By: Laura Marissa Cullell
Marketing & Operations Officer
According to Auqib Hamid Lone, Digital evidence plays an important role in cyber crime investigation, as it is used to link persons with criminal activities. He believes it is of extreme importance to guarantee integrity, authenticity, and auditability of digital evidence as it moves along different levels of hierarchy in chain of custody during cyber crime investigation.
Blockchain technology’s capability of enabling a comprehensive view of transactions (events/actions) back to origination provides enormous promise for the forensic community.
Lone believes that the forensic implications of this powerful technology include:
- Improved transactional efficiency (owing to increased trust in the exchanging parties)
- The reduction of fraud (owing to the increased transparency of the audit trail)
- Reduced costs of certain kinds of transactions owing to the increased transparency and trust factors which mitigate against the need for third-party validation of certain claims, like valuation amounts or the specific ownership of an asset at a given point in time.
This article will look at 3 potential promising use cases of blockchain technology in digital forensics and discuss how law enforcement can collaborate to better track, monitor, and capture cyber criminals.
1. Blockchain and the Digital Forensics Chain of Custody
Forensic Chain is a blockchain based solution for maintaining and tracing digital forensics chain of custody. Blockchain is a data structure that allows to create a digital ledger for recording and storing transactions (events/records) shared by all participating parties over a distributed network of computers. Blockchain makes use of cryptography for protecting the process of recording and storing transactions (events/records) that happen within the network, creating unimpeachable audit trail.
Forensic-Chain is initiated or triggered by First Responder, taking hash of digital evidence and recording them securely on blockchain through smart contract. Other details like location, time, and date etc. of crime scene also gets recorded on blockchain.
According to Lone:
During the course of digital forensics investigation any evidence transfer gets automatically recorded on the blockchain through smart contract, recording details like address to whom evidence is transferred to, current state of evidence, permission level, date and time etc. Further any subsequent access to digital evidence also gets recorded securely on the blockchain by smart contracts triggered by corresponding forensic investigator.
2. Using Blockchain Hotel Registries to track criminals and missing persons
In the Indian province of Andara Pradesh, law enforcement worked together with Zebi, an Indian startup, to adopt a blockchain security solution in hotels across the province.
According to Zebi, the product merges blockchain and artificial intelligence (AI) to securely store data about hotel guests, and aims to both bring convenience to customers and to help prevent criminal activities.
The company’s Zebi AI Chain solution is being used by 200 hotels in the port city of Visakhapatnam, founder and CEO Babu Munagala is planning to launch it nationally. The same technology can also be implemented to secure land registry, employee, educational certification and other high-value records.
Laws requiring hotels to report guest information to police daily have resulted in privacy risks from manual processes and sharing of paper documents. By storing hotel guest data in blockchain, Zebi can provide guests with a Zebi ID, and the ability to consent to any data transaction. Hotels benefit from a much faster and less laborious process of compliance with the legal obligation, the company says.
The data collected is compared with the police database of criminals, missing persons and so on to ascertain whether the guest has any criminal background.
Digitization of hotel guest authentication and records has also been encouraged in other countries, such as by Japan’s Ministry of Economy, Trade, and Industry, and the Singapore Tourism Board.
3. Leveraging Altcoins to better understand Criminal Activity
In 2015, The Interpol Global Complex for Innovation (IGCI) is the agency’s first digital crime center and cybercrime research and development capabilities created a digital currency to combat crime.
The virtual currency can be used in a simulation-based training game.
Using an in-house created virtual currency allows Interpol to study scenarios of cryptocurrency use and misuse in a specifically designed simulation training game.
According to Johan Nylander, police worldwide are facing an increasing difficult operational landscape, as criminals take advantage of new technology, the ease of international travel and the anonymous nature of virtual business.
The biggest crux isn’t blockchain but rather the difficulty of detection of Bitcoin and other altcoins such as Monero. Given Bitcoin’s growing use in a wide variety of nefarious activities, it is incumbent on examiners to develop expertise in wallet and transactional analysis to support the ongoing needs of law enforcement.
Recently an academic paper discussed a potential way that investigators can relatively cheaply de-anonymise up to 60% of Bitcoin clients on the network. This method works by fingerprinting users based on the connections they have to other nodes on the Bitcoin p2p network, these connections are randomised and therefore should be different for each connected user. When a user connects to another node, their IP address is advertised to that node. If an attacker is connected to enough nodes, these announcements can be watched and fingerprinting can be done.
The academic paper explores the following: If a user is using a VPN, TOR, web-wallet or behind NAT and not receiving inbound connections, then the IP address gained by the investigator would not be that of the user. But even in these cases, the investigator would be able to collate separate and distinct transactions to the same user.
They conclude that:
The problem with using this method is that it is not targeted and the more successful you wish it to be (i.e. up to the maximum of 60%) then the more noisy and obvious to Bitcoin users it becomes. Understanding cryptocurrency and monitoring activity, fostering innovation and developing strategic partnerships is crucial to increasing the likelihood of proper detection and management of nefarious criminal activity using cryptocurrencies.
Complete transparency and establishing a true value, integrity, and ownership of an asset can be streamlined profoundly via the proper adoption of blockchain technology, says Johnny Lee. Given that blockchain is still in its infancy stage and suffers from scalability, and transaction processing delays, it still has immense potential which can benefit law enforcement agencies.
Do you know of other interesting use cases of Blockchain technology and Digital Forensics? Let us know in the comments below!
Laura Marissa Cullell is the Marketing & Operations Officer at BlockX Labs. She is a MA Graduate of the UN University of Peace in International Law and Human Rights. She loves puns, glitter, and reading an obscene amount of books.
You can reach her at: [email protected]