Pub Date : 2024-10-01DOI: 10.1016/j.fsidi.2024.301819
Raymond Chan
{"title":"Welcome to the proceedings of the Fourth Annual DFRWS APAC Conference 2024!","authors":"Raymond Chan","doi":"10.1016/j.fsidi.2024.301819","DOIUrl":"10.1016/j.fsidi.2024.301819","url":null,"abstract":"","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"50 ","pages":"Article 301819"},"PeriodicalIF":2.0,"publicationDate":"2024-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142530824","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-10-01DOI: 10.1016/j.fsidi.2024.301810
Maximilian Eichhorn, Gaston Pugliese
As IoT devices become more prevalent in everyday environments, their relevance to digital investigations increases. The product class of “smart relays”, which are connected to the low-voltage grid and usually installed in sockets behind walls, has not yet received much attention in the context of smart home forensics. To close a category-specific gap in the device forensics literature, we conducted a multi-device analysis of 16 smart relays from 9 manufacturers, which support six different companion apps in total. Our examination shows that forensic artifacts can be found locally on the smart relays and in the companion app data, as well as remotely on cloud servers of the vendors. Based on our findings, we developed a Python framework to extract forensic artifacts automatically from obtained firmware dumps, from companion app data, and from captured network traffic.
{"title":"Do You “Relay” Want to Give Me Away? – Forensic Cues of Smart Relays and Their IoT Companion Apps","authors":"Maximilian Eichhorn, Gaston Pugliese","doi":"10.1016/j.fsidi.2024.301810","DOIUrl":"10.1016/j.fsidi.2024.301810","url":null,"abstract":"<div><div>As IoT devices become more prevalent in everyday environments, their relevance to digital investigations increases. The product class of “smart relays”, which are connected to the low-voltage grid and usually installed in sockets behind walls, has not yet received much attention in the context of smart home forensics. To close a category-specific gap in the device forensics literature, we conducted a multi-device analysis of 16 smart relays from 9 manufacturers, which support six different companion apps in total. Our examination shows that forensic artifacts can be found locally on the smart relays and in the companion app data, as well as remotely on cloud servers of the vendors. Based on our findings, we developed a Python framework to extract forensic artifacts automatically from obtained firmware dumps, from companion app data, and from captured network traffic.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"50 ","pages":"Article 301810"},"PeriodicalIF":2.0,"publicationDate":"2024-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142530828","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-17DOI: 10.1016/j.fsidi.2024.301829
Yaman Salem, Mohammad M.N. Hamarsheh
IoT devices spread over a wide range of applications these days, and their vast amount of data generated becomes a target for intruders. IoT digital forensics, which involves extracting the digital evidence from the IoT device itself and/or its network traffic using a framework is important and challenging. The challenges include the diversity of types of IoT devices, resource constraints, and users’ privacy. In this article, we focus on network forensics investigations of smart camera traffic as a case study. The investigation process followed the MAoIDFF-IoT framework, a comprehensive and effective framework for IoT devices, and focusing on the locations of potential Artifacts of Interest (AoI). In addition, a few scenarios in using the camera are investigated to obtain a valuable artifact. The results show that it is possible to extract a few artifacts from the network captured traffic even though the traffic is encrypted. Moreover, this research offers guidelines for digital investigators to conduct network forensics on smart camera devices, with detailed results provided.
{"title":"Forensically analyzing IoT smart camera using MAoIDFF-IoT framework","authors":"Yaman Salem, Mohammad M.N. Hamarsheh","doi":"10.1016/j.fsidi.2024.301829","DOIUrl":"10.1016/j.fsidi.2024.301829","url":null,"abstract":"<div><p>IoT devices spread over a wide range of applications these days, and their vast amount of data generated becomes a target for intruders. IoT digital forensics, which involves extracting the digital evidence from the IoT device itself and/or its network traffic using a framework is important and challenging. The challenges include the diversity of types of IoT devices, resource constraints, and users’ privacy. In this article, we focus on network forensics investigations of smart camera traffic as a case study. The investigation process followed the MAoIDFF-IoT framework, a comprehensive and effective framework for IoT devices, and focusing on the locations of potential Artifacts of Interest (AoI). In addition, a few scenarios in using the camera are investigated to obtain a valuable artifact. The results show that it is possible to extract a few artifacts from the network captured traffic even though the traffic is encrypted. Moreover, this research offers guidelines for digital investigators to conduct network forensics on smart camera devices, with detailed results provided.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"51 ","pages":"Article 301829"},"PeriodicalIF":2.0,"publicationDate":"2024-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142239585","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-10DOI: 10.1016/j.fsidi.2024.301821
Dirk HR. Spennemann , Rudolf J. Spennemann , Clare L. Singh
Deliberate academic misconduct by students often relies on the use of segments of externally authored text, generated either by commercial contract authoring services or by generative Artificial intelligence language models. While revision save identifier (rsid) numbers in Microsoft Word files are associated with edit and save actions of a document, MS Word does not adhere to the ECMA specifications for the Office Open XML. Existing literature shows that digital forensics using rsid requires access to multiple document versions or the user's machine. In cases of academic misconduct allegations usually only the submitted files are available for digital forensic examination, coupled with assertions by the alleged perpetrators about the document generation and editing process This paper represents a detailed exploratory study that provides educators and digital forensic scientists with tools to examine a single document for the veracity of various commonly asserted scenarios of document generation and editing. It is based on a series of experiments that ascertained whether and how common edit and document generation actions such as copy, paste, insertion of blocks of texts from other documents, leave tell-tale traces in the rsid encoding that is embedded in all MS Word documents. While digital forensics can illuminate document generation processes, the actions that led to these may have innocuous explanations. In consequence, this paper also provides academic misconduct investigators with a set of prompts to guide the interview with alleged perpetrators to glean the information required for cross-correlation with observations based on the rsid data.
学生蓄意的学术不端行为往往依赖于使用外部撰写的文本片段,这些片段由商业合同撰写服务或生成式人工智能语言模型生成。虽然 Microsoft Word 文件中的修订保存标识符(rsid)编号与文档的编辑和保存操作相关联,但 MS Word 并不遵循 Office Open XML 的 ECMA 规范。现有文献表明,使用 rsid 进行数字取证需要访问多个文档版本或用户机器。在学术不端指控案件中,通常只有提交的文件可供数字取证检查,再加上被指控的肇事者对文档生成和编辑过程的断言,本文是一项详细的探索性研究,为教育工作者和数字取证科学家提供了检查单个文档的工具,以确定各种常见的文档生成和编辑情况的真实性。该研究基于一系列实验,以确定常见的编辑和文档生成操作(如复制、粘贴、插入其他文档中的文本块)是否以及如何在嵌入所有 MS Word 文档的 rsid 编码中留下蛛丝马迹。虽然数字取证可以揭示文档的生成过程,但导致这些过程的操作可能有无害的解释。因此,本文还为学术不端行为调查人员提供了一套提示,用于指导对涉嫌犯罪者的访谈,以收集所需的信息,并与基于 rsid 数据的观察结果进行交叉关联。
{"title":"Examining and detecting academic misconduct in written documents using revision save identifier numbers in MS Word as exemplified by multiple scenarios","authors":"Dirk HR. Spennemann , Rudolf J. Spennemann , Clare L. Singh","doi":"10.1016/j.fsidi.2024.301821","DOIUrl":"10.1016/j.fsidi.2024.301821","url":null,"abstract":"<div><p>Deliberate academic misconduct by students often relies on the use of segments of externally authored text, generated either by commercial contract authoring services or by generative Artificial intelligence language models. While revision save identifier (rsid) numbers in Microsoft Word files are associated with edit and save actions of a document, MS Word does not adhere to the ECMA specifications for the Office Open XML. Existing literature shows that digital forensics using rsid requires access to multiple document versions or the user's machine. In cases of academic misconduct allegations usually only the submitted files are available for digital forensic examination, coupled with assertions by the alleged perpetrators about the document generation and editing process This paper represents a detailed exploratory study that provides educators and digital forensic scientists with tools to examine a single document for the veracity of various commonly asserted scenarios of document generation and editing. It is based on a series of experiments that ascertained whether and how common edit and document generation actions such as copy, paste, insertion of blocks of texts from other documents, leave tell-tale traces in the rsid encoding that is embedded in all MS Word documents. While digital forensics can illuminate document generation processes, the actions that led to these may have innocuous explanations. In consequence, this paper also provides academic misconduct investigators with a set of prompts to guide the interview with alleged perpetrators to glean the information required for cross-correlation with observations based on the rsid data.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"51 ","pages":"Article 301821"},"PeriodicalIF":2.0,"publicationDate":"2024-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2666281724001458/pdfft?md5=1c46f6d9d5928150f3f10e0b2c0b28f0&pid=1-s2.0-S2666281724001458-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142164106","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-28DOI: 10.1016/j.fsidi.2024.301818
Soojin Kang , Uk Hur , Giyoon Kim , Jongsung Kim
Video conferencing applications have become ubiquitous in the post-COVID-19 era. Remote meetings, briefing sessions, and lectures are gradually becoming part of our culture. Thus, the amount of user data that video conferencing applications collect and manage has increased, and such data can be used as digital evidence. In this study, we analyzed Tencent Meeting, the most widely used video conferencing application in China, to identify the data stored on the user's disk by the application. Tencent Meeting stores user information and the chat history during a video conference on local storage. We found that Tencent Meeting suffers from a vulnerability in the process of encrypting and storing the user data, which can be exploited by anyone who can access and decrypt the user's data. We expect that our findings to help digital forensics investigators conduct efficient investigations when applications are used for malicious purposes.
