India's Forensic Magazine
-
Upload
khangminh22 -
Category
Documents
-
view
3 -
download
0
Transcript of India's Forensic Magazine
FORENSIC YARDFORENSIC YARDFORENSIC YARDCyber & Forensic Updates
India's Forensic MagazineA one stop Marketplace for
Forensic and Cyber Security
Jobs and Research
EDITORIALHello & Welcome!!
It is with great honour that we present to you the First E-magazine of FORENSIC YARD.
The purpose this magazine serves is to provide relevant research information in the
field of Forensic Science and Cyber Security. This magazine includes topics of
recent advancements in the industry.
Forensic Yard Digital Magazine have also initiated a research article gig for our
students and working professionals. Students are requested to apply for the
programme through our website form and submit their articles to our Hr Manager.
Selection will be based on pure merit and the authenticity of the work.
Apart from this, information on vacancies and jobs will be provided in the Career
section of the Magazine.
In the coming time, we promise to work much harder and to make it even more useful
for the students of Forensic Science & Cyber Security.
We promise to understand the requirements and demands of our readers and look
forward to their suggestions and changes in our magazine.
In the Magazine, you’ll find the news of some trending topics and a few research work.
We would also like to congratulate and thank to contributors who helped and worked
hard with us creating this E-magazine to make it successful.
Forensic Yard is working on giving best knowledge and guidance to our readers.
With best wishes and regards.Yours sincerely
Dear Readers,
FORENSIC YARD
W W W . F O R E N S I C Y A R D . C O M
CONTRIBUTORS
Shijin is Pursuing M.Sc. Forensic Science from Delhi
University. Ambitious, Data driven individual with excellent
grasp of python and search engine optimization.
Enthusiastic about applying the knowledge of various
programming languages to the field of forensic science.
Experienced in designing and developing sites from
concept to roll out, worked with Ecloto Designs as an
Intern and Assistant Web Developer.
Damini is a final year student and is currently pursuing
B.Sc (H) Forensic Science from Sgt University, Gurugram-
Haryana and is an aspiring writer who believes to twist the
aspects of content writing with the use of creativity and
imagination.She has also worked as 'Trainee Intern' in
CFSL , ( Junga ) which is located in Himachal Pradesh.
MR. SHIJIN S. MATHEW
MS. DAMINI SHAW
W W W . F O R E N S I C Y A R D . C O M
CONTRIBUTORS
Experienced Ethical Hacker with a demonstrated history of
working in the security and investigations industry. Skilled in
Anti-phishing, python, Java, Ethical Hacking, and Malware
Analysis. Strong forensics professional with a Bachelor's
degree focused in Cyber/Computer Forensics from
Galgotias University.
MR. MUKUL SHARMA
W W W . F O R E N S I C Y A R D . C O M
Vimal K B is Currently pursuing M.Sc. Forensic Science from
CTM-IRTE Faridabad. He has Completed B.Sc.(H) - Forensic
Science from Galgotias University, Greater Noida.
Worked as an Intern in Kerala Police Academy, Thrissur
under Forensic Science Department.
MR. VIMAL K. B.
The apex vigilance body said a major shareof complaints against public servants arevague, unverifiable and made to harass.
It was found that about 25 corruptioninvestigations in CBI are pending beyondfive years. Overall, total 1,239 investigationsand enquiries were pending in CBI tillDecember last year.
The Central Vigilance Commission (CVC) hasclaimed that the Central Bureau ofInvestigation (CBI) has been slow ininvestigating certain cases due to severalreasons including work overload, delay inobtaining reply to the Letter Rogatories(LRs) sent to various countries seekinginformation, government departments notsupplying relevant records & sanction to theagency, delay in obtaining forensic reportsfrom laboratories, among other reasons.
Other reasons cited by the apex vigilancebody for CBI investigations getting stuck foryears are shortage of manpower, time takenin scrutiny of voluminous records ineconomic offences, bank fraud cases andsignificant time spent by officers in locatingand examining witnesses living in distantplaces. According to CVC’s annual report,which was released on Sunday, investigationwas pending in 744 CBI cases for more thana year at the end of December 2019 out ofwhich 678 were related to Prevention ofCorruption (PC) Act.It was found that about 25 corruptioninvestigations in CBI are pending beyondfive years. Overall, total 1,239 investigationsand enquiries were pending in CBI tillDecember last year. The data reveals thatthe CBI registered total 608 FIRs and 102preliminary enquiries (PEs) in 2019.
‘OVER 700 CBI INVESTIGATIONSPENDING FOR MORE THAN A YEAR’
CENTRAL VIGILANCE COMMISSION
SOURCE: HINDUSTANTIMES
I S R A E L T O H E L P U . P . S E T - U PF O R E N S I C S C I E N C E V A R S I T Y
“An MoU will be signed for technical assistance with Israel & GujaratForensic University,”
In order to check the rise in cyber crime,
Uttar Pradesh will establish a world-class
forensic science university in Lucknow.
