Digital Forensics: Chat Applications PDF

Digital Forensic Science, Chat Applications Fuzzy Logic Neutrosophic Logic Introduction Digital forensics is a subfield of forensic science that analyzes and examines digital data obtained from digital devices. Mobile device forensics involves collecting and analyzing the data found in small devices like smartphones, smartwatches, and tablets. Chats have become an integral part of our lives, it contains information about our social, economic, personal, psychological, etc. Introduction The information extracted from chats could be helpful for forensic investigators in the event of any criminal activity. However, using chats raises several legal and constitutional issues regarding forensic investigations. Also, someone with malicious intent can also manipulate this information to provide false evidence to deceive forensic investigators. Introduction Logics Therefore, forensic investigators must use computer science logics, such as Fuzzy Logic and Neutrosophic Logic, to specify the truth and false information in chats and indicate the percentage of truth or falsehood in each conversation to determine its admissibility as evidence. Fuzzy Logic Neutrosophic Logic Introduction Fuzzy Logics Fuzzy Logic plays a crucial role in decision support systems by identify the degrees of truth and false in real-world scenarios; it provides a more nuanced and flexible approach to decision-making. Fuzzy Logic is particularly advantageous in complex systems where the data may need to be more precise or complete. Overall, Fuzzy Logic provides a flexible and powerful tool for dealing with imprecise and uncertain information, allowing for more nuanced reasoning and decision-making in various domains. Introduction Neutrosophic Logics Neutrosophic Logic is an extend of Fuzzy Logic. It is based on the fundamental principles of Neutrosophic introduced by Florentin Smarandache. Unlike classical Logic which deals with binary truth values (true or false) and Fuzzy Logic which deals with the degree between truth and false values, Neutrosophic Logic allows for indeterminate, true, and false statements. Introduction Aim of the work Aim of the work This research aims to analyze data using Fuzzy Logic and Neutrosophic Logic to provide a level of certainty to forensic investigators to use these data as an evidence or not. These data are compiled into a dataset and analyzed using a Matlab model and Python code to determine the reliability of the information. The results reveal the percentage of each data point and whether it can be considered as an evidence. Introduction Methodology Gauging information from Smartphones using Fuzzy Logic Gauging information from Smartphones using Neutrosophic Logic Using Neutrosophic Topological Framework for Gauging Different Types of data Extracted from Smartphones Methodology A dataset downloaded from the Kaggle website was analyzed. This dataset contains conversations between individuals. It comprises seven columns, where the first column shows the sender's name, while the second column contains the chat messages. From the third to seventh columns, the date and time of each Message are represented Microsoft Excel has been used to change the date and time into timestamps. The user column was also changed to 0, 1. The sender's changed to (0), while the recipients' changed to (1) Methodology Each chat in the dataset was changed to a percentage using the Excel Fuzzy Lookup Add-in. This add-in provides a percentage of similarity between the two tables. The first Table was the chat table, while the other Table had a single column containing the most commonly used words for disputes and violations Methodology Gauging information from Smartphones using Fuzzy Logic A Fuzzy Mamdani-type model was created by he Matlab Fuzzy Logic Designer tool. The model has three inputs, rules, and outputs. This Fuzzy model was designed to test three inputs according to predetermined rules and produce corresponding outputs. Methodology The Input: The Fuzzy model consists of three inputs: 1. The sender contains two values: (0) for the chat owner and (1) for the others. 2. Time has three values. The first value is the timestamp of the first Message, and the second value is the time the investigator found the phone containing the chat. The third is the timestamp after the investigator found the smartphone by 6 months. 3. The strength of the evidence is evaluated by the Excel Fuzzy lookup. Methodology The Rules Methodology The Output: The output represents the result, and it contains three values. 1: weak ranges from 0% to 50%, representing weak evidence. 2: Middle represents 51% to 70%, representing the average evidence. 3: Strong; it ranges from 71% to 100%, representing strong evidence. Methodology Gauging information from Smartphones using Neutrosophic Logic The inputs: 1. The sender contains two values: (0) for the chat owner and (1) for the others. 2: Time has two values. The first value is the timestamp of the first Message, "1637963220", and the second value is the time after the investigator found the dataset "1661367654"..3. The Excel Fuzzy lookup evaluates the strength of the evidence. Methodology The output It represents the result, and it contains three values: 1: weak ranges from 0.01 to 0.5, representing weak evidence. 2: Middle represents 0.51 to 0.7, representing the average evidence. 3: Strong; it ranges from 0.71 to 0.99, representing strong evidence. Methodology Python Code def neutrosophic_gauging(smartphone_data): # Step 1: Data extraction relevant_data = extract_relevant_data(smartphone_data) # Step 2: Neutrosophic evaluation degrees_of_truth, degrees_of_falsity, degrees_of_neutrality = neutrosophic_evaluate(relevant_data) # Step 3: Decision making relevance_scores = calculate_relevance_scores (degrees_of_truth, degrees_of_falsity, degrees_of_neutrality) # Return the most relevant information return get_most_relevant_information (relevance_scores) Methodology Using Neutrosophic Topological Framework for Gauging Different Types of data Extracted from Smartphones Our research also used Neutrosophic Topology reasoning to determine the degree of Truth, falsehood, or indeterminacy of different types of data (text message, call log, App Usage). Our proposed framework leverages the power of Neutrosophic topological spaces to represent and extract information from smartphone data. Methodology Sets (Points): Point 1: Text message - Sender: "John Smith (Work)", Recipient: "You", Message: "Meeting at 10 AM in the Public Garden", Time: 8:00 AM Point 2: Text message - Sender: "John Smith", Recipient: "You", Message: "Don`t forget your gun", Time: 9:00 AM. Point 3: App usage event - App: Calendar, Duration: 30 minutes, Time 9:30 AM. Point 4: Call log - Caller ID: Unknown Number, Time: 5:00 PM, Duration: 10 minutes. Point 5: Text message - Sender: "You", Recipient: "John Smith", Message: "It was an interesting trip, we hunt many birds ☺", Time: 6:00 PM. Methodology Python Code # Libraries for topological space construction (e.g., NetworkX) import networkx as nx # Function to define distance metric (replace with your chosen metric) def neutrosophic_distance(data_point1, data_point2): #... (code to calculate distance based on features and neutrosophic degrees) return distance # Construct neutrosophic topological space def create_neutrosophic_space(neutrosophic_data): space = nx.Graph() for data_point in neutrosophic_data: space.add_node(data_point[1, 3, 5], truth=data_point[1, 3, 5], indeterminacy=data_point, falsity=data_point) # Add edges based on distance between data points for neighbor in neutrosophic_data: if data_point != neighbor: dist = neutrosophic_distance(data_point, neighbor) if dist < distance_threshold: # Define threshold for adding edges space.add_edge(data_point, neighbor, weight=dist) return space Methodology The Results The result of gauging information from Smartphones using Fuzzy Logic The result of Gauging information from Smartphones using Neutrosophic Logic The result of Using Neutrosophic Topological Framework for Gauging Different Types of data Extracted from Smartphones Results The result of gauging information from Smartphones using Fuzzy Logic 30 chats have been Extracted from Smartphones analyzed with different inputs. After the model processed the inputs using rules and generated outputs 1. The model has given a low percentage to chats numbered 1, 9, 12, 14, 15, 16, 17, 18, 19, 21, 23, 24, 25, 26, 27, and 28 as they have a low similarity percentage with feud and violation words. 2. The model has given a high percentage to chats numbered 2, 3, 4, 5, 6, 7, 8, 10, 11, 13, 20, and 22 as they have a high similarity percentage with feud and violation words. Results 3. The Fuzzy model could not be deceived, as it gave a low evaluation to chat numbers 29, and 30 even though they contained a high similarity percentage with feud and violation words because an individual sent those chats after the smartphone was found. Results The result of gauging information from Smartphones using Neutrosophic Logic Extracted We analyzed 30 chats with variousfrom inputs, Smartphones and after processing the inputs using Python code, the output was obtained 1. Data points that fall above 0.7 are considered more likely to be accurate, as in chats numbers 2, 3, 4, 7, 11, 13, 20, and 22. 2. Chats numbers 1, 9, 12, 14, 15, 16, 17, 18, 19, 21, 23, 25, 26, 27, 28, 29, and 30 which are below 0.5 are considered more likely to be false. 3. Data points closer to 0.7 are considered more neutral, meaning they contain a mixture of Truth and falsity or that their truth value is uncertain, as chat numbers 5, 6, 8, 10, and 24. Results Results Results Comparing between Fuzzy Logic and Neutrosophic Logic results Fuzzy Matlab results Neutrosophic Python Code results 1 The model has given a high The code assigned a high degree to percentage to chats numbered 2, 3, chats numbered 2, 3, 4, 7, 11, 13, 20, 4, 5, 6, 7, 8, 10, 11, 13, 20, and 22 as and 22 since they gave high degree they have a high similarity in Truth and low degree of Failsy, percentage with feud and violation Neutrality mean that these words conversations could be an evidence. 2 The model has given a low The code gave a low degree to chats percentage to chats numbered 1, 9, numbered 1, 9, 12, 14, 15, 16, 17, 18, 12, 14, 15, 16, 17, 18, 19, 21, 23, 24, 19, 21, 23, 25, 26, 27 and 28 since they 25, 26, 27, and 28 as they have a low had a high degree in Neutrality and similarity percentage with feud and low degree Truth and Failsy which violation words mean that there was no feud or violation in these conversation. Results Comparing between Fuzzy Logic and Neutrosophic Logic results 3 The Fuzzy model could not be deceived, as The code assigned a low it gave a low evaluation to chat numbers degree to chats numbered 29, 29, and 30 even though they contained a 30 since they gave high degree high similarity percentage with feud and of Failsy and low of Truth and violation words because an individual sent Neutrality. those chats after the smartphone was found The code assigned a middle degree to chats numbered 5, 6, 8, 10 and 24 since they gave middle degree of Truth and Failsy and low of Neutrality. 4 The Fuzzy model represent the output in The Python code gave the output in percentage three degrees from 0 to 0.99 which make it more accuracy than Fuzzy Matlab result 5 The Fuzzy logic has two values Truth and Failsy and The Neutrosophic logic has three the percentage between them. values Truth, Failsy and Neutrality which make the result accurate Results The result of Using Neutrosophic Topological Framework for Gauging Different Types of data Extracted from Smartphones Data Point Description Neutrosophic Justification** Set (T, I, F) Point 1 Text message: John Smith (0.9, 0.1, -0.2) * High (T) - Known contact (John) suggests a likely (Work), 8:00 AM business call. * Low (I) - Time and duration are clear. * Low Falsity (F) - Work contact reduces the chance of prank contact. Point 2 Text message: Jane, 9:00 (0.1, 0.1, 0.8) * low (T) - Likely a not clear message. * Low (I) - AM Message is not clear. * High (F) - Message suggests about gun. Point 3 App usage: Calendar (0.8, 0.2, -0.4) * High (T) - Calendar app suggests a planned Event, Meeting 10:00 meeting. * Medium (I) - Uncertain if user will attend AM, 30 min, 9:30 AM (might be a reminder). * Medium (F) - Calendar events can be changed, so there's a chance it's outdated. Point 4 Call log: Unknown caller, (0.3, 0.6, 0.1) * Medium (T) - Unknown caller introduces 5:00 PM, 10 min uncertainty. * High (I) - No information about call content. * Low (F) - Short call might be legitimate but unsure. Point 5 Text message: Boss, (0.9, 0.1, -0.2) * High (T) - Likely from John Smith (high Urgent task, 6:00 PM importance). * Low (I) - Clear message. * Low (F) – It help forensic investigator to determine that there is no crime it`s just hunting trip. Results CONCLUSION Conclusion Conclusion Fuzzy Logic and Neutrosophic Logic are extensions of classical Logic that deal with uncertainty, imprecision, and vagueness in data or knowledge representation. Both Logics deal with the percentage of Truth rather than absolute truth values. It allows intermediate values between true and false, expressed as membership degrees in the range [0, 1]. Conclusion Conclusion Neutrosophic Logic extends Fuzzy Logic by introducing the concept of indeterminacy, which allows for the existence of Truth, falsehood, and Neutrality simultaneously. Both Logic could give accurate results as they could determine the conversations that may be used as good evidence. They can also identify conversations that cannot be considered evidence. Neutrosophic Logic is superior to Fuzzy Logic in that the results consist of three outputs: True, false, and Neutrality, and the result ranges from 0 to 0.99. Conclusion

Digital Forensics: Chat Applications PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue