Computer Science Assignment: Challenges Faced While Investigating Web & Email Forensic

Question

Task: Challenges that are faced carrying out the web and email forensics. You will present a summary of your research as a report on computer science assignment.

• Scale and scope of the challenge
• Integrity of evidence
• Challenges in Attribution
• Ethical and Legal Considerations
• Possible Solutions to the Challenges rose

Answer

1.1 Introduction
The report on computer science assignment contains digital preservation and development and internal policies, guidelines, and standards that could meet the challenges faced while investigating the web and email forensic. Web forensic identifies the evidence that is related to web crime and email forensic identifies the evidence that is related to email crime. With the increase in technology and its demand in the world, cybercrime has also raised high all the time. There is various collection of internet nodes that are spread across the world. For common users, it becomes a little difficult. Internet forensic experts are very similar to police officers. They follow the Standard Operating Procedure while performing investigations and collecting the evidence. There are many issues and challenges faced in the field which will be discussed in the report below.

1.2 Scale and Scope
The scale and scope of the report are to measure the challenges that are faced while carrying out web and email forensic. Email communication is a huge part of today's business and it also performed some criminal activities like blackmailing, leakage of company data, threats. The company instead has to engage with the external forensic to get the communication through email. While investigating web forensics, challenges that come are technical, legal, and resource challenge [1].However, privacy is an important factor for the organization. The forensic expert share data to compromise privacy and get the truth. The individual user and the private company generate a lot of information for their usage. This may reveal the privacy risk of the data.The report contains various information where evidence is the base of the report which was integrated. In the report, some ethical and legal considerations will be done. So, all possible solutions will be raised for the challenges that are faced while performing web forensic and email forensic investigation [2]. In the world of digitization, email communication is an indispensable factor.

1.3 Integrity of Evidence
Web evidence store data across the network through which all possible evidence are collected. All necessary data are authenticated and integrated that have web evidence. The evidence could be identified by relating the case with the victim and extract and analyze the online activities namely cookies, history for browsing, log files, cache, and much more. With the internet, cybercrime also has its existence [3].

Email forensic is a piece of evidence and to collect this evidence, the Email Header Analysis collects the evidence for the forensic process. The email clients are web-based and desktop-based. Web-based emails are all saved on the webserver and can be accessed from anywhere [4]. However, desktop-based email isstored in the system where users do not worry about data security. Email forensic analysis has an e-mail message as evidence that is illustrated with a forensic perspective. There is a need for e-mail forensic investigation to study the source and content of e-mail with evidence. The email forensic investigators find it difficult to identify the email authorship where no standardized procedure is followed. Efficient tools and techniques are used to perform a forensic investigation. In some of the cases, the back-up processes are automatic which provides a greater source of evidence. During an investigation, the local host may deal with hardware and software configuration. There is an issue while accessing data to measure local security and data protection [5]. The most common is disk encryption. The data are volatile, were suspect to take down the hosted site and delete the content securely.

One of the main challenges in website interactions is facing forensic practice which depends on the hosting strategy. Identifying the hosting service, could access the site configuration, and have the willingness to cooperate.

1.4 Challenges in Attribution
With the developed technology, a high risk of crime and criminal activity also develop. Thus, increasing the need for using forensic tools that could be used against criminals [6]. The major challenge in web forensic is anti-forensics techniques. The challenges that arise are

1. Encryption ensures privacy of the information as it can hide the information from any unauthorized user but the challenging part over here is that the criminals used it to hide crimes that they perform.
2. Through some programs and system commands, criminals get the chance to hidedata in the storage space where the data are invisible.
3. The attacker bypasses the communication protocol i.e. the covert channel through some detection technique and the network it hides the data [7]. The connection gets hide between the system and the attacker.
4. The trend of data is stored in the cloud which increases the complexity while processing the investigation because the chances of getting evidence are low which makes the web forensic techniques useless.
5. As technology is changing rapidly, getting the update becomes difficult for the investigator. This becomes an issue when dealing with any system or device.
6. The attacker usessteganography to hide information into some file and there areno changes in the outer look, this becomes a challenge for the forensic expert to get the data that are hidden.

1.5 Ethical and Legal Considerations
Presenting Web and Email evidence becomes more difficult as it contains a lot of instances to acquire a legal framework. Every aspect of web and email forensic is not possible to recognize every time [8]. Due to a lack of qualification, the cyber police lack to identifythe evidence with all possible sources. With proper guidelines and explanation, the evidence can be provided easily to get the collection and acquisition of web and email evidence. The Evidence Actneeds to evolve with E-evidence time and address as the presentation will be focused on electronic evidence that could accompany the certificate. This procedure will be helpful to prove the certificate. There is the uncertainty created in the privacy legislation for web and email forensic. The privacy provisions couldn’t be tested with common law. The crime is admissible in the law court, where the procedure is collected and explained in detail.

Any issue of the web and email evidence will be addressed to preserve the guidelines and provide some technical process which itself is a challenge to get the instances. In a long term, the preservation of web and email evidence takes a huge amount of money and technology. If there is some extra power in the crime scene and having abounded to reduce liabilities with no crucial evidence [9].

Ethical issues are the right and wrong behavior was an ethical dilemma arises. When there is some potential barrier for investigating legal procedures. In that case, there is a main potential barrier to investigate effectively and adhere to legal procedures that could potentially facilitate access to content.

1.6 Possible Solutions to the Challenges Raised
To get the solution, certain methodologies are followed to deploy tools and gather all possible data. For web evidence, a network diagram can be built with all possible solutions. For volatile order, data are collected. Potential data has to be analyzed to collect the evidence. Provide a series of events to log the timestamps [10]. Identify the files for integrity, and the access time should not be modified to run the program. Gather every information that is needed to solve to evidence. Analyze the web and email evidence in the forensic sandbox.

Forming a unified law from the government for cooperation can provide a solution to legal problems that arise when there is a web or email forensic investigation. Certain jurisdictional issues are reduced which leads to a less legal problem. With concern to e-crime, many countries do not comply with e-crime. So, the possible solution to advocate web forensic is to select, acquire, appraise, and advocate the technical solution [11]. Balancing privacy was a challenge for an individual. Adopting policies could encourage users to file relevant email messages.

The forensic expert should think according to the perspective of the attacker of what they are thinking. The investor understands the working of the system with full scope and possibilities and also has to face challenges while facing challenges in the site's application. Hence, they should come up with different methodologies so that the problem could be investigated. The data must be collected, evaluated, tagged, and processed [12].

1.7 Conclusion
From the above report on computer science assignment, it can be concluded that having a forensic practitionercould create content on the site. It helps in developing locally that could configure the files to another location. There may be much content deleted from the web during the forensic investigation and all the violating content is removed with the site database. Then the IP address is the only method to identify the suspect and get additional information on the Web and Email crime. In the following ethical and legal considerations, certain policies and guidelines could be adopted and get the solution to the issue thatis raised. The main challenges are also discussed in the report and what possibilities are there for the attackers to attack are also discussed. Even after the increase in cybercrime, it can be still curbed.

References
[1]L. Cameron, "Future of digital forensics must face six challenges posed by cybercrime", IEEE Security & Privacy | IEEE Computer Society, 2021. [Online]. Available: https://publications.computer.org/security-and-privacy/2018/03/01/digital-forensics-security-challenges-cybercrime/. [Accessed: 08- Jan- 2021].

[2]W. Chirath De Alwis, "An Introduction To Challenges In Digital Forensics - Forensic Focus", Forensic Focus, 2017. [Online]. Available: https://www.forensicfocus.com/articles/an-introduction-to-challenges-in-digital-forensics/. [Accessed: 08- Jan- 2021].

[3]G. Horsman, "Web Content Management Systems: An Analysis of Forensic Investigatory Challenges", 2021. [Online]. Available: https://research.tees.ac.uk/ws/files/6587811/621678.pdf. [Accessed: 08- Jan- 2021].

[4]M. Kent Mabey, "Forensic Methods and Tools for Web Environments", Mikemabey.com, 2017. [Online]. Available: https://mikemabey.com/Dissertation_Mabey.pdf. [Accessed: 08- Jan- 2021].

[5]P. Sonawane, K. Wadekar, Y. Ratnaparkhe and R. Gundl, Gujaratresearchsociety.in, 2019. [Online]. Available: http://gujaratresearchsociety.in/index.php/JGRS/article/download/1284/1052/. [Accessed: 08- Jan- 2021].

[6] J. Stadlinger and A. Dewald, A forensic email analysis tool using dynamic visualization, 2017. [Online]. Available: https://commons.erau.edu/cgi/viewcontent.cgi?article=1413&context=jdfsl. [Accessed: 08- Jan- 2021].

[7]M. Babiker, E. Karaarslan and Y. Hoscan, "Web application attack detection and forensics: A survey - IEEE Conference Publication", Ieeexplore.ieee.org, 2018. Computer science assignment [Online]. Available: https://ieeexplore.ieee.org/abstract/document/8355378. [Accessed: 08- Jan- 2021].

[8]S. WojciechMazurczyk, "Information Hiding: Challenges For Forensic Experts", Cacm.acm.org, 2018. [Online]. Available: https://cacm.acm.org/magazines/2018/1/223894-information-hiding/fulltext. [Accessed: 08- Jan- 2021].

[9]A. Lazzez, C. of Computers, T. University, K. of Saudi Arabia and T. Slimani, "Forensics Investigation of Web Application Security Attacks", Academia.edu, 2015. [Online]. Available: https://www.academia.edu/35023386/Forensics_ Investigation_of_Web_Application_Security_Attacks. [Accessed: 08- Jan- 2021].

[10]A. Rasool and Z. Jalil, "A Review of Web Browser Forensic Analysis Tools and Techniques", 2020. [Online]. Available: https://www.researchgate.net/publication/342338294_A_Review_of_Web_ Browser_Forensic_Analysis_Tools_and_ Techniques. [Accessed: 08- Jan- 2021].

[11]F. ABU ZUHRI, "CYBER FORENSIC CHALLENGES", Digitalforensicsmagazine.com, 2015. [Online]. Available: https://digitalforensicsmagazine.com/blogs/wp-content/uploads/2017/05/Cyber-Forensic-Challenges.pdf. [Accessed: 08- Jan- 2021].

[12]H. Duc, "Academic Trends in Digital Forensics", eForensics, 2019. [Online]. Available: https://eforensicsmag.com/download/academic-trends-in-digital-forensics/. [Accessed: 08- Jan- 2021].