Abstract
There are minimal studies have attempted to shed light on the reality of the challenges and as such, the present paper brings forth studies identifying, quantifying, and prioritizing the challenges to motivate future authors to focus on the issues affecting the domain. Accordingly, a survey was conducted among researchers and practitioners (at the level of law enforcement and organizations) in order to investigate actual challenges and differentiate them from perceived challenges for the purpose of providing insight into the effects upon digital forensic domain in the near future. The study provided and collated a compact survey of the top significant challenges highlighted in the design/development of modern digital forensics tools. The study contributes to the identification of the important, mid- and long-term opportunities and issues that need to be taken into account by the security experts and network forensics in the field investigations fields.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Jang-Jaccard, J., Nepal, S.: A survey of emerging threats in cybersecurity. J. Comput. Syst. Sci. 80(5), 973–993 (2014)
Li, L., He, W., Xu, L., Ash, I., Anwar, M., Yuan, X.: Investigating the impact of cybersecurity policy awareness on employees’ cybersecurity behavior. Int. J. Inf. Manage. 45, 13–24 (2019)
Kshetri, N.: Blockchain’s roles in strengthening cybersecurity and protecting privacy. Telecommun. Policy 41(10), 1027–1038 (2017)
Internet Security Threats Report. Cybercrime Magazine. https://cybersecurityventures.com/cybercrime-damage-costs-10-trillion-by-2025/. Accessed 13 Nov 2020
https://pcmag.com/article2/0.2817.2392570.00.asp. Accessed June 2013
Ishak, Z., Rajendran, N., Al-Sanjary, O.I., Razali, N.A.M.: Secure biometric lock system for files and applications: a review. In: 2020 16th IEEE International Colloquium on Signal Processing & Its Applications (CSPA), pp. 23–28. IEEE , February 2020
Mohammed, T.L., Ahmed, A.A., Al-Sanjary, O.I.: KRDOH: kurdish offline handwritten text database. In: 2019 IEEE 7th Conference on Systems, Process and Control (ICSPC), pp. 86–89. IEEE (2019)
Al-Sanjary, O.I., Ibrahim, O.A., Sathasivem, K.: A new approach to optimum steganographic algorithm for secure image. In: 2020 IEEE International Conference on Automatic Control and Intelligent Systems (I2CACIS), pp. 97–102. IEEE, June 2020
Al-Sanjary, O.I., Ahmed, A.A., Zangana, H.M., Ali, M., Aldulaimi, S., Alkawaz, M.: An investigation of the characteristics and performance of hybrid routing protocol in (MANET). Int. J. Eng. Technol. 7(4.22), 49–54 (2018)
Iannacone, M., et al.: Developing an ontology for cyber security knowledge graphs. In: Proceedings of the 10th Annual Cyber and Information Security Research Conference, pp. 1–4, April 2015
Takahashi, T., Kadobayashi, Y.: Reference ontology for cybersecurity operational information. Comput. J. 58(10), 2297–2312 (2015)
Khairkar, A.D., Kshirsagar, D.D., Kumar, S.: Ontology for detection of web attacks. In: 2013 International Conference on Communication Systems and Network Technologies, pp. 612–615. IEEE, April 2013
Ahmed, A.A., Hasan, H.R., Hameed, F.A., Al-Sanjary, O.I.: Writer identification on multi-script handwritten using optimum features. Kurdistan J. Appl. Res. 2(3), 178–185 (2017)
Nasr, M., Shokri, R., Houmansadr, A.: Comprehensive privacy analysis of deep learning: passive and active white-box inference attacks against centralized and federated learning. In: 2019 IEEE symposium on security and privacy (SP), pp. 739–753. IEEE, May 2019
