Atjaunināt sīkdatņu piekrišanu

E-grāmata: Handbook of Digital Forensics of Multimedia Data and Devices

Edited by , Edited by
  • Formāts: PDF+DRM
  • Sērija : IEEE Press
  • Izdošanas datums: 24-Jul-2015
  • Izdevniecība: Wiley-IEEE Press
  • Valoda: eng
  • ISBN-13: 9781118705780
Citas grāmatas par šo tēmu:
  • Formāts - PDF+DRM
  • Cena: 158,16 €*
  • * ši ir gala cena, t.i., netiek piemērotas nekādas papildus atlaides
  • Ielikt grozā
  • Pievienot vēlmju sarakstam
  • Šī e-grāmata paredzēta tikai personīgai lietošanai. E-grāmatas nav iespējams atgriezt un nauda par iegādātajām e-grāmatām netiek atmaksāta.
  • Bibliotēkām
Handbook of Digital Forensics of Multimedia Data and DevicesPalielināt
  • Formāts: PDF+DRM
  • Sērija : IEEE Press
  • Izdošanas datums: 24-Jul-2015
  • Izdevniecība: Wiley-IEEE Press
  • Valoda: eng
  • ISBN-13: 9781118705780
Citas grāmatas par šo tēmu:

DRM restrictions

  • Kopēšana (kopēt/ievietot):

    nav atļauts

  • Drukāšana:

    nav atļauts

  • Lietošana:

    Digitālo tiesību pārvaldība (Digital Rights Management (DRM))
    Izdevējs ir piegādājis šo grāmatu šifrētā veidā, kas nozīmē, ka jums ir jāinstalē bezmaksas programmatūra, lai to atbloķētu un lasītu. Lai lasītu šo e-grāmatu, jums ir jāizveido Adobe ID. Vairāk informācijas šeit. E-grāmatu var lasīt un lejupielādēt līdz 6 ierīcēm (vienam lietotājam ar vienu un to pašu Adobe ID).

    Nepieciešamā programmatūra
    Lai lasītu šo e-grāmatu mobilajā ierīcē (tālrunī vai planšetdatorā), jums būs jāinstalē šī bezmaksas lietotne: PocketBook Reader (iOS / Android)

    Lai lejupielādētu un lasītu šo e-grāmatu datorā vai Mac datorā, jums ir nepieciešamid Adobe Digital Editions (šī ir bezmaksas lietotne, kas īpaši izstrādāta e-grāmatām. Tā nav tas pats, kas Adobe Reader, kas, iespējams, jau ir jūsu datorā.)

    Jūs nevarat lasīt šo e-grāmatu, izmantojot Amazon Kindle.

Digital forensics and multimedia forensics are rapidly growing disciplines whereby electronic information is extracted and interpreted for use in a court of law. These two fields are finding increasing importance in law enforcement and the investigation of cybercrime as the ubiquity of personal computing and the internet becomes ever-more apparent. Digital forensics involves investigating computer systems and digital artefacts in general, while multimedia forensics is a sub-topic of digital forensics focusing on evidence extracted from both normal computer systems and special multimedia devices, such as digital cameras.

This book focuses on the interface between digital forensics and multimedia forensics, bringing two closely related fields of forensic expertise together to identify and understand the current state-of-the-art in digital forensic investigation. Both fields are expertly attended to by contributions from researchers and forensic practitioners specializing in diverse topics such as forensic authentication, forensic triage, forensic photogrammetry, biometric forensics, multimedia device identification, and image forgery detection among many others.

Key features:





