Abstract
An increase in digitization is giving rise to cybercrimes. The existing network protocols are insufficient for collecting the required digital evidence of cybercrime, which eventually makes the process of forensic investigation difficult. In the current scenario of network forensics, the investigator with current capabilities can reach only up to the ISP. This is not primary evidence. Currently, available tools work only at the network layer. In this work, we propose a protocol that ensures tracking up to the true source by collecting beforehand forensically sound evidence. The proposed protocol can collect target data from the device in the form of a device fingerprint with the help of an agent process. The proposed methodology will help in proving non-repudiation, which is a well-known challenge in forensic cases. The fingerprint evidence generated by the proposed method has the capability of not getting obsolete even if the criminal tries to destroy evidence. The fingerprinting technique deployed uses a hash tree and generates evidence in such a way that this fingerprint can act as legal evidence. The security validation of the proposed system is done using the BAN logic. Formal verification is performed using the AVISPA tool. The system has been implemented as a prototype and hosted on AWS.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: Journal of King Saud University - Computer and Information Sciences
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