Tari Schreider, S.S.C.P., CISM, C., CISO, I.: Building Effective Cybersecurity Programs: A Security Manager’s Handbook. Rothstein Publishing (2017)
Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Futur. Gener. Comput. Syst. 28(3), 583–592 (2012)
Corbet, S., Meegan, A., Larkin, C., Lucey, B., Yarovaya, L.: Exploring the dynamic relationships between cryptocurrencies and other financial assets. Econ. Lett. 165, 28–33 (2018)
Yusta, J.M., Correa, G.J., Lacal-Arántegui, R.: Methodologies and applications for critical infrastructure protection: state-of-the-art. Energy Policy 39(10), 6100–6119 (2011)
Stinson, D.R., Paterson, M.: Cryptography: Theory and Practice. CRC Press (2018)
Butkovic, A., Mrdovic, S., Uludag, S., Tanovic, A.: Geographic profiling for serial cybercrime investigation. Digit. Investig. 28, 176–182 (2019)
Kim, Y.G.: Deception tree model for cyber operation. In: 2019 International Conference on Platform Technology and Service (PlatCon), pp. 1–4. IEEE , January 2019
Alguliyev, R., Imamverdiyev, Y., Sukhostat, L.: Cyber-physical systems and their security issues. Comput. Ind. 100, 212–223 (2018)
Mavroeidis, V., Bromander, S.: Cyber threat intelligence model: an evaluation of taxonomies, sharing standards, and ontologies within cyber threat intelligence. In: 2017 European Intelligence and Security Informatics Conference (EISIC), pp. 91–98. IEEE (2017)
Kaiser, R.: The birth of cyberwar. Polit. Geogr. 46, 11–20 (2015)
Shukla, J.B., Singh, G., Shukla, P., Tripathi, A.: Modeling and analysis of the effects of antivirus software on an infected computer network. Appl. Math. Comput. 227, 11–18 (2014)
Tynes, B., Reynolds, L., Greenfield, P.M.:Adolescence, race, and ethnicity on the Internet: a comparison of discourse in monitored vs. unmonitored chat rooms. J. Appl. Dev. Psychol. 25(6), 667–684 (2004)
Kandukuri, B.R., Rakshit, A.: Cloud security issues. In: 2009 IEEE International Conference on Services Computing, pp. 517–520 (2009)
Eskandari, S., Leoutsarakos, A., Mursch, T., Clark, J.: A first look at browser-based cryptojacking. In: 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pp. 58–66 (2018)
Slonje, R., Smith, P.K., Frisén, A.: The nature of cyberbullying, and strategies for prevention. Comput. Hum. Behav. 29(1), 26–32 (2013)
Harn, L.: Group-oriented (t, n) threshold digital signature scheme and digital multisignature. IEEE Proc. Comput. Digit. Tech. 141(5), 307–313 (1994)
Chowdhary, A., Dixit, V.H., Tiwari, N., Kyung, S., Huang, D., Ahn, G.J.: Science DMZ: SDN based secured cloud testbed. In: 2017 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN), pp. 1–2. IEEE, November 2017
Cheddad, A., Condell, J., Curran, K., Mc Kevitt, P.: Digital image steganography: survey and analysis of current methods. Signal Process. 90(3), 727–752 (2010)
Schneier, B.: The future of incident response. IEEE Secur. Priv. 12(5), 96 (2014)
Miller, D.R., Harris, S., Harper, A., VanDyke, S., Blask, C.: Security Information and Event Management (SIEM) Implementation. McGraw Hill Professional (2010)
Karatzogianni, A.: The Politics of Cyberconflict. Routledge (2006)
Hoffman, R.R., Lee, J.D., Woods, D.D., Shadbolt, N., Miller, J., Bradshaw, J.M.: The dynamics of trust in cyberdomains. IEEE Intell. Syst. 24(6), 5–11 (2009)
Hazelwood, S.D., Koon-Magnin, S.: Cyber stalking and cyber harassment legislation in the United States: a qualitative analysis. Int. J. Cyber Criminol. 7(2), 155–168 (2013)