{"title":"Forensic analysis and data decryption of tencent meeting in windows environment","authors":"Soojin Kang , Uk Hur , Giyoon Kim , Jongsung Kim","doi":"10.1016/j.fsidi.2024.301818","DOIUrl":"10.1016/j.fsidi.2024.301818","url":null,"abstract":"<div><p>Video conferencing applications have become ubiquitous in the post-COVID-19 era. Remote meetings, briefing sessions, and lectures are gradually becoming part of our culture. Thus, the amount of user data that video conferencing applications collect and manage has increased, and such data can be used as digital evidence. In this study, we analyzed Tencent Meeting, the most widely used video conferencing application in China, to identify the data stored on the user's disk by the application. Tencent Meeting stores user information and the chat history during a video conference on local storage. We found that Tencent Meeting suffers from a vulnerability in the process of encrypting and storing the user data, which can be exploited by anyone who can access and decrypt the user's data. We expect that our findings to help digital forensics investigators conduct efficient investigations when applications are used for malicious purposes.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"51 ","pages":"Article 301818"},"PeriodicalIF":2.0,"publicationDate":"2024-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142086964","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-28DOI: 10.1016/j.fsidi.2024.301820
{"title":"Navigating the digital labyrinth: Forensics in the age of AI","authors":"","doi":"10.1016/j.fsidi.2024.301820","DOIUrl":"10.1016/j.fsidi.2024.301820","url":null,"abstract":"","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"50 ","pages":"Article 301820"},"PeriodicalIF":2.0,"publicationDate":"2024-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142086871","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-27DOI: 10.1016/j.fsidi.2024.301817
Staffy Kingra , Naveen Aggarwal , Nirmal Kaur
Growing AI advancements are continuously pacing GAN enhancement that eventually facilitates the generation of deepfake media. Manipulated media poses serious risks pertaining court proceedings, journalism, politics, and many more where digital media have a substantial impact on society. State-of-the-art techniques for deepfake detection rely on convolutional networks for spatial analysis, and recurrent networks for temporal analysis. Since transformers are capable of recognizing wide-range dependencies with a global spatial view and along temporal sequence too, a novel approach called “SFormer” is proposed in this paper, utilizing a transformer architecture for both spatial and temporal analysis to detect deepfakes. Further, state-of-the-art techniques suffer from high computational complexity and overfitting which causes loss in generalizability. The proposed model utilized a Swin Transformer for spatial analysis that resulted in low complexity, thereby enhancing its generalization ability and robustness against the different manipulation types. Proposed end-to-end transformer based model, SFormer, is proven to be effective for numerous deepfake datasets, including FF++, DFD, Celeb-DF, DFDC and Deeper-Forensics, and achieved an accuracy of 100%, 97.81%, 99.1%, 93.67% and 100% respectively. Moreover, SFormer has demonstrated superior performance compared to existing spatio-temporal and transformer-based approaches for deepfake detection.