Brings digital and multimedia forensics together with contributions from academia, law enforcement, and the digital forensics industry for extensive coverage of all the major aspects of digital forensics of multimedia data and devices Provides comprehensive and authoritative coverage of digital forensics of multimedia data and devices Offers not only explanations of techniques but also real-world and simulated case studies to illustrate how digital and multimedia forensics techniques work Includes a companion website hosting continually updated supplementary materials ranging from extended and updated coverage of standards to best practice guides, test datasets and more case studies
List of Contributors
xvii
Foreword xix
Preface xxi
Acknowledgements xxvii
PART ONE MULTIMEDIA EVIDENCE HANDLING
1 Digital Forensics Laboratories in Operation: How Are Multimedia Data and Devices Handled?
3(35)
1.1 Introduction
3(1)
1.2 Digital and Electronics Forensic Service, Metropolitan Police Service, UK
4(13)
1.2.1 Background: Metropolitan Police Service
5(1)
1.2.2 Digital and Electronics Forensic Service
5(1)
1.2.3 AV Lab: Operational and Procedural Aspects
6(8)
7.2.4 Selected Forensic Techniques Used by AV Lab
14(3)
1.2.5 Acknowledgements
17(1)
1.3 Digital Forensics Team (Including Affiliated AV Team), Surrey Police, UK
17(6)
1.3.1 Background: Surrey Police
17(1)
1.3.2 Structure of Surrey Police's Digital Forensics Team and AV Team
18(1)
1.3.3 Training and Certification
19(1)
1.3.4 Standard Procedure
19(1)
1.3.5 Routine Tasks Involving Multimedia Data and Devices
20(1)
1.3.6 Submission Formats
20(1)
1.3.7 Triage
21(1)
1.3.8 Software and Hardware Tools Used for Handling Multimedia Data
21(1)
1.3.9 Cases Involving Encryption and Child Pornography
22(1)
1.3.10 Cases Involving Source Device Identification
22(1)
1.3.11 Challenges
22(1)
1.3.12 Acknowledgements
23(1)
1.4 Shanghai Stars Digital Forensic Centre, Third Research Institute of China's Ministry of Public Security
23(5)
1.4.1 Background: Third Research Institute of China 's Ministry of Public Security
23(1)
1.4.2 Background: Related Legislations and Regulations
24(1)
1.4.3 Overview of SSDFC
24(1)
1.4.4 Services Provided
25(1)
1.4.5 Procedure
25(1)
1.4.6 Workload and Typical Cases
26(1)
1.4.7 Software and Hardware Tools Used
26(1)
1.4.8 Challenges
27(1)
1.4.9 Acknowledgements
28(1)
1.5 Discussions
28(4)
1.6 Summary
32(6)
1.A Appendix: Questionnaires for Interviewing Surrey Police and Shanghai Stars Digital Forensic Centre
32(2)
References
34(4)
2 Standards and Best Practices in Digital and Multimedia Forensics
38(56)
2.1 Introduction
38(1)
2.2 Overview
39(9)
2.2.1 ISO Standards
42(1)
2.2.2 Other International/Regional Standards and Guides
43(1)
2.2.3 US Standards and Best Practice Guides
43(4)
2.2.4 UK Standards and Best Practice Guides
47(1)
2.3 Electronic Evidence and Digital Forensics
48(22)
2.3.1 International Standards
48(4)
2.3.2 National Standards
52(2)
2.3.3 Best Practice Guides
54(1)
2.3.4 US Guides
55(11)
2.3.5 European Guides
66(4)
2.4 Multimedia Evidence and Multimedia Forensics
70(7)
2.4.1 ASTM E2825-12 `Standard Guide for Forensic Digital Image Processing' (2012)
70(1)
2.4.2 US SWGs (Scientific Working Groups)
70(5)
2.4.3 ENFS1 Working Groups
75(1)
2.4.4 UK Law Enforcement
75(2)
2.5 Digital Forensics Laboratory Accreditation
77(2)
2.5.1 International Standards
77(2)
2.6 General Quality Assurance (Management)
79(2)
2.6.1 ISO 9001:2008 `Quality Management Systems --Requirements'
80(1)
2.6.2 ISO/IEC 27001:2005 `Information Security Management Systems -- Requirements'
80(1)
2.6.3 ISO/IEC 27002:2013 `Code of Practice for Information Security Controls'
80(1)
2.7 Training, Education and Certification on Digital and Multimedia Forensics
81(3)
2.7.1 Standards and Best Practice Guides
81(3)
2.7.2 Certification, Training and Educational Programs
84(1)
2.8 Conclusions
84(10)
Acknowledgements
86(1)
References
86(8)
3 A Machine Learning-Based Approach to Digital Triage
94(39)
3.1 Introduction
94(2)
3.1.1
Chapter Outline
96(1)
3.2 Related Work on Digital Triage
96(4)
3.2.1 Triage in the Medical Field
96(1)
3.2.2 Early Digital Triage Models
97(1)
3.2.3 Machine Learning-Based Digital Triage
98(2)
3.2.4 Other Multimedia Source Classification Techniques
100(1)
3.3 A Machine Learning-Based Digital Triage Framework
100(10)
3.3.1 Machine Learning Terminology
101(1)
3.3.2 The framework in Detail
102(1)
3.3.3 Collection-Data Extraction
103(1)
3.3.4 Processing-Feature Extraction, Dataset Creation and Processing Algorithms
104(3)
3.3.5 Presentation
107(1)
3.3.6 Model validation
107(3)
3.4 A Child Pornography Exchange Case Study
110(18)
3.4.1 Definition of Child Pornography Exchange
110(1)
3.4.2 Child Pornography Exchange-State Vector
111(4)
3.4.3 Data Corpus
115(1)
3.4.4 Learning from Available Data
116(7)
3.4.5 Experiment Setup, Results and Discussion
123(5)
3.5 Conclusion
128(1)
3.6 Challenges and Future Directions for the Digital Forensics Community
128(5)
Acknowledgements
130(1)
References
130(3)
4 Forensic Authentication of Digital Audio and Video Files
133(52)
4.1 Introduction
133(1)
4.2 Examination Requests and Submitted Evidence
134(4)
4.2.1 Examination Requests
134(1)
4.2.2 Submitted Evidence
135(1)
4.2.3 Digital Recording Devices
136(1)
4.2.4 Digital File Formats
137(1)
4.3 Laboratory Space
138(1)
4.4 Laboratory Software and Equipment
138(9)
4.4.1 High-Speed Computers, Computer Peripherals, Media Readers/Writers, Hardware/Software Write Blockers, Professional Headphones, Amplifiers, Cables and Connectors
139(1)
4.4.2 Proprietary Audio and Video Playback Software
140(1)
4.4.3 Digital Data Imaging and Analysis Software
141(1)
4.4.4 High-Resolution Audio Waveform Analysis Software
142(1)
4.4.5 FFT Analyzers and Software
143(2)
4.4.6 Spectrographs Analysis Software
145(1)
4.4.7 Scientific Computing Software
146(1)
4.4.8 Professional Audio and Non-linear Video Editing and Playback Software
146(1)
4.4.9 Media Conversion/Transcoding Software
147(1)
4.4.10 Professional Image Measurement and Processing Software
147(1)
4.5 Audio/Video Authentication Examinations
147(24)
4.5.1 Overview of Examinations
147(3)
4.5.2 Hashing and Imaging
150(1)
4.5.3 Playback and Conversion Optimization
150(2)
4.5.4 Dig ital Data Ana lysis
152(4)
4.5.5 Audio Analyses
156(11)
4.5.6 Video Analyses
167(4)
4.6 Preparation of Work Notes and Laboratory Reports
171(1)
4.7 Expert Testimony
172(1)
4.8 Case Examples
173(4)
4.8.1 Case Example Number 1
173(2)
4.8.2 Case Example Number 2
175(2)
4.9 Discussion
177(8)
References
178(7)
PART TWO DIGITAL EVIDENCE EXTRACTION
5 Photogrammetry in Digital Forensics
185(34)
5.1 Introduction
185
5.1.1 Lens Distortion
187
5.2 Different Methods
88(106)
5.2.1 Projective Geometry or Orthorectification
188(3)
5.2.2 Space Resection and Multi-image Photogrammetry
191(1)
5.2.3 Reverse Projection
192(2)
5.3 Measurement Uncertainty
194(1)
5.3.1 Difficulties in Creating Reference Recordings
195(1)
5.4 Case Studies
195(17)
5.4.1 Height Measurement
196(6)
5.4.2 Speed Measurement
202(6)
5.4.3 Determining the Absolute Position of an Object
208(4)