Li, Q., Clark, G.: Mobile security: a look ahead. IEEE Secur. Priv. 11(1), 78–81 (2013)
Kirschen, D.S., Jayaweera, D.: Comparison of risk-based and deterministic security assessments. IET Gener. Transm. Distrib. 1(4), 527–533 (2007)
Stamm, M.C., Liu, K.R.: Anti-forensics of digital image compression. IEEE Trans. Inf. Forensics Secur. 6(3), 1050–1065 (2011)
Biddle, P., England, P., Peinado, M., Willman, B.: The darknet and the future of content protection. In: Feigenbaum, J. (eds) Digital Rights Management. DRM 2002. Lecture Notes in Computer Science, vol. 2696, pp. 155–176 Springer, Berlin, Heidelberg (2002). https://doi.org/10.1007/978-3-540-44993-5_10
Stamm, M.C., Lin, W.S., Liu, K.R.: Forensics vs. anti-forensics: a decision and game theoretic framework. In: 2012 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), pp. 1749–1752. IEEE, March 2012
Liao, K., Zh, Z., Do, A., Ahn, G.J.: Behind closed doors: measurement and analysis of CryptoLocker ransoms in Bitcoin. In: 2016 APWG Symposium on Electronic Crime Research (eCrime) p. 113 (2016)
von Ahn, L., Blum, M., Hopper, N.J., Langford, J.: CAPTCHA: using hard AI problems for security. In: Biham, E. (eds) Advances in Cryptology — EUROCRYPT 2003. EUROCRYPT 2003. Lecture Notes in Computer Science, vol. 2656, pp. 294–311. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-39200-9_18
Dagon, D. et al.: HoneyStat: local worm detection using honeypots. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) Recent Advances in Intrusion Detection. RAID 2004. Lecture Notes in Computer Science, vol. 3224. Springer, Berlin, Heidelberg, pp. 39–58 (2004). https://doi.org/10.1007/978-3-540-30143-1_3
Mohanta, B.K., Jena, D., Panda, S.S., Sobhanayak, S.: Blockchain technology: a survey on applications and security privacy challenges. Internet Things 8, 100107 (2019)
Cox, I.J., Miller, M.L., Bloom, J.A., Honsinger, C.: Digital Watermarking, vol. 53. Morgan Kaufmann, San Francisco (2002)
Xiao, L., Wan, X., Lu, X., Zhang, Y., Wu, D.: IoT security techniques based on machine learning: How do IoT devices use AI to enhance security? IEEE Sign. Process. Mag. 35(5), 41–49 (2018)
Ghazinour, K., Matwin, S., Sokolova, M.: YOURPRIVACYPROTECTOR, A recommender system for privacy settings in social networks (2016). arXiv preprint arXiv:1602.01937
Mercer, J.D.: Cybersquatting: Blackmail on the information superhighway. BUJ Sci. Tech. L. 6, 290 (2000)
Clark, J.F.: Growing threat: Sextortion. US Att’ys Bull 64, 41 (2016)
Jaishankar, K.: Cyber criminology as an academic discipline: history, contribution and impact. Int. J. Cyber Criminol. 12(1), 1–8 (2018)
Crosston, M.D.: World gone cyber MAD: how mutually assured debilitation is the best hope for cyber deterrence. Strat. Stud. Q. 5(1), 100–116 (2011)
Krippendorff, K.: The cybernetics of design and the design of cybernetics. In: Fischer, T., Herr, C. (eds.) Design Cybernetics. Design Research Foundations. Springer, Cham. pp. 119–136 (2019). https://doi.org/10.1007/978-3-030-18557-2_6
Ibarra, J., Jahankhani, H., Kendzierskyj, S.: Cyber-physical attacks and the value of healthcare data: facing an era of cyber extortion and organised crime. In: Jahankhani, H., Kendzierskyj, S., Jamal, A., Epiphaniou, G., Al-Khateeb, H. (eds.) Blockchain and Clinical Trial. Advanced Sciences and Technologies for Security Applications, pp. 115–137. Springer, Cham. https://doi.org/10.1007/978-3-030-11289-9_5
Denning, D.E.: Activism, hacktivism, and cyberterrorism: the Internet as a tool for influencing foreign policy. Netw. Netwars Future Terror Crime Milit. 239, 288 (2001)
Spagnolli, A., Bracken, C.C., Orso, V.: The role played by the concept of presence in validating the efficacy of a cybertherapy treatment: a literature review. Virt. Real. 18(1), 13–36 (2014)
Van Laer, T.: The means to justify the end: combating cyber harassment in social media. J. Bus. Ethics 123(1), 85–98 (2014)
Young, A.L., Yung, M.: Cryptovirology: the birth, neglect, and explosion of ransomware. Commun. ACM 60(7), 24–26 (2017)
Vandaele, K., van der Velden, S., Dribbusch, H., Lyddon, D., Vandaele, K.: From the Seventies Strike Wave to the First Cyber-Strike in the Twenty-First Century, pp. 196–205. Aksant, Amsterdam (2007)
Wimmer, J.: Digital game culture(s) as prototype(s) of mediatization and commercialization of society: the world cyber games 2008 in cologne as an example. In: Fromme, J., Unger, A. (eds.) Computer Games and New Media Cultures. Springer, Dordrecht, pp. 525–540 (2012) . https://doi.org/10.1007/978-94-007-2777-9_33
Pusey, P., Sadera, W.A.: Cyberethics, cybersafety, and cybersecurity: preservice teacher knowledge, preparedness, and the need for teacher education to make a difference. J. Digit. Learn. Teach. Educ. 28(2), 82–85 (2011)
Kandula, S., Katabi, D., Jacob, M., Berger, A.: Botz-4-sale: Surviving organized DDoS attacks that mimic flash crowds. In: Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation-Volume 2, pp. 287–300 (2005)
Leukfeldt, E.R., Kleemans, E.R., Stol, W.P.: Cybercriminal networks, social ties and online forums: social ties versus digital ties within phishing and malware networks. Br. J. Criminol. 57(3), 704–722 (2017)
Al-Sanjary, O.I., Ahmed, A.A., Sulong, G.: Development of a video tampering dataset for forensic investigation. Forensic Sci. Int. 266, 565–572 (2016)
Suo, H., Liu, Z., Wan, J., Zhou, K.: Security and privacy in mobile cloud computing. In: 2013 9th International Wireless Communications and Mobile Computing Conference (IWCMC), pp. 655–659. IEEE (2013)
Sun, X., Dai, J., Liu, P., Singhal, A., Yen, J.: Using Bayesian networks for probabilistic identification of zero-day attack paths. IEEE Trans. Inf. Forensics Secur. 13(10), 2506–2521 (2018)
Lee, I., Jeong, S., Yeo, S., Moon, J.: A novel method for SQL injection attack detection based on removing SQL query attribute values. Math. Comput. Model. 55(1–2), 58–68 (2012)
Abbas, S., Merabti, M., Llewellyn-Jones, D., Kifayat, K.: Lightweight sybil attack detection in manets. IEEE Syst. J. 7(2), 236–248 (2012)
Salehi, S.A., Razzaque, M.A., Naraei, P., Farrokhtala, A.: Detection of sinkhole attack in wireless sensor networks. In: 2013 IEEE international conference on space science and communication (IconSpace) , pp. 361–365. IEEE, July 2013
Shi, Y., Sagduyu, Y.E., Erpek, T., Davaslioglu, K., Lu, Z., Li, J.H.: Adversarial deep learning for cognitive radio security: jamming attack and defense strategies. In: 2018 IEEE international conference on communications workshops (ICC Workshops), pp. 1–6. IEEE (2018)
Shorey, T., Subbaiah, D., Goyal, A., Sakxena, A., Mishra, A.K.: Performance comparison and analysis of slowloris, goldeneye and xerxes ddos attack tools. In: 2018 International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 318–322. IEEE (2018)