人工智能的发展不断推动着 GAN 的增强,最终促进了深度伪造媒体的产生。被操纵的媒体会给法庭诉讼、新闻、政治以及数字媒体对社会产生重大影响的其他领域带来严重风险。最先进的深度伪造检测技术依靠卷积网络进行空间分析,依靠递归网络进行时间分析。由于变换器既能从全局空间视角识别广泛的依赖关系,也能沿着时间序列进行识别,因此本文提出了一种名为 "SFormer "的新方法,利用变换器架构进行空间和时间分析来检测深度伪造。此外,最先进的技术都存在计算复杂度高和过度拟合的问题,从而导致普适性下降。所提出的模型利用 Swin 变换器进行空间分析,从而降低了复杂度,增强了通用能力和对不同操作类型的鲁棒性。所提出的基于端到端变换器的模型--SFormer,已被证明对众多深度伪造数据集(包括FF++、DFD、Celeb-DF、DFDC和Deeper-Forensics)有效,准确率分别达到100%、97.81%、99.1%、93.67%和100%。此外,与现有的基于时空和变换器的深度伪造检测方法相比,SFormer 表现出了更优越的性能。
{"title":"SFormer: An end-to-end spatio-temporal transformer architecture for deepfake detection","authors":"Staffy Kingra , Naveen Aggarwal , Nirmal Kaur","doi":"10.1016/j.fsidi.2024.301817","DOIUrl":"10.1016/j.fsidi.2024.301817","url":null,"abstract":"<div><p>Growing AI advancements are continuously pacing GAN enhancement that eventually facilitates the generation of deepfake media. Manipulated media poses serious risks pertaining court proceedings, journalism, politics, and many more where digital media have a substantial impact on society. State-of-the-art techniques for deepfake detection rely on convolutional networks for spatial analysis, and recurrent networks for temporal analysis. Since transformers are capable of recognizing wide-range dependencies with a global spatial view and along temporal sequence too, a novel approach called “SFormer” is proposed in this paper, utilizing a transformer architecture for both spatial and temporal analysis to detect deepfakes. Further, state-of-the-art techniques suffer from high computational complexity and overfitting which causes loss in generalizability. The proposed model utilized a Swin Transformer for spatial analysis that resulted in low complexity, thereby enhancing its generalization ability and robustness against the different manipulation types. Proposed end-to-end transformer based model, SFormer, is proven to be effective for numerous deepfake datasets, including FF++, DFD, Celeb-DF, DFDC and Deeper-Forensics, and achieved an accuracy of 100%, 97.81%, 99.1%, 93.67% and 100% respectively. Moreover, SFormer has demonstrated superior performance compared to existing spatio-temporal and transformer-based approaches for deepfake detection.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"51 ","pages":"Article 301817"},"PeriodicalIF":2.0,"publicationDate":"2024-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142083968","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-07-13DOI: 10.1016/j.fsidi.2024.301799
Yeonghun Shin , Taeshik Shon
Most modern digital devices with storage utilize a file system to manage files and directories. Consequently, when digital forensic investigators derive evidence from such devices, they collect and analyze data stored on them through file system analysis. However, there are numerous types of file systems, with new ones continually being developed. Each file system possesses a distinct metadata structure and file management system. Therefore, investigators must possess prior knowledge of the specific file system being examined. Nevertheless, it is challenging for practitioners to be knowledgeable about all existing file systems. To address this issue, forensic software such as The Sleuth Kit (TSK), an open-source forensic tool, is employed for investigations. However, even these tools may not offer complete support for relatively recent file systems.
Hence, we propose a structure for integrating a new file system into the open-source forensic tool TSK. Additionally, to validate this proposed structure, we demonstrate that support for five file systems (Ext4, XFS, Btrfs, F2FS, and Hikvision) can be added following this framework. To achieve this, we conducted an analysis of the metadata and file management scheme for these five file systems. Furthermore, we examined the operational procedures of the TSK framework. Based on these analyses, investigation capabilities for the five file systems have been incorporated into TSK. Moreover, reliability verification experiments were conducted on the developed tools; and performance evaluation was carried out in comparison with other commercial digital forensic tools. The findings of this study can serve as a foundation for future forensic studies based on file systems. Additionally, the TSK developed based on the proposed structure can assist investigators in conducting digital forensics effectively.
{"title":"Towards a practical usage for the Sleuth Kit supporting file system add-ons","authors":"Yeonghun Shin , Taeshik Shon","doi":"10.1016/j.fsidi.2024.301799","DOIUrl":"https://doi.org/10.1016/j.fsidi.2024.301799","url":null,"abstract":"<div><p>Most modern digital devices with storage utilize a file system to manage files and directories. Consequently, when digital forensic investigators derive evidence from such devices, they collect and analyze data stored on them through file system analysis. However, there are numerous types of file systems, with new ones continually being developed. Each file system possesses a distinct metadata structure and file management system. Therefore, investigators must possess prior knowledge of the specific file system being examined. Nevertheless, it is challenging for practitioners to be knowledgeable about all existing file systems. To address this issue, forensic software such as The Sleuth Kit (TSK), an open-source forensic tool, is employed for investigations. However, even these tools may not offer complete support for relatively recent file systems.</p><p>Hence, we propose a structure for integrating a new file system into the open-source forensic tool TSK. Additionally, to validate this proposed structure, we demonstrate that support for five file systems (Ext4, XFS, Btrfs, F2FS, and Hikvision) can be added following this framework. To achieve this, we conducted an analysis of the metadata and file management scheme for these five file systems. Furthermore, we examined the operational procedures of the TSK framework. Based on these analyses, investigation capabilities for the five file systems have been incorporated into TSK. Moreover, reliability verification experiments were conducted on the developed tools; and performance evaluation was carried out in comparison with other commercial digital forensic tools. The findings of this study can serve as a foundation for future forensic studies based on file systems. Additionally, the TSK developed based on the proposed structure can assist investigators in conducting digital forensics effectively.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"50 ","pages":"Article 301799"},"PeriodicalIF":2.0,"publicationDate":"2024-07-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141606950","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-07-13DOI: 10.1016/j.fsidi.2024.301802
Dan Cooke , Angus Marshall
Money laundering and video games provide opportunities to criminals for easier and less detectable methods of performing money laundering. These actions may be used as part of a system of transactions, by these criminals, to further disguise the origins of their funds. The use of videogames as a tool to launder money is something that has been only briefly explored. This work identifies the ways that money laundering through video game secondary marketplaces can offer benefits to criminals looking to launder money, versus the use of traditional money laundering methods.
We explore the potential for using publicly accessible data, such as that available from the Steam Marketplace, to identify suspicious transactions that may indicate the existence of money laundering within these platforms. This research focused on identifying irregularities in the frequency and quantity of trades on the Steam Marketplace.
The results of this investigation show that identifying, using very simple money laundering detection methods, possible cases of money laundering within transactional data from the Steam Marketplace is possible. The data used shows that there were several suspicious transactions and accounts which could warrant further investigation, and may be involved in activity which represents money laundering. As a result of this, there is scope for further investigations using larger data sets and examination of other publicly accessible data using a greater range of methods to identify suspicious transactions including, but not limited to, value of transactions and location.
{"title":"Money laundering through video games, a criminals' playground","authors":"Dan Cooke , Angus Marshall","doi":"10.1016/j.fsidi.2024.301802","DOIUrl":"https://doi.org/10.1016/j.fsidi.2024.301802","url":null,"abstract":"<div><p>Money laundering and video games provide opportunities to criminals for easier and less detectable methods of performing money laundering. These actions may be used as part of a system of transactions, by these criminals, to further disguise the origins of their funds. The use of videogames as a tool to launder money is something that has been only briefly explored. This work identifies the ways that money laundering through video game secondary marketplaces can offer benefits to criminals looking to launder money, versus the use of traditional money laundering methods.</p><p>We explore the potential for using publicly accessible data, such as that available from the Steam Marketplace, to identify suspicious transactions that may indicate the existence of money laundering within these platforms. This research focused on identifying irregularities in the frequency and quantity of trades on the Steam Marketplace.</p><p>The results of this investigation show that identifying, using very simple money laundering detection methods, possible cases of money laundering within transactional data from the Steam Marketplace is possible. The data used shows that there were several suspicious transactions and accounts which could warrant further investigation, and may be involved in activity which represents money laundering. As a result of this, there is scope for further investigations using larger data sets and examination of other publicly accessible data using a greater range of methods to identify suspicious transactions including, but not limited to, value of transactions and location.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"50 ","pages":"Article 301802"},"PeriodicalIF":2.0,"publicationDate":"2024-07-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2666281724001264/pdfft?md5=843f79ae7978a79c885020e2a44ce53d&pid=1-s2.0-S2666281724001264-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141606951","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
扫码关注我们
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号