5.5 3D Modelling/Scenario Testing
212(5)
5.6 Summary
217(2)
References
217(2)
6 Advanced Multimedia File Carving
219(51)
6.1 Introduction
219(1)
6.2 Digtal Data Storage
220(5)
6.2.1 Storage Devices
221(2)
6.2.2 Logical Data Organization
223(2)
6.2.3 Forensic Data Investigation
225(1)
6.3 File Carving of Binary Data
225(1)
6.4 Multimedia Data Structures
226(6)
6.4.1 Digital Images
227(2)
6.4.2 Audio Data
229(2)
6.4.3 Video Data
231(1)
6.5 File Carving of Multimedia Data
232(409)
6.5.1 Image File Carving
232(1)
6.5.2 Audio File Carving
233(2)
6.5.3 Video File Carving
235(3)
6.5.4 Special Considerations for Multimedia
238(403)
6.6 Content Identification
641
6.6.1 Cryptographic Hashing
243(2)
6.6.2 Fuzzy Hashing
245(1)
6.6.3 Perceptual Hashing
246(5)
6.6.4 Searching and Indexing of Hashes
251(2)
6.7 File Carving Frameworks
253(11)
6.7.1 Current Practice and Existing Solutions
254(1)
6.7.2 Framework Requirements
254(1)
6.7.3 An Example Framework
255(7)
6.7.4 Case Study
262(2)
6.8 Conclusions
264(6)
Acknowledgements
265(1)
References
265(5)
7 On Forensic Use of Biometrics
270(35)
7.1 Introduction
270(3)
7.2 Biometrics Performance Metrics
273(1)
7.3 Face: The Natural Means for Human Recognition
274(9)
7.3.1 Forensic Face Recognition
275(3)
7.3.2 Automatic Face Recognition Techniques
278(1)
7.3.3 Challenges and Trends of Face Recognition
279(3)
7.3.4 Summary
282(1)
7.4 Ears as a Means of Forensic Identification
283(16)
7.4.1 Earprints in Forensics
285(5)
7.4.2 From Earprints to Ear Images
290(4)
7.4.3 Ear Morphology Features
294(4)
7.4.4 Summary
298(1)
7.5 Conclusions
299(6)
References
299(6)
8 Multimedia Analytics for Image Collection Forensics
305(26)
8.1 Introduction
305(3)
8.2 Data and Tasks
308(1)
8.3 Multimedia Analysis
309(3)
8.4 Visual Analytics Processes
312(1)
8.5 ChronoBrowser
313(7)
8.5.1 Visualizations
313(6)
8.5.2 Visual Analytics Processes
319(1)
8.6 MediaTable
320(3)
8.6.1 Visualizations
320(1)
8.6.2 Visual Analytics Processes
321(2)
8.7 An Example Scenario
323(2)
8.8 Future Outlook
325(6)
References
326(5)
PART THREE MULTIMEDIA DEVICE AND SOURCE FORENSICS
9 Forensic Camera Model Identification
331(44)
9.1 Introduction
331(2)
9.2 Forensic Source Identification
333(4)
9.2.1 Identification Granularity
333(1)
9.2.2 Intra- and Inter-Class Similarity, Feature Space Representation
334(1)
9.2.3 Digital Camera Acquisition Characteristics
335(2)
9.3 Digital Camera Model Identification
337(2)
9.4 Benchmarking Camera Model Identification Algorithms
339(2)
9.4.1 A Dataset Template for Camera Model Identification Research
339(1)
9.4.2 The Dresden linage Database
340(1)
9.4.3 Benchmarking Procedure
341(1)
9.5 Model-Specific Characteristics of Digital Camera Components
341(10)
9.5.1 Compression Parameters, Metadata and File Format
341(1)
9.5.2 Lens Distortion
342(4)
9.5.3 CFA and Demosaicing
346(3)
9.5.4 Camera Response Function
349(1)
9.5.5 Summary and Limitations
350(1)
9.6 Black Box Camera Model Identification
351(13)
9.6.1 General-Purpose Image Descriptors
352(3)
9.6.2 Dresden Image Database Case Study: Closed-Set Camera Model Identification
355(7)
9.6.3 Summary
362(2)
9.7 Camera Model Identification in Open Sets
364(2)
9.7.1 Dresden Image Database Case Study: One-Class SVM
364(1)
9.7.2 Summary and Outlook
365(1)
9.8 Model-Specific Characteristics in Device-Level Identification
366(2)
9.9 Open Challenges Towards Practical Applications
368(7)
References
370(5)
10 Printer and Scanner Forensics
375(36)
10.1 Introduction
375(4)
10.1.1 Comparison with Digital Image Forensics
377(1)
