|PREVIEW eForensics Magazine 2021 10 OSINT and Social Media Frensics .pdf|
can you imagine the modern world without social media? It has changed the face of the modern world, and in the era of covid-19, they have become an excellent channel of communication. But can they be something more? From the point of view of a digital forensics professional, it is a real mine of information limited only by the skills of the researcher. That's why this month we come to your aid so that you can deepen your knowledge of techniques and tools for exploiting social media for digital investigations.
You will learn, among other things, how to prevent the accidental sharing of barcodes containing the personal data of passengers on airlines on social media and what are the consequences of providing such data to unauthorized entities. How social media is changing terrorism, and what are the most effective tools for conducting digital social media investigations. And also what is the methodology and the main techniques and tools for digital social media analysis.
But that's not all, because we also present you:
- how digital forensics can support the identification of intellectual property violations and software plagiarism,
- how to use Windows logs in your investigative work,
- how to protect your organization against cyber-attacks!
Do not hesitate even a moment longer and immediately reach for this month's Magazine!
Check out our Table of Contents below for more information about each article (we included short leads for you).
We hope that you enjoy reading this issue! As always, huge thanks to all the authors, reviewers, to our amazing proofreaders, and of course you, our readers, for staying with us! :)
and the eForensics Magazine Editorial Team
TABLE OF CONTENTS
Using OSINT For Social Media Investigations
by Jeff Minakata
This article shows step by step how to use OSINT techniques for investigating social media. Social media can be a gold mine when it comes to OSINT investigations, though caution and process are important to follow. Using steps referred to in this paper will help you to gain your goals and find needed information, but also stay safe in the whole investigation process.
Airline Passenger Data Exposure In Boarding Pass Images Uploaded to Social Media
by F.M. Long and Mark A. Cummins
In this paper researchers using the search parameter “#boardingpass”, 62,105 images were downloaded from a social media website and scanned for images containing boarding pass barcodes. The results indicate that over three percent of the images revealed a barcode that was successfully decoded. Specifically, 429 airline barcodes were successfully decoded and the corresponding passenger information was retrieved, including names, booking references, date of travel, origin airport, destination airport, seat number, airline carrier, and flight number. The analysis is conducted using the most popular Airports and Airlines. Conclusions show some practical tips on how to avoid unauthorized data sharing.
Social Media Forensics - Corporations Face Risks And Challenges Associated With Social Media
by Longinus Timochenco
This paper, identified valuable data sources in social networks, how they can be leveraged for analysis and discussed to what extent this is possible without the collaboration of the social network operator. Compared to traditional social analysis, this can be done fully automated and allows cluster analysis as well as different timeline visualizations. The article has analyzed the implementation of a proof-of-concept application for creating social interconnection and social interaction graphs (with whom is a user connected, with whom does the user interact often) based on Facebook.
Forensics In Intellectual Property Software
by Petter Anderson Lopes
The main purpose of this article is to discuss and demonstrate how digital forensics can support the identification of intellectual property infringement and software plagiarism. Software developers have particularities, ranging from coding addictions learned at university to totally different codes that have the same functionality, thus representing a major challenge in identifying software plagiarism. There is no intention to exhaust the subject, however, it is important to understand the main topics to be more agile in identifying software intellectual property infringement and thus represent a customer in a court of law.
The Critical Importance Of Methodology Within Open Source Intelligence
by Craig Pedersen
In this article, the author highlights the importance of the OSIN methodology in the investigation process. Without denying the importance of tools in obtaining information using OSINT, the author draws attention to certain necessary steps that must be passed in order to properly conduct an investigation. Such a structured approach can contribute to obtaining reliable and consistent investigation results.
Social Media, Crime, And Forensics
by James A (Jim) McCoy, Jr
The article focuses on identifying the main threats to social media users. They have been defined and illustrated with examples. The author uses statistics, which enriches the text. He also refers to the techniques used to conduct investigations on social media and presents, in his opinion, the most effective tools that can be used in this process.
Mobile Service Breach
by Wilson Mendes
This article is about mobile services. The author argues that by using the services of classic telecommunications operators and using a SIM card, each call we make leaves a "mobile fingerprint". This makes it possible to track our movements on the web. However, you can ensure your privacy by using applications that do not require authentication. The author presents the main reasons and advantages of using encrypted communication without the use of a SIM card.
Cybersecurity, Vulnerability Assessment, And Penetration Testing
by Luciano Quartarone
The article discusses the importance of adopting a structured and repeatable vulnerability assessment process and a broad penetration testing campaign as part of a mature IT risk assessment methodology that can improve cybersecurity and information security in companies. The author shows that such a structured process can also be helpful in proving companies' commitment to increasing compliance with global standards and regional regulations on privacy and data protection. The article presents how to conduct a generic vulnerability assessment process.
Introduction To The Importance Of Monitoring Social Media In Combating Terrorism
The article states that although social media was designed so that people could express their opinion, today it is also a valuable source of information for services that use it to ensure public safety. Techniques for social media exploration such as SOCMINT and internet monitoring are presented in the text. The article shows that Internet monitoring is considered the most effective and at the same time the cheapest technique and is indicated by investigators as a tool that can be used to prevent both individual and organized crime, but also terrorist attacks, in particular by the so-called "lone wolves".
Analysis Of Windows Logs
by Daniele Giomo
In this article, the author deal with the analysis of Windows logs, which represent a fundamental source of information on the operating system, installed programs and configurations, and customizations. It shows how to understand where to find the main information in a Windows operating system and how showing how to use new functions of Windows registries in digital forensics work listing it the main areas.