Comparative analysis of software used in anonymised search and seizure cases: acquisition, examination and analysis

Authors

  • Fabio Vivan Grigollo
  • Roberto Fabiano Fernandes

DOI:

https://doi.org/10.54033/cadpedv21n4-015

Keywords:

Forensic Computing, Forensic Software, Proof Production, Chain of Custody

Abstract

It is discussed that within the production of digital evidence, the use of forensic software to support the acquisition, examination and analysis of evidence in a correct manner plays a role of great importance, mainly to maintain the credibility of evidence and its acceptance in the judiciary. The objective is to evaluate a sample of real judicial search and seizure cases that occurred between 2014 and 2023, presenting the forensic software used in each stage of each evaluated case. A random selection of one case will be made for each year, with anonymised data, to carry out a continuity analysis of the software used. The article seeks to identify whether these software remain in force or whether it has been discontinued, rendered obsolete or replaced over the selected sampling period, The research is structured in operational stages, starting with the selection of cases until the analysis of software continuity, revealing a predominance of software with valid status and indicating a tendency to update technological solutions in the field of digital forensics. The results also highlight the need for periodic reviews of the solutions that exist in the market. Based on the sample analyzed, the software evaluated shows, in their majority, continuity, with 87.5% of the solutions considered current when adding the software in force and replaced. This study contributes to the understanding of the evolution of forensic software by offering details on the status of continuity of such software for the digital evidence production process and the respective credibility of the acceptance of evidence in the judicial environment.

References

ARCHIVEOS. Deft Linux. Disponível em: https://archiveos.org/deft/. Acesso em: 15 jan. 2024.

AUTOPSY. Download Autopsy Version. Disponível em: https://www.autopsy.

com/download/. Acesso em: 16 jan. 2024.

BACKTRACK-LINUX. Backtrack Linux. Disponível em: https://www.backtrack-linux.org/. Acesso em: 16 jan. 2024.

BRASIL. E. C. A, Identificação e análise das ferramentas de computação forense aplicadas em investigações no Brasil. Universidade Federal do Ceará, Campus de Quixadá, 2023.

CAINE. Release. Disponível em: https://www.caine-live.net/page6/files/cate

gory-release.html. Acesso em: 15 jan. 2024.

CAMPOS, L. M. O., GOMES, E., MARTINS, H. P. Forensic Expertise in Storage Device USB Flash Drive: Procedures and Techniques for Evidence. IEEE Latin America Transactions, v. 14, n. 7, 2016. DOI: https://doi.org/10.1109/TLA.2016.7587651

CANTORE, J. A. G. Cadena de custodia de evidencias. Anales de la Facultad de Ciencias Médicas (Asunción), v. 47, n. 1, 2014.

CASTELLANOS, B. J. P. El uso de los métodos deductivo e inductivo para aumentar la eficiencia del procesamiento de adquisición de evidencias digitales. Cuadernos de Contabilidad, v. 18, n. 46, 2017. DOI: https://doi.org/10.11144/Javeriana.cc18-46.umdi

CELLEBRITE. More than a Makeover: MacQuisition is now Digital Collector, 2020. Disponível em: https://cellebrite.com/en/more-than-a-makeover-macquisi

tion-is-now-digital-collector/. Acesso em: 15 jan. 2024.

CELLEBRITE. Product Releases. Disponível em: https://cellebrite.com/en/

support/product-releases/. Acesso em: 15 jan. 2024.

CÓRDOVA, J. E. P., RIVERA, A. E. P. Gestión de riesgos y análisis forense en redes sociales de los acosos cibernéticos, al que están expuestos los adolescentes de las instituciones educativas de Guayaquil: caso de estudio Unidad Educativa Julio María Matovelle. Proyecto de titulación. (Trabajo de titulación para la obtención del título de Ingeniero en Networking y Telecomunicaciones). Guayaquil, Ecuador, 2017.

CUOMO, R., D'AGOSTINO, D., IANULARDO, M. Mobile Forensics: Repeatable and Non-Repeatable Technical Assessments. Sensors, 2022. DOI: https://doi.org/10.3390/s22187096

DISTROWATCH. Helix. Disponível em: https://distrowatch.com/table.php?distri

bution=helix. Acesso em: 16 jan. 2023.

EXTERRO. Get Started with FTK Imager. Disponível em: https://go.exterro.

com/l/43312/2023-05-03/fc4b78. Acesso em: 16 jan. 2024.

GUYMAGER. Guymager homepage. Disponível em: https://guymager.source

forge.io/. Acesso em 15 jan. 2024.

MAGNETFORENSICS. Release Notes. Disponível em: https://www.magnetfore

nsics.com/release-notes/. Acesso em: 15 jan. 2024.

MEDEIROS, L. O., TORRES, A. B. Análise de ferramentas open source utilizadas para a perícia forense computacional. Escola de Formação Complementar do Exército / Escola de Aperfeiçoamento de Oficiais, 2020.

MOBILEDIT. Software Release. Disponível em: https://www.mobiledit.com/

news/category/Software+Release. Acesso em: 15 jan. 2024.

NETO, M., SANTOS, J. Apontamentos sobre a cadeia de custódia da prova digital no brasil. Revista Em Tempo, v. 20, n. 1, 2020.

OPENTEXT. Support Portal. Disponível em: https://www.opentext.com/

products. Acesso em 16 jan. 2024.

PARABEN. Paraben Corporation. Disponível em: https://paraben.com/e3-mobile-smartphone-forensics/. Acesso em: 16 jan. 2024.

PARIZOTTO, L. S., NEVES, A. L., PINHEIRO, N. R. A importância da perícia forense computacional na investigação de crimes. In: Proceedings of the II FatecSeg – Congresso de Segurança da Informação. Fatec, 2022.

RAMADHAN, R. A., SETIAWAN, P. R., HARIYADI, D. Digital forensic investigation for non-volatile memory architecture by hybrid evaluation based on ISO/IEC 27037:2012 and NIST SP800-86 framework. IT Journal Research and Development (ITJRD), v. 6, n. 2, 2022. DOI: https://doi.org/10.25299/itjrd.2022.8968

SUMURI. Paladin Edge. Disponível em: https://sumuri.com/product/paladin-edge-64-bit/. Acesso em: 20 jan. 2024.

VORONKOVA, S. A Computational Forensic Methodology for Malicious Application Detection on Android OS. Free University of Bozen/Bolzano, Faculty of Computer Science. Submitted in partial fulfillment of the requirements for the degree of Master in Computer Science at the Free University of Bolzano, 2011.

Downloads

Published

2024-04-03

How to Cite

Grigollo, F. V., & Fernandes, R. F. (2024). Comparative analysis of software used in anonymised search and seizure cases: acquisition, examination and analysis. Caderno Pedagógico, 21(4), e3557. https://doi.org/10.54033/cadpedv21n4-015

Issue

Section

Articles