To See or Not to See: A Privacy Threat Model for Digital Forensics in Crime Investigation

• URL: http://arxiv.org/abs/2503.23533v1
• Date: Sun, 30 Mar 2025 17:34:35 GMT
• Title: To See or Not to See: A Privacy Threat Model for Digital Forensics in Crime Investigation
• Authors: Mario Raciti, Simone Di Mauro, Dimitri Van Landuyt, Giampaolo Bella,
• Abstract summary: This paper applies the SPADA methodology for threat modelling with the goal of incorporating privacy-oriented threat modelling in digital forensics.<n>We identify a total of 298 privacy threats that may affect digital forensics processes through crime investigations.<n>We then present a comprehensive and systematic privacy threat model for digital forensics in crime investigation.
• Score: 1.144110708925839
• License: http://creativecommons.org/licenses/by-nc-nd/4.0/
• Abstract: Digital forensics is a cornerstone of modern crime investigations, yet it raises significant privacy concerns due to the collection, processing, and storage of digital evidence. Despite that, privacy threats in digital forensics crime investigations often remain underexplored, thereby leading to potential gaps in forensic practices and regulatory compliance, which may then escalate into harming the freedoms of natural persons. With this clear motivation, the present paper applies the SPADA methodology for threat modelling with the goal of incorporating privacy-oriented threat modelling in digital forensics. As a result, we identify a total of 298 privacy threats that may affect digital forensics processes through crime investigations. Furthermore, we demonstrate an unexplored feature on how SPADA assists in handling domain-dependency during threat elicitation. This yields a second list of privacy threats that are universally applicable to any domain. We then present a comprehensive and systematic privacy threat model for digital forensics in crime investigation. Moreover, we discuss some of the challenges about validating privacy threats in this domain, particularly given the variability of legal frameworks across jurisdictions. We ultimately propose our privacy threat model as a tool for ensuring ethical and legally compliant investigative practices.

Related papers

• Fingerprinting and Tracing Shadows: The Development and Impact of Browser Fingerprinting on Digital Privacy [55.2480439325792]
  Browser fingerprinting is a growing technique for identifying and tracking users online without traditional methods like cookies. This paper gives an overview by examining the various fingerprinting techniques and analyzes the entropy and uniqueness of the collected data.
  arXiv  Detail & Related papers  (2024-11-18T20:32:31Z)
• Model Inversion Attacks: A Survey of Approaches and Countermeasures [59.986922963781]
  Recently, a new type of privacy attack, the model inversion attacks (MIAs), aims to extract sensitive features of private data for training. Despite the significance, there is a lack of systematic studies that provide a comprehensive overview and deeper insights into MIAs. This survey aims to summarize up-to-date MIA methods in both attacks and defenses.
  arXiv  Detail & Related papers  (2024-11-15T08:09:28Z)
• A Survey of Privacy-Preserving Model Explanations: Privacy Risks, Attacks, and Countermeasures [50.987594546912725]
  Despite a growing corpus of research in AI privacy and explainability, there is little attention on privacy-preserving model explanations. This article presents the first thorough survey about privacy attacks on model explanations and their countermeasures.
  arXiv  Detail & Related papers  (2024-03-31T12:44:48Z)
• Behind the (Digital Crime) Scenes: An MSC Model [0.0]
  The establishment of digital forensics as a foundational discipline for extracting digital evidence further exacerbates the complex nature of criminal investigations. We delineate the protocols that compose digital forensics within a criminal case, formalise them as message sequence charts (MSCs) and identify their functional requirements.
  arXiv  Detail & Related papers  (2024-03-24T15:29:08Z)
• A Unified View of Differentially Private Deep Generative Modeling [60.72161965018005]
  Data with privacy concerns comes with stringent regulations that frequently prohibited data access and data sharing. Overcoming these obstacles is key for technological progress in many real-world application scenarios that involve privacy sensitive data. Differentially private (DP) data publishing provides a compelling solution, where only a sanitized form of the data is publicly released.
  arXiv  Detail & Related papers  (2023-09-27T14:38:16Z)
• A Survey on Privacy in Graph Neural Networks: Attacks, Preservation, and Applications [76.88662943995641]
  Graph Neural Networks (GNNs) have gained significant attention owing to their ability to handle graph-structured data. To address this issue, researchers have started to develop privacy-preserving GNNs. Despite this progress, there is a lack of a comprehensive overview of the attacks and the techniques for preserving privacy in the graph domain.
  arXiv  Detail & Related papers  (2023-08-31T00:31:08Z)
• A data-driven analysis of UK cyber defence [0.0]
  This research presents an analysis of malicious internet scanning activity collected within the UK between 1st December 2020 and the 30th November 2021. The potential exists to better improve UK cyber defence by improving how citizens are supported in preventing, detecting and responding to cyber threats.
  arXiv  Detail & Related papers  (2023-03-13T17:34:32Z)
• Fighting Malicious Media Data: A Survey on Tampering Detection and Deepfake Detection [115.83992775004043]
  Recent advances in deep learning, particularly deep generative models, open the doors for producing perceptually convincing images and videos at a low cost. This paper provides a comprehensive review of the current media tampering detection approaches, and discusses the challenges and trends in this field for future research.
  arXiv  Detail & Related papers  (2022-12-12T02:54:08Z)
• Hiding Visual Information via Obfuscating Adversarial Perturbations [47.315523613407244]
  We propose an adversarial visual information hiding method to protect the visual privacy of data. Specifically, the method generates obfuscating adversarial perturbations to obscure the visual information of the data. Experimental results on the recognition and classification tasks demonstrate that the proposed method can effectively hide visual information.
  arXiv  Detail & Related papers  (2022-09-30T08:23:26Z)
• The case for Zero Trust Digital Forensics [8.096180040270454]
  Erroneously treating features of an investigation as trusted can be damaging to the overall reliability of an investigations findings. A new approach to digital forensics is considered based on the concept of Zero Trust. Zero Trust describes the practitioner mindset and principles upon which the reliance on trust in network components is eliminated.
  arXiv  Detail & Related papers  (2022-02-05T19:54:57Z)
• Profiling the Cybercriminal: A Systematic Review of Research [2.66512000865131]
  There is lack of a common definition of profiling for cyber-offenders. One of the primary types of cybercriminals that studies have focused on is hackers. This article produces an up-to-date characterisation of the field.
  arXiv  Detail & Related papers  (2021-05-06T19:56:55Z)
• Target Privacy Threat Modeling for COVID-19 Exposure Notification Systems [8.080564346335542]
  Digital contact tracing (DCT) technology has helped to slow the spread of infectious disease. To support both ethical technology deployment and user adoption, privacy must be at the forefront. With the loss of privacy being a critical threat, thorough threat modeling will help us to strategize and protect privacy as DCT technologies advance.
  arXiv  Detail & Related papers  (2020-09-25T02:09:51Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.