务以及隐私保护。相关研究领域包括法医学、计算机科学、数据科学、人工智能和智能技术。调查机构和法医实验室、计算机安全小组、从业者、研究人员、开发人员以及来自工业、执法、政府、学术界和军方的律师都使用本杂志来分享他们的知识和经验,包括在以下领域中的当前挑战和经验教训:研究与发展:法医学、计算机科学、数据科学和人工智能领域的新研究与发展,应用于数字证据和多媒体。应对数字调查挑战的新方法,包括分析数字证据和多媒体、利用特定技术以及准备和应对计算机安全事件的应用研究。网络犯罪调查:开发在线调查和分析金融动机网络犯罪的新方法,如银行特洛伊木马、网络钓鱼、勒索软件和其他形式的网络欺诈。此外,研究涉及对等支付和加密货币的未来犯罪活动。网络风险管理:改进使用数字证据解决涉及信息系统的安全漏洞的方法、查找零日攻击的方法和执行网络威胁情报。数字调查的技术和结果对于得出事故后的结论是至关重要的,这些结论是安全政策制定过程中至关重要的反馈组成部分,也是管理风险偏好的重要组成部分。案例说明:简要的调查案例研究,包括数字证据在数字调查、法医分析和事件响应中的应用实例。案例说明还可以描述从业者在网络犯罪和计算机安全方面面临的当前挑战,突出需要进一步研究、开发或立法的领域。案例记录的格式简单而简短:案例背景、任何技术或法律挑战、涉及的数字证据、使用的过程和/或工具以及结果(例如,解决方案、障碍、研发需求)。请检查以下示例以了解首选案例说明格式:https://www.sciencedirect.com/science/article/pii/s1742287618301713。科学实践:加强数字调查的科学基础和严谨性的新方法,以及增加涉及数字证据的过程、分析方法、结果和结论的可靠性和信心。有效实践:评估数字调查新实践并提出处理和处理数字证据的有效方法的研究。调查论文:讨论与数字调查相关的当前方法和未来需求,包括从计算机、智能技术、手机、内存、恶意软件、网络流量以及支持企业、电信和卫星的系统分析数字证据和多媒体。此外,分析数字证据和多媒体的先进方法,包括人工智能和数据分析的新应用。应用分析:从数字法医学的角度分析移动设备和计算机应用的新方法。分析可能包括配置和日志数据、网络遥测和云存储、活动内存工件以及受损和滥用应用程序的迹象。建议的方法应该超越应用程序的单一版本,推广到多个平台(Android、iOS)上的应用程序的多个版本或应用程序的一般类别(例如社交网络)。此外,在这方面的强大工作将扩展现有开源工具的功能,或提供新的开源工具。还有一些有趣的方法可以对法医软件进行验证和质量保证,这些方法必须经常更新以支持新的应用程序。此类论文应围绕数字调查中常见的调查性问题进行组织,重点关注用户及其活动,而不仅仅是技术要素。工具审查:评估和比较用于保存、调查、检查、分析或呈现数字证据和多媒体的专用软件和硬件,加深我们对特定工具的理解,并强调任何必要的增强。未来的挑战:分析新技术、漏洞和漏洞,这些新技术、漏洞和漏洞可能为犯罪和/或计算机安全事件创造机会,但需要进一步的工作,以确定如何调查它们的使用以及它们可能创造的证据机会。注册报告:对方法进行批判性评估,并对结果的可靠性、统计能力和再现性进行评估的研究。这样的报告可以包括测试和实验结果都是阴性的,而不仅仅是阳性的。法律分析和更新:法律专家对最近涉及数字证据、法医应用和计算机安全风险管理、相关法律发展、隐私问题和立法限制的案件的评论进行了仔细考虑。证据可访问性:探索从受保护的来源(如DRM、加密流量、加密存储和锁定的专有设备)获取数字证据的安全、公平和可行方法,同时考虑个人隐私和道德方面。
Digital Investigation covers a broad array of subjects related to crime and security throughout the computerized world. The primary pillar of this publication is digital evidence, with the core qualities of provenance, integrity and authenticity.This widely referenced publication promotes innovations and advances in utilizing digital evidence for legal purposes, including criminal justice, incident response, cybercrime analysis, cyber-risk management, civil and regulatory matters, and privacy protection. Relevant research areas include forensic science, computer science, data science, artificial intelligence, and smart technology.This journal is used by investigative agencies and forensic laboratories, computer security teams, practitioners, researchers, developers, and lawyers from industry, law enforcement, government, academia, and the military to share their knowledge and experiences, including current challenges and lessons learned in the following areas:Research and development: Novel research and development in forensic science, computer science, data science, and artificial intelligence applied to digital evidence and multimedia. New methods to deal with challenges in digital investigations, including applied research into analysing digital evidence and multimedia, exploiting specific technologies, and into preparing for and responding to computer security incidents.Cyber-criminal investigation: develop new methods of online investigation and analysis of financially motivated cyber-crime such as banking Trojans, phishing, ransomware and other forms of cyber-fraud. In addition, researching future criminal activity involving peer-to-peer payments and crypto currencies.Cyber-risk management: Improved ways of using digital evidence to address security breaches involving information systems, methods to find zero day attacks and to perform cyber threat intelligence. The techniques and findings of digital investigations are essential in drawing post-incident conclusions, which are vital feedback components of the security policy development process, and managing risk appetite.Case Notes: Brief investigative case studies with practical examples of how digital evidence is being used in digital investigations, forensic analysis, and incident response. Case Notes can also describe current challenges that practitioners are facing in cybercrime and computer security, highlighting areas that require further research, development or legislation. The format for Case Notes is simple and short: case background, any technical or legal challenges, the digital evidence involved, processes and/or tools used, and outcomes (e.g., solutions, barriers, need for R&D). Please check the following example for preferred Case Note format: https://www.sciencedirect.com/science/article/pii/S1742287618301713.Scientific practices: Novel approaches to strengthening the scientific foundation and rigor of digital investigations, and to increasing the reliability of and confidence in processes, analysis methods, results, and conclusions involving digital evidence.Effective practices: Studies that assess new practices in digital investigations and propose effective approaches to handling and processing digital evidence.Survey papers: Discussion of current methods and future needs relevant to digital investigations, including analysing digital evidence and multimedia from computers, smart technology, mobile phones, memory, malware, network traffic, as well as systems that support enterprises, telecommunications, and satellites. In addition, advanced approaches to analysing digital evidence and multimedia, including novel applications of artificial intelligence and data analytics.Application analysis: Novel approaches to analysing applications on mobile devices and computers from a digital forensic perspective. Analysis may include configuration and log data, network telemetry and cloud storage, live memory artifacts, and indications of compromised and abused applications. Proposed methods should go beyond a single version of an application and be generalized to multiple versions of an application, or a general category of applications (e.g. social networking), on multiple platforms (Android, iOS). In addition, strong work in this area will extend the functionality of an existing open source tool, or provide a new open source tool. Also of interest are approaches to performing validation and quality assurance of forensic software that must be updated frequently to support new applications. Such papers should be structured around investigative questions that are commonly encountered in digital investigations, concentrating on the users and their activities rather than only on technical elements.Tool reviews: Evaluation and comparison of specialized software and hardware used to preserve, survey, examine, analyse or present digital evidence and multimedia, deepening our understanding of specific tools, and highlight any needed enhancements.Future challenges: Analysis of new technologies, vulnerabilities and exploits which may create opportunities for criminality and/or computer security incidents, but which require further work in order to determine how their use can be investigated and the evidential opportunities they may create.Registered reports: Studies that assess methods critically, and evaluating the reliability, statistical power, and reproducibility of results. Such reports can include tests and experiments with negative results, not just positive.Legal analysis and updates: Carefully considered commentary by legal experts on recent cases involving digital evidence, forensic applications and computer security risk management, relevant legal developments, privacy issues, and legislative limitations.Evidence accessibility: exploring safe, fair, and feasible methods of acquiring digital evidence from protected sources such as DRM, encrypted traffic, encrypted storage, and locked proprietary devices, while taking individual privacy and ethical aspects into consideration.
SCI热门推荐期刊 >
SCI常见问题 >
职称论文常见问题 >
EI常见问题 >