With a campus spread over 35 acres, the
Forensic Science University will come up
at Piparsand village in Sarojini Nagar area
of the state capital. “An MoU will be
signed for technical assistance with
Israel and Gujarat Forensic University,”
Additional CS (home) Awanish Awasthi
said, adding a provision of Rs 20 crore
has already been made for setting it up.
It will also have agreements done with
other countries while students from the
sub -continent will also be allowed to
study at the university. Additional
Director General of police, technical
services, will be be the nodal head for the
establishment of the university.
The university will help prepare a pool
of forensic experts who will be used by
the police department as well as other
public sector organisations. The posts of
vice-chancellor, registrar and finance
officer have been created. There will be
10 departments in the university, the
additional chief secretary added. In all,
496 posts, including 14 professors, 12
associate professors and 42 assistant
professors, are proposed, he said.
Source : times of India
identified and legal action will be taken,"said Prashant Kumar, a senior UP policeofficer. Experts point out that samples werecollected days after the incident & spermswould not be present. The woman died of"injury to the cervical spine by indirect blunttrauma," according to the autopsy reportaccessed from the Delhi hospital where the20-year-old died on Tuesday. It mentionsthat there was an attempt to strangle herwith her dupatta but clarifies that was notwhat caused her death. The woman hadbeen assaulted by four upper caste menfrom her village on September 14. She wasfound by her family in the fields, naked,bleeding, with multiple fractures and a gashin her tongue. The police claimed her tonguewas cut because she bit it while herattackers were trying to strangle her.
She gave a formal statement onSeptember 22. The autopsy reportdated September 29 refers to "rape andstrangulation" in her medical historyand says she had suffered from cervicalspinal injury. The report's "finaldiagnosis" lists "alleged post-strangulation with cervical spine injurywith sepsis with cardiopulmonaryarrest". She was given CPR, the reportsaid, & "despite all resuscitative efforts",declared dead at 8.55 am on Tuesday.
No Rape In Hathras Case,Senior UP Cop Claims,Citing Forensic Report
Source: ndtv
Hathras case: The autopsy reportreferred to "rape and strangulation" in
her medical history and said she hadsuffered from cervical spinal injury.
Hathras: The young woman from UttarPradesh's Hathras, who died days afterbeing gang raped and tortured, wasstrangled, brutalised and suffered cervicalspine injury, her autopsy report has said.The "final diagnosis" does not mention rapebut the report refers to tears in her privateparts.
The Uttar Pradesh police, however, claimedon Thursday that a forensic report of herviscera had proved that she was not rapedor gang raped. "The post-mortem reportsays the victim died due to her neck injury.FSL (Forensic Science Laboratory) reporthasn't found sperm in samples, making itclear that some people twisted the matter tostir caste-based tension. Such people will be
"A UK man who threatened topublicly release stolen confidentialinformation unless the victimsagreed to fulfill his digital extortiondemands has finally pleaded guiltyon Monday at U.S. federal districtcourt in St. Louis, Missouri. NathanFrancis Wyatt , 39, who is a keymember of the infamousinternational hacking group 'TheDark Overlord,' has beensentenced to five years in prisonand ordered to pay $1,467,048 inrestitution to his victims. Wyatt,who was extradited to the UnitedStates late last year after beingheld for over two years in theUnited Kingdom, has pleadedguilty to conspiring to commitaggravated identity theft andcomputer fraud. U.K. police firstarrested Wyatt in September 2016during an investigation into thehacking of an iCloud accountbelonging to Pippa Middleton, theyounger sister of the British royal
family member Duchess ofCambridge, and stealing 3,000images of her. Though he wasreleased in that case withoutcharge due to lack of evidence,Wyatt was again arrested inSeptember 2017 over hackingcompanies, credit card frauds, andblackmailing schemes to extortmoney from the victims. Accordingto court documents, Wyatt hasattacked multiple healthcareproviders and accounting firms inMissouri, Illinois, and Georgiastates as a member of The DarkOverlord since February 2016, butthe court documents do not namethe companies. The Dark Overlord(TDO) is infamous for remotelyaccessing the computer networksof victim companies in the UnitedStates and then stealing sensitivedata, like patient medical recordsand personal identifyinginformation. "The Dark Overlordhas victimized innumerable
employers in the United States,many of them repeatedly," said U.SAttorney Jeff Jensen. "I amgrateful to the victims who cameforward despite ransom threatsand to the prosecutors and agentswho were the first to catch andpunish a member of The DarkOverlord in the United States."The Dark Overload has previouslybeen attributed to several hackingevents, including leaking tenunreleased episodes of the 5thseason of ' Orange Is The NewBlack' series from Netflix andhacking Gorilla Glue , Little RedDoor cancer service agency,among others.
BRITISH HACKERSENTENCED TO
5 YEARS FORBLACKMAILINGU.S. COMPANIES
With no private biddersinterested in setting up acyber forensic lab-cum-training centre, the stategovernment has invitedbidders again — for the thirdtime in two years. With apoor track record of solvingcybercrimes, Goa police ismaking yet another attemptto get the proposed projectoff the ground. Last year, twotenders were floated by thestate government, but theydidn’t receive any bids.Later, the state governmentdecided to set up the labthrough a public sectorundertaking (PSU). A seniorofficer said that since thepolice were not getting whatthey wanted from the PSU,
they decided to float a freshtender to set up the lab. Thelast date for submission ofthe tender document isSeptember 29, and they willbe open the next day. Theofficer said that if they fail toattract bidders, thesubmission date would beextended. Currently, thecrime branch has a small labset up under corporate socialresponsibility (CSR). Analarming 80% of all cybercrimes reported in the statehave remained unsolved dueto lack of infrastructure andcyber experts. The lab isexpected to be set up underthe cybercrime preventionagainst women and children(CCPWC) scheme, and may
go a long way in helping Goapolice solve the many pendingcases by identifying or locating theaccused. The Centre hasapproved Rs 1.4 crore for Goapolice to set up the cyber lab.Investigations into cybercrimes,including financial crimes, requirecomputer skills, mainly for on-siteimaging and on-site analysis andtracking of leads. However, thelack of skilled manpower is a majorproblem. In December 2013, thestate government had grantedpermission to set up a cybercrimecell in the state, and to recruittechnical persons for the same. Ayear later, the same wasoperational.
Source : times of India
No takers:Governmentinvitesbidders to setup cyberForensic Labfor Third Time
A hacking group known for its attacks in the Middle East,at least since 2017, has recently been foundimpersonating legitimate messaging apps such asTelegram and Threema to infect Android devices with anew, previously undocumented malware. "Compared tothe versions documented in 2017, Android/SpyC23.Ahas extended spying functionality, including readingnotifications from messaging apps, call recording andscreen recording, and new stealth features, such asdismissing notifications from built-in Android securityapps," cybersecurity firm ESET said in a Wednesdayanalysis. First detailed by Qihoo 360 in 2017 under themoniker Two-tailed Scorpion (aka APT-C-23 or DesertScorpion), the mobile malware has been deemed"surveillance ware" for its abilities to spy on the devicesof targeted individuals, exfiltrating call logs, contacts,location, messages, photos, and other sensitivedocuments in the process. In 2018, Symantecdiscovered a newer variant of the campaign thatemployed a malicious media player as a lure to grab
information from the device and trick victims intoinstalling additional malware. Then earlier thisyear, Check Point Research detailed fresh signsof APT-C-23 activity when Hamas operatorsposed as young teenage girls on Facebook,Instagram, and Telegram to lure Israeli soldiersinto installing malware-infected apps on theirphones. The latest version of the spywaredetailed by ESET expands on these features,including the ability to collect information fromsocial media and messaging apps via screenrecording and screenshots, and even captureincoming and outgoing calls in WhatsApp andread the text of notifications from social media
apps, including WhatsApp, Viber, Facebook,Skype, and Messenger. The infection beginswhen a victim visits a fake Android app storecalled "DigitalApps," and downloads apps such asTelegram, Threema, and weMessage, suggestingthat the group's motivation behind impersonatingmessaging apps is to "justify the variouspermissions requested by the malware."Apps downloaded from fraudulent third-party appstores has been a conduit for Android malware inrecent years. It's always essential to stick toofficial sources to limit risk, and scrutinizepermissions requested by apps before installingthem on the device.
Beware: New AndroidSpyware Found Posingas Telegram andThreema Apps
source : thehackernews
Filters in Wireshark -
It can isolate and show all the different
components that are present in a packet and
filter out , just the keywords that we want to
analyze or something that we are sure is a
threat to the network. As I said, filters can be
applied in every part of the packets including
“strings” or even the network protocols like –
FTP,TCP etc. This accomplishes : to capture
packets selected from the network and also
to find interested packets.
state of the network whether it is built in such a
way that an attack is possible or not . The second
aspect is to diagnose a network in case of attack.
This data analysis could be easily done if there
was any tool for capturing both the incoming and
outgoing data and Wireshark is such a tool which
helps to capture and observe the incoming and
outgoing data. Another such tool is tcpdump but
it runs on command line interface hence
Wireshark is preferred more which is based on
graphical interface and is open source i.e. – free
of cost.
But even if the incoming data
and outgoing data is recorded and observed it is
very difficult to identify and pin point each and
every communications between servers and then
in turn identifying the threats and malicious
attacks becomes a tedious job like finding a
needle in haystack .Therefore Wireshark comes
with certain features which would help to further
narrow down the process and make it easier to
protect the network from attacks.
WIRESHARK FEATURES-
Introduction
Everything nowadays is connected to many things
through different modes and the internet remains
the primary mode of connection, and when
something is connected to the internet or any
network for that matter there is always a mutual
exchange of data. You can send anything to anyone
over the internet for example – email, picture, text,
etc. Even though these data is accessed as a whole
at both the source and the destination but this
data is not sent across the internet as a whole ,
these are sent separately as different characters
or as small packages known as packets , these
packets when received at the destination is
reassembled in the form of your originally intended
message and because there would an exchange of
large number of packets via the network there
would a resulting traffic and this is known as
network traffic. This network traffic analysis would
give us a number of information like - the
destination and source of communication, amount
of data transferred , location of the destination
server, any ongoing attacks on the server, and
much more that is why a continuous monitoring of
the network becomes important . If a big institution
is connected with each other through a network
then again the analysis becomes important for the
above mentioned reasons and to gain certain other
information like where a major chunk of data is
utilized and why this helps the network engineers
to clean up the network. The another reason for
analyzing data packets can be understood in two
aspects , the first aspect is that we can know the
Mr. Shijin S Mathew
WWW.FORENSICYARD.COM
Live capture and offline analysis –Wireshark allows you to capture and recordthe inflow and outflow of data live i.e. – asthe exchange of data is going on betweennetworks and then allows you to analyze thatdata at any point of time in the future.Runs on multiple platforms – It can run onany OS platform like – Windows , Linux andMacOS .Read or write from different capture files –it can read and write files that were evencaptured by other software's like tcpdump ,cisco secure , pcp, etc. The data can berecorded from Ethernet, ATM, Bluetooth,USB, etc.Decryption – the encrypted data frominternet protocols like HTTP, FTP, etc can bedecrypted using Wireshark.
Wireshark can be used to identify whoinitiated the attack, as we know that inforensic how important it is to identify aculprit or an accused to get the investigationstarted.Wireshark can be used to know how exactlythe attack has been implemented on asystem.
Wireshark in Network forensics : Application
To understand how Wireshark is used forforensic purposes we need to know how it isapplied to the network and what all information isaccessed through wireshark. Wireshark cancapture data through two modes, the first modeis the promiscuous mode via which the packetsare captured through the network which thedevice is assigned. Second mode is possiblethrough Linux operating systems which iswireless interface captures maximum datapossible.
The types of information that can be gatheredthrough Wireshark are :-
Live capture and offline analysis –Wireshark allows you to capture and recordthe inflow and outflow of data live i.e. – asthe exchange of data is going on betweennetworks and then allows you to analyze thatdata at any point of time in the future.Runs on multiple platforms – It can run onany OS platform like – Windows , Linux andMacOS .Read or write from different capture files –it can read and write files that were evencaptured by other software's like tcpdump ,cisco secure , pcp, etc. The data can berecorded from Ethernet, ATM, Bluetooth,USB, etc.Decryption – the encrypted data frominternet protocols like HTTP, FTP, etc can bedecrypted using Wireshark.
Wireshark can be used to identify whoinitiated the attack, as we know that inforensic how important it is to identify aculprit or an accused to get the investigationstarted.Wireshark can be used to know how exactlythe attack has been implemented on asystem.
Wireshark in Network forensics : Application
To understand how Wireshark is used forforensic purposes we need to know how it isapplied to the network and what all information isaccessed through wireshark. Wireshark cancapture data through two modes, the first modeis the promiscuous mode via which the packetsare captured through the network which thedevice is assigned. Second mode is possiblethrough Linux operating systems which iswireless interface captures maximum datapossible.
The types of information that can be gatheredthrough Wireshark are :-
Wireshark can be used to identify what allinformation or Data has been compromisedfrom a device or network.It is helpful in finding out if the attacker has leftanything in the system like a Trojan horse or abotware which can be used later tocompromise the system.It also tracks the amount of the data collectedand what all has been analyzed and should beanalyzed. In short, it determines whether thereis enough data to analyze the network.
Covert / Hidden network channels –sometimes the attacker may be able toestablish hidden networks through a systemand make it complex to be visible easilyhence known as hidden network. Thesetypes of network connections can be used tojeopardise a network and obtain valuableinformation from the network, or evendownload something malicious.Malicious Downloads – they are alsoknown as Drive by downloads and anattacker can sometimes illegally downloadsome files into the system. They can happenin two ways i.e – with or without theauthorisation of the admin. The authorisationmay be given without knowing theconsequences. The objective behind most ofthese drive by downloads is information theftin some way. They are the prominent way ofattack and there are preventive measuresagainst such codes at system level but anetwork analyst should know and identifysuch threats.ICMP attacks - The internet control messageprotocol (ICMP) its listed as a core protocolfor ip suite and command line operations arefrequently seen because of its importance innetwork utilities such as diagnostics andcontrol. Hackers can be seen using this in
List of attacks on the network – Identified viawireshark
1.
2.
3.
Wireshark can be used to identify what allinformation or Data has been compromisedfrom a device or network.It is helpful in finding out if the attacker has leftanything in the system like a Trojan horse or abotware which can be used later tocompromise the system.It also tracks the amount of the data collectedand what all has been analyzed and should beanalyzed. In short, it determines whether thereis enough data to analyze the network.
Covert / Hidden network channels –sometimes the attacker may be able toestablish hidden networks through a systemand make it complex to be visible easilyhence known as hidden network. Thesetypes of network connections can be used tojeopardise a network and obtain valuableinformation from the network, or evendownload something malicious.Malicious Downloads – they are alsoknown as Drive by downloads and anattacker can sometimes illegally downloadsome files into the system. They can happenin two ways i.e – with or without theauthorisation of the admin. The authorisationmay be given without knowing theconsequences. The objective behind most ofthese drive by downloads is information theftin some way. They are the prominent way ofattack and there are preventive measuresagainst such codes at system level but anetwork analyst should know and identifysuch threats.ICMP attacks - The internet control messageprotocol (ICMP) its listed as a core protocolfor ip suite and command line operations arefrequently seen because of its importance innetwork utilities such as diagnostics andcontrol. Hackers can be seen using this in
List of attacks on the network – Identified viawireshark
1.
2.
3.
IOT (internet of things ) network trafficanalysis Internet of Things refers to billions ofsmall devices like cameras, lights, Television,etc which are connected to each other overthe internet, and i said whenever a network orconnection is established there would bemutual exchange of Data and this data isexchanged in form of packets. Wiresharkhelps to collect these packets. Attackers mayuse it to obtain the personal information bothsensitive and non sensitive and run these datain machine learning systems to get somedata. IoT usually communicates with cloudservers more and encryption is based on TLSprotocol, etc. Attackers are found to be usingWireshark to collect data packets andidentifying individual devices in a network.They run tests to do so from their own device.Hence , A forensic Network analyst must beable to identify these tests and ARP spoofinggoing on through the network, if identified it iseasy to identify the attacker and pinpoint theirdevice. Intercepting security Wifi images throughWireshark – most of these cameras etcconnected to the internet may not followsecure protocol and maybe using HTTPprotocol which can be easily decrypted andimages could be captured. Even the ipaddress and location of the destination couldbe find where these image files are being sentto.
Recent advancements
1.
2.
Wireshark is free and a very powerful tool andespecially in network forensics it provides datasingle headedly and in home networks anddevices even though antivirus is installed they arebased on signatures that are found before ,attacks are becoming more personal andtherefore traffic analysis prove to be better inidentifying threats, but is of use to networktechnicians than normal people because networktechnicians find out easily if anything is not normalwith the network.
numerous ways and exploiting it even though it is one way message sending, its limitation is that it doesn’t require an authorization.
4. DDos (distributed denial of service) attacks– in these types of attacks the hacker denies theresources on one system or whole network.Attackers may be able to prevent you fromaccessing emails, documents, bank accounts.etcThey find various ways to execute this.BitTorrent driven DDos is an example.
5. Port scanning – Attackers use it to findsusceptible devices and it is known as portscanning because attackers scan different portsand find open doors through which they caneasily enter. Most of these scans cause halfopen TCP connections.
Introduction
The ongoing drug probeinvestigation by NCB ( NarcoticsControl Bureau ) is one of themost substantial issues whichhas shaken the entire nationfrom the scratch. Across theages, drugs is considered as anillegal substance which isprohibited to be consumed in ourcountry which further states it tobe a criminal offence.An individual can intake differenttypes of drugs andsimultaneously the determinationof drugs is the most importantaspect for the purpose ofpresenting solid evidence duringthe investigation purposes to thegovernment officials. As per themedical terms, blood and bonemarrow are the core specimenswhich are used for the purposeof testing and research work.The ultimate result following thewhole list of norms andprototypes finally drives themedical or forensic toxicologyexperts to the final conclusion.This discussion is supposed tobe in a bit detailed manner as a
lot of experts have concluded
this fact after several
investigations and results that
bones and bone marrow contains
a large amount of drug traces as
compared to the other parts or
other skeletal remains of the
body.
Let's get started!
Physiological Characteristic of
Bone Marrow
The study regarding the anatomy
of the bones and the bone
marrow is the basic step to
further focus on the drug testing
phenomenon. According to the
medical terms a bone marrow is
classified as a delicate tissue
which is found in the inner crates
of the bones and are responsible
for creating distinct types of
types of blood cells, i.e. , red
blood cells, white blood cells and
platelets for the process of
proper blood circulation in the
human bodies.
The red blood cell is accounted
for carrying oxygen from the
lungs to the other parts of the
body whereas the white blood
cells isolate foreign pathogens
entering into the body alongside
with platelets responsible for the
purpose of blood clotting. All
these cells are the core elements
available in the bone marrow.
Now we know that there are two
types of bone marrow which are
known as red bone marrow and
yellow bone marrow which are
expertise in performing in their
own set of important functions.
As said earlier the red blood cells
facilitate the flow of blood so red
bone marrow aids them along with
white blood cells and the
platelets. Moreover, on the other
end, the yellow bone marrow is
well-known for supporting the
wide range of blood vessels and
fat cells.
Ms. Damini Shaw
WWW.FORENSICYARD.COM
Physiological Characteristic ofBones
Bones are considered as one ofthe most strenuous forms ofvascularized tissue whichundergo under constant changedue to sudden and inappropriatechanging weather conditions butstill play a major role inhomeostasis phenomenon. Theporous system which constitutesthe bones are known ashydroxyapatite and areaccumulated with a largeamount of minerals herebyknown as mineral constituents.
How the location of the bonesand the bone marrow help out
for the determination ofdrug testing?
The contact of drugs with thebones and the bone marrows issolely based on the anatomicalarea of the bones correlatingwith the flow of blood within thebody. In most of the cases,drugs are effortlessly accessiblefrom the most essential bones ofthe body such as femur bones,ribs, vertebrae etc becausethese are strong specimenbones which remain in existencefor a longer period of time.
Method of Analysis
If the bone is collected in theform of liquid then in such casesit's diluted with water or bufferalong with the macerated
mixture which further allows the
examiners to extract the drugs
along with the remaining dilute
substances. It may be difficult to
extract the drug traces from
bone during certain cases as
bone is made up of a high amount
of fat. This can be solved by
treating the extracts of the dried
solvents along with the hexane or
ethanol in the ratio of 7:2 along
with little amount of water in the
solution. Proceeding towards the
end the hexane layer gets
removed and eventually drugs
can be extracted from the
remaining fraction of the ethanol.
Recent Advancements
As per the recent analysis ascompared to the old times nowdifferent types of drugs such asamphetamines, morphine andhuge volume of benzodiazepineshave been found to be detectedin the bones and the bonemarrow. Although still there aresome heroin metabolites such as6-acetyl morphine which are notdetected during the drugdetection cases. Well, thestudies also state that the drugs
remain within the bones and bone
marrow for a longer period of time
as compared to the parts of the
body.
Final Words
Well earlier during the
investigation cases bones and
bone marrow were not counted
as the major specimens for the
investigation purposes but now
due to the advancement in
educational research, these have
gathered a huge amount of
attention stating them to be the
most vital specimen for tracing
the drugs in the human bodies.
It's also contended that the
proper liberation of the drugs
either to the bones or the bone
marrow is an unwanted and
strident lethargic distribution
through the pathway of the blood
circulation in the body of the
living organisms. These drugs are
highly destructive and
considerably target the
individuals who are suffering from
bone-related diseases such as
osteoporosis, rheumatoid
arthritis at a fast rate which leads
to harmful consequences in
future.
WWW.FORENS ICYARD .COM
All the information and reference for the construction anddeployment of HMEs is widely available to the public bydifferent sources.Different methods of explosives attacks and their assemblyare described in detail in the Al-Qaida’s and Jihads trainingmanuals.Several book and research publishers publish books andarticles that shows how to build using improvised materialsand commercial products.Military field manuals have also been used as a source ofinformation and can be purchased at the doorstep throughonline.All information regarding the construction of HMBs are alsoeasily found on the internet and are readily available toanyone with an internet access.
Homemade Explosives Information Sources
Homemade Bombs
Homemade bombs(HMBs) are atype of unconventional explosivethat can be deployed anywherein a variety of ways and cancause death, injury and propertydamage. The bomb consists of avariety of components whichinclude an initiator, switch, maincharge, power source and acontainer. To increase theamount of casualties of theexplosion, the bomb makers willinclude additional materials suchas nails, glass, metal fragments.Other material may also containother elements such ashazardous materials. Thehomemade bomb can bedetonated by a variety ofmethods depending on theintended target and the place ofdeployment.
Explosives Used inHomemade Bombs
Commonly availablematerials are mainly used inHMBs such as fertilizers,gunpowder and hydrogenperoxide. The bomb shouldcontain a fuel and an oxidizer, which provides theoxygen needed to sustainthe reaction. ANFO, amixture of ammonium nitrate,which acts as the oxidizer,and the fuel oil is a commonexample for these types of
explosives. Many of thesubstances for making anexplosive are simple,requiring very little technicalknowledge or specializedequipment. Instructions onhow to make them areprovided online and inwritten resources.Sometimes the recipes forhomemade explosives areoften inaccurate anddangerous to follow andsome explosive materialsare created often highlyunstable.
Mr. VIMAL K. B.
WWW.FORENSICYARD.COM
Unusual packages or containers with electronic components,such as cellular phone, antenna, circuit board, wires andother items attached or exposed.Any devices that contain quantities of fireworks, blackpowder, fuses, match heads, incendiary materials,smokeless powder and other unusual materials areconsidered suspicious.Containers like pipes with wire circuits, pressure cookers etc.in public places should be considered as unusual devices.Materials attached to an item such as bolt, nails, pin, glass,marble pieces, and so on that could be used for shrapnel.Use of portable X-ray tools to examine suspiciousbaggage/packages to determine the presence of anyexplosive materials.DRDO and IIS recently developed a new bomb detectionapparatus called Raider-X. 20 homemade bomb explosivesfrom up to 20 meters away can be easily detected. Raider-Xdata library can be updated to accommodate the new detailsof different explosives in pure and in their contaminated form.
Identification of Homemade Bombs Explosives Used inHomemade Bombs
Commonly available materialsare mainly used in HMBs suchas fertilizers, gunpowder andhydrogen peroxide. The bombshould contain a fuel and an oxidizer, which provides theoxygen needed to sustain thereaction.
ANFO, a mixture of ammoniumnitrate, which acts as theoxidizer, and the fuel oil is acommon example for thesetypes of explosives. Many of thesubstances for making anexplosive are simple, requiringvery little technical knowledge orspecialized equipment.
Instructions on how to makethem are provided online and inwritten resources. Sometimesthe recipes for homemadeexplosives are often inaccurateand dangerous to follow andsome explosive materials arecreated often highly unstable.
Forensic analysis of homemade explosives materials is critical for determining the origin ofexplosive and precursors & formulation procedures. Extra care should be taken during collection, preservation & analysis of the pre/post explosivematerials. A database (with specified confidence levels) of mass, thermal, infrared spectral signature &isotopic composition & ratios of correlated pre- identified homemade explosives precursors.Gas chromatography is frequently used for the identification of organic explosive components inthe bomb. The technique has high sensitivity and selectivity towards organic constituents in theresidue. The detectors used are combined with GC are thermal energy analyzer (TEA),electron capture detection (ECD), mass spectrometry (MS) & tandem mass spectrometry(MS/MS).
Forensic Analysis of Homemade Bombs Explosives
High performance liquid chromatography(HPLC) is used for the detection of organiccompounds that are non-volatile in nature. Itis often used as the instrument for analysis ofexplosives as it is amenable for the analysiscompound that has low volatility, highsensitivity to heat and high molecular weight.Ultra- HPLC has recently been widely usedamong the researchers because of itseffectiveness for compound separation & it’ssensitivity.Capillary electrophoresis (CE) is used for theanalysis of inorganic compounds in theresidue. In CE, targeted analytes elute fromone end of the capillary under the influence ofelectric field and analytes are separatedaccording to their ionic mobility & this methodis successfully used to determine 3 cations(Ca2+, Fe2+,Fe3+) & 4 anions (Cl-, NO32-,SO42-, SCN-) simultaneously under 7minutes at pH 4.7. Post blast explosiveresidues of black powder and ammoniumnitrate-fuel oil (ANFO) can also besuccessfully analyzed through this technique.X-ray powder diffraction (XRD) and X-rayfluorescence are non- destructive techniques.It is used for the composition analysis ofcrystalline material in the explosive. Both ofthe techniques are different butcomplementary to each other whereby XRDused to analyze the phases or compounds init meanwhile XRF is utilized for the analysisof the elemental composition of crystallinematerial.
Boston Marathon bombing- Homemadebomb attacks happened in Boston duringthe annual Boston Marathon on April 15,2013. Two homemade pressure cookerbombs detonated 14 seconds and 210yards (190m) apart at 2:49 pm near thefinish line of the marathon run. This blastkilled 3 people and injured several hundredothers, including 17 who lost Limbs..
Examples of Terrorist Homemade BombsAttacks
Madrid Train Attacks- 10 explosionsrocked through 4 commuter trains duringrush hour on March 11, 2004, in Madrid,Spain. Goma 2 ECO explosives werestuffed in bags with metal fragments, cellphones with timers which are used to initiatethe explosive device. This attack wascarried out by violent Islamic extremists,killed 191 people and injured (1800+)
Oklahoma City Bombing- On the morningof April 19, 1995, a truck bomb exploded infront of the Federal Building in Oklahomacity. Ammonium nitrate and nitromethaneare used in the explosion which were putinto the back of the truck and left to explode.