Peltier, T.R.: Implementing an information security awareness program. Inf. Secur. J. A Glob. Perspect. 14(2), 37–49 (2005)
Kao, D.-Y.: Cybercrime investigation countermeasure using created-accessed-modified model in cloud computing environments. J. Supercomput. 72(1), 141–160 (2015). https://doi.org/10.1007/s11227-015-1516-7
Al-Sanjary, O.I., Ghazali, N., Ahmed, A.A., Sulong, G.: Semi-automatic methods in video forgery detection based on multi-view dimension. In: Saeed, F., Gazem, N., Patnaik, S., Saed Balaid, A.S., Mohammed, F. (eds.) IRICT 2017. LNDECT, vol. 5, pp. 378–388. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-59427-9_41
Ahmed, A.A., Al-Sanjary, O.I., Kaeswaren, S.: Reserve parking and authentication of guest using QR Code. In: 2020 IEEE International Conference on Automatic Control and Intelligent Systems (I2CACIS), pp. 103–106. IEEE (2020)
Casey, E.: Handbook of Digital Forensics and Investigation. Academic Press (2009)
Ciardhuáin, S.Ó.: An extended model of cybercrime investigations. Int. J. Digit. Evid. 3(1), 1–22 (2004)
Abushahma, R.I.H., Ali, M.A., Al-Sanjary, O.I., Tahir, N.M.: Region-based convolutional neural network as object detection in images. In: 2019 IEEE 7th Conference on Systems, Process and Control (ICSPC), pp. 264–268. IEEE (2019)
Reust, J., Friedburg, S.: DFRWS 2005 Workshop Report. http://www.dfrws.org/2005/download/2005final.Pdf (2006)
Al-Sanjary, O.I., et al.: Deleting object in video copy-move forgery detection based on optical flow concept. In: 2018 IEEE Conference on Systems, Process and Control (ICSPC), pp. 33–38. IEEE (2018)
Al-Sanjary, O.I., Sulong, G.: Detection of video forgery: a review of literature. J. Theor. Appl. Inf. Technol. 74(2) (2015)
Al-Sanjary, O.I., Ahmed, A.A., Jaharadak, A.A.B., Ali, M.A., Zangana, H.M.: Detection clone an object movement using an optical flow approach. In: 2018 IEEE Symposium on Computer Applications & Industrial Electronics (ISCAIE), pp. 388–394. IEEE (2018)
Alkawaz, M.H., Steven, S.J., Hajamydeen, A.I.: Detecting phishing website using machine learning. In: 2020 16th IEEE International Colloquium on Signal Processing & Its Applications (CSPA), pp. 111–114 (2020)
Che Hamid, H.E., et al.: Disaster management support model for Malaysia. In: Badioze Zaman, H., et al. (eds) Advances in Visual Informatics. IVIC 2019. LNCS, vol. 11870, pp. 570–581. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-34032-2_50
Hajamydeen, A.I., Udzir, N.I.: A detailed description on unsupervised heterogeneous anomaly based intrusion detection framework. Scalable Comput. Pract. Exper. 20(1), 113–160 (2019)
Aidee, N.A.N., Johar, M.G.M., Alkawaz, M.H., Hajamydeen, A.I., Al-Tamimi, M.S.H.: Vulnerability assessment on ethereum based smart contract applications. In: 2021 IEEE International Conference on Automatic Control & Intelligent Systems (I2CACIS), pp. 13–18 (2021)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Al-Sanjary, O.I., Ahmed, A.A., Mohammed, M.N., Aik, K.L.T. (2022). Challenges on Digital Cyber-Security and Network Forensics: A Survey. In: Saeed, F., Mohammed, F., Ghaleb, F. (eds) Advances on Intelligent Informatics and Computing. IRICT 2021. Lecture Notes on Data Engineering and Communications Technologies, vol 127. Springer, Cham. https://doi.org/10.1007/978-3-030-98741-1_43
Download citation
DOI: https://doi.org/10.1007/978-3-030-98741-1_43
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-98740-4
Online ISBN: 978-3-030-98741-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)