10.1.2 Document Lifecycle
378(1)
10.2 Printer Forensics
379(7)
10.2.1 Working Principles of Laser Printers and Inkjet Printers
379(1)
10.2.2 Flowchart of Printer Forensics
380(1)
10.2.3 Laser Printer Forensics
381(4)
10.2.4 Inkjet Printer Forensics
385(1)
10.3 Scanner Forensics
386(3)
10.3.1 Flowchart of Scanner Forensics
387(1)
10.3.2 Sensor Noise
387(1)
10.3.3 Dust and Scratches
388(1)
10.4 Photocopier Identification
389(2)
10.4.1 Contact between Printer and photocopier
389(1)
10.4.2 Character Signature
390(1)
10.5 Forgery Detection for Printed and Scanned Documents
391(5)
10.5.1 Flowchart of Forgery Detection
392(1)
10.5.2 Forgery Detection for Printed Documents
393(2)
10.5.3 Forgery Detection for Scanned Documents
395(1)
10.6 Sample Algorithms with Case Studies
396(10)
10.6.1 Printer Identification
396(4)
10.6.2 Scanner Identification
400(3)
10.6.3 Document Forgery Detection
403(3)
10.7 Open Problems and Challenges
406(2)
10.8 Conclusions
408(3)
Acknowledgements
408(1)
References
408(3)
11 Microphone Forensics
411(31)
11.1 Introduction
411(3)
11.2 Pattern Recognition for Microphone Forensics
414(7)
11.2.1 Pattern Recognition and Its Sub-Disciplines
414(2)
11.2.2 State-of-the-Art in Pattern Recognition-Based Microphone Forensics
416(5)
11.3 Guidelines for Microphone Registration
421(2)
11.4 Case Studies
423(12)
11.4.1 Investigation Tasks
423(2)
11.4.2 Implementation of the Statistical Pattern Recognition Pipeline
425(2)
11.4.3 Evaluation Setups
427(2)
11.4.4 Evaluation Results
429(6)
11.5
Chapter Summary
435(7)
Acknowledgements
436(1)
References
437(5)
12 Forensic Identification of Printed Documents
442(41)
12.1 Introduction
442(7)
12.1.1 Hardware Considerations
444(2)
12.1.2 Performance Characterization
446(3)
12.2 Special Materials
449(1)
12.3 Substrate Forensics
450(5)
12.3.1 FiberFingerprint
450(1)
12.5.2 Laser Speckle
451(1)
12.3.3 Substrate Scanning
452(1)
12.3.4 PaperSpeckle
452(3)
12.3.5 Practical Considerations
455(1)
12.4 Print Forensics
455(18)
12.4.1 Authenticating Printed Glyphs
457(2)
12.4.2 Model-Based Authentication
459(6)
12.4.3 Authenticating Printed Halftones
465(6)
12.4.4 Authenticating Data-Bearing Halftones
471(2)
12.5 Real World Example: Currency Protection
473(2)
12.6 Summary and Ecosystem Considerations
475(8)
References
478(5)
PART FOUR MULTIMEDIA CONTENT FORENSICS
13 Digital Image Forensics with Statistical Analysis
483(39)
13.1 Introduction
483(5)
13.1.1 Digital Image Forensics
483(1)
13.1.2 Background
484(4)
13.2 Detecting Region Duplication
488(12)
13.2.1 Problem Definition
488(1)
13.2.2 Related Works
489(2)
13.2.3 Proposed Method
491(4)
13.2.4 Performance Analysis
495(5)
13.3 Exposing Splicing Forgery
500(8)
13.5.1 Problem Definition
500(1)
13.5.2 Related Works
501(2)
13.2.3 Proposed Method
503(3)
13.3.4 Performance Analysis
506(2)
13.4 Case Studies
508(4)
13.4.1 Region Duplication Forgeries
508(2)
13.4.2 Splicing Forgeries
510(2)
13.5 Other Applications
512(3)
13.5.1 Detecting Audio Splicing
512(2)
13.5.2 Exposing Video Forgery
514(1)
13.6 Summary
515(7)
References
517(5)
14 Camera-Based Image Forgery Detection
522(50)
14.1 Introduction
522(2)
14.2 Camera Structure
524(11)
14.2.1 Optics
524(6)
14.2.2 Sensors
530(3)
14.2.3 Image Processing Pipeline
533(2)
14.3 Camera-Based Forgery Detection Methods
535(13)
14.3.1 Optics-Based Forgery Detection
536(1)
14.3.2 Sensors-Based Forgery Detection
537(1)
14.3.3 Image Processing Pipeline-Based Forgery Detection
538(10)
14.4 Forgery Detection Based on PFA: A Case Study
548(16)
14.4.1 Forgery Detection Based on PFA
549(2)