Introduction
Digital Forensics is on the vergeof revolutionary changes whichmight change the way we look atthis industry. One of the crucialchanges is Automation. With therise of Artificial Intelligence andMachine learning, investigatorsare now able to flag contents inan investigation instantly.Investigators nowadays areusing different algorithms andautomation tools to evaluate themassive amount of data whichotherwise take much longer timeto process.
But the real question thatarises is whether the task ofDigital Forensics Investigatorcan be automated concerningthe importance of the job?
Artificial Intelligence algorithmshelps to identify and flag certainelements and data insideimages, videos by observingcommon traits in location, timeand then gives investigator anestimated data about time andlocation of the next crime.
These technologies have been
much helpful in maintaining the
workload in Forensics labs. The
cases are increasing rapidly from
the last decade.
Digital crimes have been
increasing with a faster rate
today and the shortage of the
workforce in labs in a matter of
concern. Thus these automated
tools heps in prioritizing each
case as mainitaing the
overwhelming caseload and
prioritizing each case if next to
impossible.
Despite of the case an
investigator is working on, there
are tasks that have to be
performed again and again.
Automation isn't necessary for
most tasks but clicking again and
again on "Next" button in a script
can be menial task for an
investigator who is working on
cases of counterterrorism etc.
Multiple automated tools can be
implemented on each case to suit
the needs of the investigator.
This allows the time being utilized
on much more important task
such as tracking the suspect's
device, gaining access to the
suspect's system and analyzing
the automated reports.
Once the automation task are
finished, its the responsibility
of the expert to analysis the
data. These tools might be
helpful in organizing data and
evaluating elements by
algorithms but the output data
is still an estimate and an
expert eyes are still required.
The requirement of an expert
will never go away and its
arguably even more important
now more than ever because at
the end, data is just data until
Forensic analysis is
implemented.
The key thing is that its not the
Forensic examination or testing
that should be automated but
menial task such as the
tedious button clicks.
Moreover this would help in
clearing the backlog cases
efficiently and thereby
improving speed and accuracy
of the case.
Mr. Mukul Sharma
WWW.FORENSICYARD.COM
VACANCY
FORENSICS CERTIFICATION WILL BE AN ADDED ADVANTAGE CHFI, GCFA, GCIH OR GCFE *
VACANCY Company : Adroit Valuation Services Pvt Ltd
Position : Forensic (Data) AnalystVacancy: 02
Application mode: Online www.adroitvaluation.com/career.php
Location: Noida & Mumbai, INDIALast Date of Online Application: 10-10-2020
Company : Ernst & YoungPosition : Consulting -Technology Risk(Senior)
Vacancy: UndefinedApplication mode: Online
Apply on eygbl.referrals.selectminds.comLocation: Thiruvananthapuram, Kerala, INDIA
Last Date of Online Application: 15-10-2020
Company : Css CorpPosition : Network security - TAC
Vacancy: UndefinedApplication mode: Online
www.csscorp.com/company/careersLocation: INDIA, PHILIPPINES
Last Date of Online Application: 15-10-2020
Organization : LNJN National Inst. of Criminology and Forensic Sci.
Post : Consultant (PG Diploma in Investigation ofCyber Crimes & Law and PG Diploma in
Victimology & Victim Assistance)Application mode: Online; Location: New Delhi
nicfs.gov.in/wp-content/uploads/2020/09/Last Date of Online Application: 09-10-2020
Company : SISA Information SecurityPosition : Associate Consultant – Forensic *
Vacancy: 01Application mode: Online sisainfosec.com/careers/
Location: Bangalore, KA, INDIALast Date of Online Application: 10-10-2020
Company : KennametalPosition : Cyber Forensics Analyst *
Vacancy: UndefinedApplication mode: Online
jobs.kennametal.com/job/Bangalore-Analyst-ITLocation: Bengaluru(Whitefield), INDIA
Last Date of Online Application: Undefined
Company : CapgeminiPosition : FORENSIC ANALYST *
Vacancy: UndefinedApplication mode: Online
www.capgemini.com/in-en/jobs/Location: Mumbai , INDIA
Last Date of Online Application: 20-10-2020
Organization : FTI Consulting, Inc.Post : Senior Consultant| Forensic Technology
Vacancy: UndefinedApplication mode: Online
fticonsult.referrals.selectminds.com/fticareersLocation: Mumbai, INDIA
Last Date of Online Application: Undefined
WWW.FORENS ICYARD .COM
**Following Clickable links
Can only be accessed via Adobe