Abstract
Forensic investigation of cybercrimes in ecommerce and banking portals is becoming increasingly difficult due to the inability of existing Internet protocols, to collect the necessary information as digital evidences. Present tools for investigation on Internet protocols tracks the attackers up to the ISP, only and the actual attacker’s location and machine may be tracked based on the information of ISP which is not primary evidence and also not acceptable evidence. According to the Indian Evidence Act Section 62 and also others, international act for evidence says, primary evidences are most superior class of evidences and admissible and acceptable at first place. This is only possible, if investigator proves that attacks have been occurred by using the device and evidence should prove that it has been happened by using the investigated device. Our proposed device fingerprinting technique uses the concept of hash tree and generates the device fingerprints which can be used as forensically sound evidence. In disputes, which has been caused by external attacks or the denial of client and business provider will be solved by analyzing the fingerprint collected in the form of digital evidence with every transaction. The fingerprint generated by the proposed system has all the characteristics stipulated by the court of law.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Abraham M, Meierhoefer C, Lipsman A (2007) The impact of cookie deletion on the accuracy of site-server and ad-server metrics: An empirical comScore study. Retrieved Oct 14, 2009 p
Patil RY, Devane SR (2017) Unmasking of source identity, a step beyond in cyber forensic. In: Proceedings of the 10th international conference on security of information and networks. ACM, pp 157–164
Patil RY, Devane SR (2018) Primordial fingerprinting techniques from the perspective of digital forensic requirements. In: 2018 9th international conference on computing, communication and networking technologies (ICCCNT). IEEE, pp 1–6
Kohno T, Broido A, Claffy KC (2005) Remote physical device fingerprinting. IEEE Trans Dependable Secure Comput 2(2):93–108
Fang P, Huang L, Xu H, He Q (2018) Smart device fingerprinting based on webpage loading. International conference on wireless algorithms, systems, and applications. Springer, Cham, pp 127–139
Cohen MI (2009) Source attribution for network address translated forensic captures. Digital Invest 5(3–4):138–145
Lanze F, Panchenko A, Braatz B, Zinnen A (2012) Clock skew based remote device fingerprinting demystified. In: Global communications conference (GLOBECOM), 2012 IEEE. IEEE, pp 813–819
Radhakrishnan SV, Uluagac AS, Beyah R (2015) GTID: a technique for physical device and device type fingerprinting. IEEE Trans Dependable Secure Comput 12(5):519–532
Merkle RC (1987) A digital signature based on a conventional encryption function. Conference on the theory and application of cryptographic techniques. Springer, Berlin, pp 369–378
Stephen JF (1872) The Indian Evidence Act (I. of 1872): with an introduction on the principles of judicial evidence. Macmillan
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Patil, R.Y., Devane, S.R. (2020). Hash Tree-Based Device Fingerprinting Technique for Network Forensic Investigation. In: Sengodan, T., Murugappan, M., Misra, S. (eds) Advances in Electrical and Computer Technologies. Lecture Notes in Electrical Engineering, vol 672. Springer, Singapore. https://doi.org/10.1007/978-981-15-5558-9_20
Download citation
DOI: https://doi.org/10.1007/978-981-15-5558-9_20
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-5557-2
Online ISBN: 978-981-15-5558-9
eBook Packages: Computer ScienceComputer Science (R0)