14.4.2 Algorithm
551(6)
14.4.3 Test Results
557(5)
14.4.4 Discussion
562(2)
14.5 Conclusion
564(8)
References
565(7)
15 Image and Video Processing History Recovery
572(40)
15.1 Introduction
572(1)
15.2 Coding Artefacts
573(13)
15.2.1 JPEG Compression
574(3)
15.2.2 Double JPEG Compression
577(6)
15.2.3 Video Compression
583(2)
15.2.4 Video Re-encoding
585(1)
15.3 Editing Artefacts
586(4)
15.3.1 Resampling
587(2)
15.3.2 Image Enhancement
589(1)
15.4 Estimation of Processing Parameters
590(11)
15.4.1 Estimation of Coding Parameters
590(5)
15.4.2 Estimation of Editing Parameters
595(3)
15.4.3 Artefact Localization
598(3)
15.5 Case Studies
601(4)
15.5.1 Localization of Forgeries in JPEG Images
601(2)
15.5.2 Localization of Forgeries in MPEG-2 Videos
603(2)
15.6 Conclusions
605(7)
References
607(5)
16 Anti-Forensics of Multimedia Data and Countermeasures
612(41)
16.1 Introduction
612(1)
16.2 Anti-forensic Approaches Proposed in the Literature
613(10)
16.2.1 Anti-forensics of Acquisition Fingerprints
614(3)
16.2.2 Anti-forensic oj Compression Fingerprints
617(2)
16.2.3 Anti-forensic of Editing Fingerprints
619(4)
16.3 Case Study: JPEG Image Forensics
623(21)
16.3.1 JPEG Compression and JPEG Compression Footprints
623(2)
16.3.2 JPEG Compression Anti-forensics
625(1)
16.3.3 Analysis of Anti forensic Dithering
626(7)
16.3.4 Countering JPEG Compression Anti-forensics
633(11)
16.4 Trade-off between Forensics and Anti-forensics
644(3)
16.4.1 Performance Analysis of Anti-forensics
644(1)
16.4.2 Interplay between Forger and Forensic Analyst Using Game Theory
645(2)
16.5 Conclusions
647(6)
References
647(6)
Index 653
Anthony T.S. Ho, Department of Computing, University of Surrey, UK Prof. Ho holds the Personal Chair in Multimedia Security and is currently the Head of the Department of Computing at the University of Surrey. He is a Fellow of the Institution of Engineering and Technology (FIET), a Chartered Electrical Engineer (CEng), Fellow of British Computer Society (FBCS) and a Senior Member of IEEE. He was the recipient of the IET Innovation in Engineering Award (2006) for his research and commercialisation work on digital watermarking in 2006. Prof. Ho is a member of the IEEE Signal Processing Society Technical Community on Information Forensics and Security. He is the editor-in-chief of the international journal Information Security Technical Reports, which covers digital forensics as one of its key topics. He is also the co-editor-in-chief of International Journal of Digital Crime and Forensics which publishes research papers on both digital and multimedia forensics.

Shujun Li, Department of Computing, University of Surrey, UK Dr. Li is a Senior Lecturer in the Department of Computing at the University of Surrey. Dr Li received his PhD degree in Information and Communication Engineering in 2003 from Xian Jiaotong University, China. He has published more than 70 scientific papers at various international journals and conferences. Dr. Li is on the editorial board of Information Security Technical Reports. He is a Senior Member of the IEEE and a Professional Member of the ACM. He is a member of the IEEE Communications Society Technical Committee on Multimedia Communications and of the IEEE Circuits and Systems Society Technical Committee on Nonlinear Circuits & Systems. He is an active contributor to the ISO/IEC RVC standard as a member of the MPEG.
Biežāk uzdotie jautājumi par e-grāmatām Biežāk uzdotie jautājumi par e-grāmatām
Permanent link: https://www.kriso.lv/db/97811187057802e.html
Keywords: