Digital Evidence and Computer Crime: A Forensic Analysis of the Silicon Frontier

Digital Evidence and Computer Crime: A
Forensic Analysis of the Silicon Frontier




          G.U of Computer Science and Software Engineering
                            P. Bellisan
             https//orcid.org/0009-0007-5798-1152
                 DOI:10.5281/zenodo.20008168

                                                             1/7/2023
Abstract
The digitization of socio-economic activity has necessitated the development of digital forensics as a rigorous
scientific discipline dedicated to the identification, acquisition, preservation, and analysis of electronically stored
information (ESI). This report examines the evolution of digital forensics from the inception of electronic
computing to the contemporary integration of artificial intelligence (AI) and blockchain-based chain of custody
(CoC) protocols. By synthesizing technical methodologies across heterogeneous operating systems with the legal
theories of "equilibrium-adjustment," this analysis provides a comprehensive overview of the current state and
future trajectories of forensic science. Key areas of focus include the algorithmic foundations of data integrity, the
implementation of explainable AI (XAI) in investigative triage, and the cryptographic transition toward post-
quantum resilience.
Keywords: Digital Forensics, Computer Crime, Cryptographic Hashing, Explainable AI, Post-Quantum
Cryptography, Chain of Custody, Equilibrium-Adjustment Theory Forensics, Digital Forensics Operating Systems,
Computer Security, Digital Forensics, Cybercrime, Computer Forensics, Investigation Tools Cybersecurity.

I. INTRODUCTION
Digital forensics constitutes a sophisticated multidisciplinary synthesis, positioned at the critical nexus of computational
theory and investigative jurisprudence. It provides a structured, scientifically rigorous framework for the identification,
preservation, and forensic examination of electronically stored information (ESI) and digital artifacts. As the global
technological landscape has experienced the pervasive proliferation of smartphones, ubiquitous internet connectivity,
and advanced personal computing architectures, these technologies have evolved into the primary conduits for or the
central targets of modern criminal enterprise. This evolution represents a fundamental paradigm shift in the nature of
evidence, transitioning from the tangible physicality of traditional forensics to a complex, data-driven environment.
Such a shift necessitates a comprehensive reconstruction of both technical protocols and the legal doctrines governing
evidentiary admissibility [1], [2].
The investigative pursuit of the "digital witness" requires the maintenance of absolute data integrity, anchored in the
mathematical sanctity of cryptographic validation. Central to this validation is the process of secure identification and
authentication. The foundational Fiat-Shamir paradigm, introduced by Fiat and Shamir (1987), established the protocols
for practical identification and signature solutions, which remain critical for verifying the identity of actors and the
provenance of data in digital transactions. In the contemporary era, as the threat of cryptographically relevant quantum
computers looms, the security of these signatures has been extended to withstand emerging vulnerabilities. Specifically,
research into the security of lattice-based Fiat-Shamir signatures has become paramount, particularly in addressing risks
associated with randomness leakage to ensure the long-term resilience of forensic artifacts against both classical and
quantum adversaries [1], [2].
Furthermore, the integration of distributed networks and the looming challenges of quantum computing have introduced
significant complexity to forensic workflows. To maintain the requisite balance between state investigative power and
individual privacy, a concept encapsulated by the "Equilibrium-Adjustment" theory, forensic practitioners must adhere
to international standardization frameworks, such as ISO/IEC 27037. These standards ensure that the collection and
acquisition of digital evidence remain reproducible and defensible within an increasingly interconnected and transparent
global information space. Through the lens of these academic advancements and cryptographic innovations, forensic
science continues to adapt its methodologies to preserve the integrity of the truth in the digital epoch [1], [3].

II. HISTORICAL EVOLUTION OF DIGITAL CRIMINOLOGY
The historical trajectory of digital criminology is inextricably linked to the seismic transition from mechanical to
electronic computation, a paradigm shift inaugurated by the invention of the transistor at Bell Laboratories in 1947. This
fundamental innovation paved the way for the Manchester Mark 1 in 1949, which utilized the first electronic stored-
program memory, thereby establishing the technical baseline for volatile data storage and the eventual forensic
challenges associated with ephemeral digital artifacts. For several decades, computational resources remained largely
sequestered within the high-latency, restricted environments of governmental and academic mainframes. However, the
subsequent development of silicon-based metal-oxide-semiconductor field-effect transistors (MOSFET) in 1960 and the
inaugural Intel 4004 microprocessor in 1971 decentralized these capacities. Simultaneously, the public demonstration of
ARPANet in 1972 provided the structural architecture for wide-area networking. These milestones collectively laid the
groundwork for network-based evidence, necessitating the early integration of forensic techniques into systematic
incident response frameworks [3], [4], [5].
The ensuing decades of the 1980s and 1990s catalyzed the democratization of computing through the proliferation of
the personal computer (PC) and the emergence of the World Wide Web at CERN in 1990. While facilitating
unprecedented global information exchange, these developments simultaneously expanded the "criminogenic surface
area," allowing for the transition of the computer from a supporting instrument into a primary target of illicit activity.

                                                                                                                        2/7
Jurisprudential responses initially lagged behind this rapid technological upheaval. Foundational statutes, such as the
Electronic Communications Privacy Act (ECPA) of 1986 and the Computer Fraud and Abuse Act (CFAA), sought to
delineate the legal boundaries of "unauthorized access" within a domain that transcended traditional geographic and
physical boundaries. As noted by Kitanohara, the CFAA has undergone significant evolutionary pressures, remaining a
cornerstone of the legal framework for cybercrime investigation while requiring continuous reinterpretation to address
the complexities of modern, "computer-focused" threats. This historical progression reflects a shift from traditional
crimes merely assisted by technology to "true cybercrimes" that are wholly mediated by the digital environment,
requiring a specialized synthesis of software engineering, cryptographic verification, and investigative jurisprudence
(Table I.) [4], [5], [6].
                                   Table I. Historical Evolution of Digital Criminology


Milestone           Technological Shift            Forensic Impact


1947-1971           Transistor to Microprocessor   Birth of electronic data storage and processing.


1972-1989           ARPANet to Early PC Era        Introduction of wide-area networking and decentralized artifacts.


1990-2000           World Wide Web (WWW)           Proliferation of global, internet-mediated cybercrime.


2000-2023           Mobile, Cloud, and AI          Distributed evidence, encrypted environments, and automated triage.




III. TECHNICAL FRAMEWORKS AND METHODOLOGIES
A. Algorithmic Integrity and the Chain of Custody
The reliability of digital evidence is fundamentally predicated upon the mathematical verification of data integrity,
achieved through the systematic application of cryptographic hash functions. These deterministic algorithms, such as
the Secure Hash Algorithm 256 (SHA-256), utilize the Merkle-Damgård construction to map arbitrary-length input sets
into fixed-size message digests, essentially generating a unique "digital fingerprint" for every forensic artifact. A critical
performance attribute of these functions is the avalanche effect a diffusion property where a marginal modification in
the input set (such as a single bit-flip) yields a stochastically unrelated and significantly different output. This sensitivity
ensures that any unauthorized modification or inadvertent corruption of the evidence is immediately detectable during
the verification phase [7], [8], [9], [10].
For an algorithm to remain forensically sound, it must maintain rigorous collision resistance, rendering it
computationally infeasible for an adversary to identify two distinct input strings that yield identical digests ,. The
historical obsolescence of cryptographic standards, marked by the successful demonstration of collisions in MD5 and
SHA-1, has catalyzed the adoption of more computationally robust primitives ,. Furthermore, the looming threat of
cryptographically relevant quantum computers (CRQC) necessitates a paradigm shift toward post-quantum
cryptography (PQC) and quantum-secure key agreements to guarantee the long-term resilience of evidentiary artifacts
against both classical and quantum-aided cryptanalysis [9], [10].
Beyond local file integrity, the procedural "Chain of Custody" (CoC) establishes a comprehensive transactional history
of the evidence, ensuring its authenticity and admissibility from the moment of acquisition to its presentation in a
judicial forum ,. Modern methodologies increasingly integrate decentralized blockchain-based architectures to provide
an immutable, append-only ledger of forensic interventions ,. The concurrent deployment of Zero-Knowledge Proofs
(ZKPs) within these distributed ledgers facilitates the verification of data provenance without the recursive disclosure of
sensitive metadata, thereby reconciling forensic transparency with the complex privacy-preserving requirements
inherent in the digital epoch ,. This synthesis of chaotic map-based algorithmic complexity and distributed ledger
technology fundamentally hardens the evidentiary management lifecycle against sophisticated adversarial tampering
[11], [12], [13], [14].


                                                                                                                            3/7
B. Heterogeneous Forensic Landscapes: Windows vs. Linux
Forensic acquisition techniques differ significantly across operating systems due to variations in file system
architectures and encryption protocols[14], [15].
1.) Windows Platforms: In environments dominated by the New Technology File System (NTFS) and File Allocation
Table (FAT) architectures, investigative efforts prioritize non-volatile artifacts such as Registry hives, Prefetch files, and
the Master File Table (MFT), the latter of which provides a comprehensive metadata ledger for all system-level
objects ,. Memory forensics in Windows specifically targets volatile data structures to resolve complexities associated
with memory address translation and to bypass full-disk encryption barriers. Recent technical assessments indicate that
modern iterations, such as Windows 11, exhibit enhanced resilience against artifact manipulation compared to previous
versions [15], [16], [17].
2.) Linux Platforms: Conversely, Linux-based distributions typically implement ext4 or XFS architectures,
necessitating a shift in investigative focus toward transient system logs, bash command histories, and secure shell (SSH)
credentials ,. Volatile data acquisition requires specialized utilities like the Linux Memory Extractor (LiME) to facilitate
full memory captures while isolating user-space interactions to maintain forensic soundness. However, these workflows
encounter significant technical hurdles regarding kernel-level module compilation and structure mapping across
heterogeneous distributions [17], [18], [19].
C. Automated Triage via Artificial Intelligence (AI)
The exponential proliferation of electronically stored information (ESI) and the increasing complexity of cyber-physical
systems have rendered traditional, manual forensic inspection methods largely unmanageable. In response, the field has
transitioned toward automated triage frameworks powered by advanced Artificial Intelligence (AI) and Machine
Learning (ML) architectures. These systems provide a scalable solution for pattern recognition and anomaly detection,
which are critical for processing multidimensional forensic datasets (Table II.) [20], [21].
1) Convolutional Neural Networks (CNNs): Convolutional Neural Networks are primarily deployed to capitalize on
their efficacy in identifying spatial patterns within non-sequential data. In forensic contexts, CNNs are utilized for
malware family classification and image tamper detection. By processing the spatial order within network packets or the
binary structures of malicious files, these models achieve high classification accuracies, frequently cited at
approximately 93.7%. Implementation typically utilizes GPU-accelerated infrastructure and frameworks like
TensorFlow, incorporating regularization techniques such as dropout layers and L2 weight decay to mitigate the risks of
overfitting and ensure the model generalizes to novel, zero-day threats [22].
2.) Long Short-Term Memory (LSTM): For the analysis of sequential event data, Long Short-Term Memory
networksa specialized iteration of Recurrent Neural Networks (RNNs) are essential. LSTMs are uniquely capable of
handling long-term dependencies within system logs and authentication sequences, allowing for the recognition of
temporal attack patterns that traditional models might overlook . These architectures have demonstrated exceptional
performance in the detection of unauthorized access and lateral movement, with empirical studies reporting detection
rates as high as 99.0% [23], [24].
3.) Explainable AI (XAI): The primary impediment to the judicial adoption of deep learning is the "black-box" nature
of these models, which often lack the transparency required for legal testimony. Explainable AI (XAI) frameworks
serve as the critical bridge between computational output and legal defensibility. SHAP (Shapley Additive
Explanations) is employed for global assessment, quantifying the influence of specific features such as IP anomalies or
packet rates across multiple interconnected cases. Conversely, LIME (Local Interpretable Model-agnostic Explanations)
provides localized, case-specific reasoning, allowing forensic practitioners to justify why an individual network event
was flagged as suspicious. The integration of these XAI techniques ensures that automated triage results are not only
accurate but also human-readable and court-defensible [25], [26].

                               Table II. Automated Triage via Artificial Intelligence (AI)
AI Technique               Forensic Application           Performance Metric (approx.)
CNN                        Malware/Image Analysis         93.7% Accuracy
LSTM                       Sequential Attack Patterns     99.0% Accuracy
SHAP/LIME                  Legal Explainability           Enhanced Courtroom Defensibility




                                                                                                                          4/7
IV. SOCIO-LEGAL IMPLICATIONS AND THEORY
A. The Equilibrium-Adjustment Theory
The expansion of the jurisprudential framework regarding digital artifacts is centered upon the "Equilibrium-
Adjustment" theory, a comprehensive model of constitutional adaptation proposed by Orin Kerr. This theory posits that
the judiciary reinterprets Fourth Amendment protections in response to technological fluctuations to maintain a
consistent balance between governmental investigative power and individual privacy. When emerging technologies,
such as advanced surveillance metadata or forensic decryption tools, disproportionately enhance the state's capacity to
monitor private activity, courts typically respond by tightening constitutional safeguards to restore the status quo ante,.
Conversely, when technological shifts such as ubiquitous end-to-end encryption impair the "Year Zero" efficacy of law
enforcement, protections may be moderated to preserve public safety,. This logic is explicitly demonstrated in Riley v.
California, where the Supreme Court recognized that the immense storage capacity of modern cellular devices
necessitated a warrant requirement, thereby deviating from traditional search-incident-to-arrest doctrines to prevent a
"digital trespass" into the individual's entire life history [27] .
B. The Third-Party Doctrine and "Big Data" Policing
A critical tension in modern forensics arises from the "Third-Party Doctrine," which establishes that individuals possess
no reasonable expectation of privacy for information voluntarily disclosed to external entities, such as Internet Service
Providers (ISPs) or financial institutions. In the "Big Data" era, where personal and professional activity is
predominantly mediated through cloud-based infrastructures, this doctrine potentially facilitates the warrantless
aggregation of sensitive data, leading to concerns regarding the erosion of constitutional rights. Machuca and Sankare
highlight that remote data auditing within these distributed environments introduces significant technical and legal
challenges, particularly concerning the preservation of the Chain of Custody (CoC) and the verification of data
possession without compromising privacy. Furthermore, as digital infrastructures migrate toward post-quantum
resilience, the authentication protocols within standards such as TLS 1.3 become paramount. Research by Sikeridis et
al. underscores that maintaining the integrity of these authentication signatures is essential for preventing unauthorized
data interception and ensuring that the "digital witness" remains authentic in the face of quantum-relevant adversarial
capabilities. Thus, the synthesis of cryptographic hardening and jurisprudential adjustment is necessary to reconcile
"Big Data" policing with the enduring principles of individual liberty [28], [29].
V. HUMAN AND PSYCHOLOGICAL IMPACTS
The psychological sequelae of cyber-victimization often exceed the immediate economic repercussions, manifesting in
clinical conditions that rival those observed in survivors of traditional trauma or terrorism. Empirical research indicates
that victims of identity theft and significant data breaches frequently experience a "shattering of basic assumptions"
regarding personal safety and social predictability, which constitutes a core trauma in the digital domain. Clinical
observations reveal that victims suffer from acute anxiety, depression, and Post-Traumatic Stress Disorder (PTSD), with
longitudinal studies showing that 86% of identity theft victims report persistent worry and anger, while 68% experience
profound powerlessness. Furthermore, the emotional distress is often accompanied by physical manifestations,
including insomnia, migraines, and suicidal ideation, which underscores the severity of the "digital witness" impact [30]
, [31], [32].
The impact of cyber-criminology is heterogeneously distributed, with heightened severity observed in vulnerable
demographics, specifically the geriatric population and individuals with intellectual disabilities. These populations are
often targeted due to perceived cognitive vulnerabilities, and the resulting victimization frequently leads to intensified
feelings of shame, social isolation, and a significant loss of self-esteem. From a theoretical perspective, Routine Activity
Theory (RAT) suggests that victimization risk is significantly amplified by Problematic Social Media Use (PSMU).
Systematic reviews indicate that active online engagement specifically connecting with unknown entities and
maintaining a high number of digital accounts increases proximity to motivated offenders, thereby facilitating the
"normalization of victimization" in an increasingly digitized society [31], [32].
Addressing these profound human impacts requires a multi-faceted therapeutic approach. While Cognitive Behavioral
Therapy (CBT) has traditionally been utilized to address criminal behaviors in offenders, its clinical application is
essential for facilitating victim recovery and rebuilding trust in digital infrastructures. Furthermore, emerging research
into Virtual Reality-Assisted Treatment (VRAPT) suggests that immersive forensic settings can be effectively leveraged
to manage aggression and mitigate the psychological fallout associated with high-stress digital incidents [31], [32].




                                                                                                                         5/7
VI. FUTURE PROJECTIONS: THE QUANTUM HORIZON
The prospective emergence of Cryptographically Relevant Quantum Computers (CRQC) represents a terminal threat to
contemporary asymmetric cryptographic paradigms, specifically RSA and Elliptic Curve Cryptography (ECC). Peter
Shor’s 1994 algorithm demonstrates the capacity to solve integer factorization and discrete logarithm problems in
polynomial time, facilitating retrospective "harvest now, decrypt later" (SNDL) attacks against archived forensic data.
Consequently, the National Institute of Standards and Technology (NIST) has prioritized the global transition to Post-
Quantum Cryptography (PQC) [30], [34].
Standardized lattice-based algorithms, such as ML-KEM (Kyber) and ML-DSA (Dilithium), rely on the mathematical
hardness of the Learning With Errors (LWE) problem [29]. Achieving quantum resilience in forensic infrastructure
requires the immediate integration of these primitives into hardware-level Root of Trust (RoT) mechanisms, including
secure boot sequences and remote attestation protocols [34].
The LWE problem is defined as:



where s is a secret vector, a is a random vector, and e is an error term from distribution x 1 Resilience against quantum
adversaries requires the immediate integration of these algorithms into secure boot and remote attestation protocols
[34].
VII. CONCLUSION
Digital forensics has evolved from a specialized technical auxiliary into a core multidisciplinary pillar of the modern
justice system, necessitated by the fundamental transmutation of evidence from physical artifacts to complex, data-
driven entities. As this investigation has demonstrated, the transition toward a post-quantum landscape—dominated by
autonomous artificial intelligence (AI) and distributed networks—requires a rigorous synthesis of technical precision
and judicial clarity. The systematic implementation of international standardization frameworks, specifically ISO/IEC
27037 for the identification and acquisition of digital evidence and ISO/IEC 27042 for analysis, remains critical for
ensuring investigative traceability and evidentiary robustness in adversarial proceedings. These standards facilitate a
reproducible and defensible process that is essential for maintaining judicial confidence in the "digital witness".
Furthermore, as manual forensic inspection becomes unmanageable due to the exponential growth of electronically
stored information (ESI), the adoption of AI-driven automated triage is no longer elective. However, to satisfy legal
admissibility standards and mitigate the "black-box" nature of deep learning architectures like CNNs and LSTMs, the
integration of Explainable AI (XAI) frameworks such as SHAP and LIME is paramount. These tools provide the
necessary transparency to justify forensic findings to legal practitioners and juries, bridging the gap between
computational complexity and human interpretability. Simultaneously, the deployment of decentralized evidence
management systems leveraging blockchain for immutable chain of custody (CoC) and Zero-Knowledge Proofs (ZKPs)
for privacy preservation offers a resilient solution to the vulnerabilities inherent in centralized "Big Data" policing.
Ultimately, the future of the field is inextricably linked to its ability to respond to the looming quantum threat. The
migration to post-quantum cryptographic (PQC) standards, such as lattice-based ML-KEM and ML-DSA, is an urgent
priority to secure forensic artifacts against retrospective decryption via Shor’s algorithm. Guided by the "Equilibrium-
Adjustment" theory, the judiciary and the scientific community must collaborate to ensure that these technological
advancements serve to restore the status quo of individual privacy rather than facilitating a permanent erosion of
constitutional rights. The preservation of digital integrity is thus a fundamental pillar for the maintenance of justice,
human rights, and psychological well-being in an increasingly digitized global society.
REFERENCES
[1] Liu Y, Zhou Y, Sun S, Wang T, Zhang R, Ming J (2021) On the security of lattice-based Fiat-Shamir signatures in the presence of
randomness leakage. IEEE Transactions on Information Forensics and Security 16:1868–1879.
https://doi.org/10.1109/TIFS.2020.3045904
[2] A. Fiat and A. Shamir, “How to prove yourself: Practical solutions to identification and signature problems,” in Proc. CRYPTO,
1987, pp. 186–194.
[3] Digital Forensics; Technical Report; Computer Security Resource Center: Gaithersburg, MD, USA, 2017.
[4] Kent, K.; Chevalier, S.; Grance, T. Guide to integrating forensic techniques into incident. In Guide to Integrating Forensic
Techniques into Incident Response 800-86; NIST: Gaithersburg, MD, USA, 2006. [Google Scholar]
[5] Rohatgi, S.; Shrivastava, S. Combating Cybercrimes with Digital Forensics. In Advancements in Cybercrime Investigation and
Digital Forensics; Apple Academic Press: Palm Bay, FL, USA, 2024; pp. 97–113. [Google Scholar]
[6] K. Kitanohara, “Legal framework of cybercrime investigation: the current meaning of the cfaa and comparison to the act on
prohibition of unauthorized computer access”, Harvard Program on U.S.-Japan Relations Occasional Paper Series, 2023. Online.
[Avaiable]: https://us-japan.wcfia.harvard.edu/sites/g/files/omnuum8416/files/us-japan/files/23-kk_kitanohara_kei.pdf
[7] Borges, F., Reis, P.R., Pereira, D.: A comparison of security and its performance for key agreements in post-quantum
cryptography. IEEE Access 8, 142413–142422 (2020) https://doi.org/10.1109/access.2020.3013250

                                                                                                                                6/7
[8] Muruganantham, B., Shamili, P., Kumar, S.G., Murugan, A.: Quantum cryptography for secured communication networks.
International Journal of Electrical and Computer Engineering (IJECE) 10(1), 407 (2020) https://doi.org/10.11591/ijece.v10i1.pp407-
414
[9] D. Upadhyay, N. Gaikwadi, M. Zaman, S. Sampalli, “ Investigating the Avalanche Effect of Various Cryptographically Secure
Hash Functions and Hash-Based Applications”,Faculty of Computer Science, Dalhousie University, Halifax, NS B3H 1W5, Canada,
2022. Online. [Avaiable]: https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9923931
[10] P. P. Pittalia, ‘‘A comparative study of hash algorithms in cryptography,’’ Int. J. Comput. Sci. Mobile Comput., vol. 8, no. 6, pp.
147–152, 2019. [Online]. Available: https://ijcsmc.com/docs/papers/June2019/V8I6201928.pdf
[11] Y. Wang, K.-W. Wong, C. Li, and L. Yang, ‘‘A novel method to design S-box based on chaotic map and genetic algorithm,’’
Phys. Lett. A, vol. 376, nos. 6–7, pp. 827–833, 2012, doi: 10.1016/j.physleta.2012.01.009
[12] A. Badiye, N. Kapoor, and R. G. Menezes, Chain of Custody. Treasure Island, FL, USA : StatPearls Publishing, 2025. Accessed:
Feb. 15, 2025. [Online]. Available: https://www.ncbi.nlm.nih.gov/books/NBK551677/
[13] B. P. Santos, L. A. Silva, C. Celes, J. B. Borges, B. S. P. Neto, M. A. M. Vieira, L. F. M. Vieira, O. N. Goussevskaia, and A.
Loureiro, “Internet das coisas: Da teoria à prática,” in Minicursos SBRC-Simpósio Brasileiro De Redes De Computadores E
Sistemas Distribuıdos, vol. 31. Bahia, Brazil, 2016. [Online]. Available:
https://homepages.dcc.ufmg.br/~mmvieira/cc/papers/internet-das-coisas.pdf
[14] A. Araujo, M. Monteiro, and L. A. Martins, Informática Forense, vol. 2, 1st ed., São Paulo, Brazil : Editora Leud, 2018.
[Online]. Available:https://books.google.com.tr/books?
hl=en&lr=&id=Yaa6EAAAQBAJ&oi=fnd&pg=PP1&ots=_re8h9RqGd&sig=fSDm32W--4jfnbxih1ABHRceq8I&redir_esc=y#v=on
epage&q&f=false
[15] H. Halpin and M. Piekarska, ‘‘Introduction to security and privacy on the blockchain,’’ in Proc. IEEE Eur. Symp. Secur. Privacy
Workshops (EuroS PW), Apr. 2017, pp. 1–3.
[16] A. R. Javed, W. Ahmed, M. Alazab, Z. Jalil, K. Kifayat and T. R. Gadekallu, "A Comprehensive Survey on Computer Forensics:
State-of-the-Art, Tools, Techniques, Challenges, and Future Directions," in IEEE Access, vol. 10, pp. 11065-11089, 2022, doi:
10.1109/ACCESS.2022.3142508.
[17] Ali-Gombe, A., Sudhakaran, S., Case, A. & Richard III, G.G. (2019) ‘DroidScraper: A tool for Android in-memory object
recovery and reconstruction’, in Proceedings of the 22nd International Symposium on Research in Attacks, Intrusions and Defenses
(RAID 2019), pp. 547–559.
[18] A. Ghosh, K. Majumder, and D. De, “Android forensics using sleuth kit autopsy,” in Proceedings of the Sixth International
Conference on Mathematics and Computing. Springer, 2021, pp. 297–308. [Online]. Available:
https://link.springer.com/chapter/10.1007/978-981-15-8061-1_24
[19] J. A. Redi, W. Taktak, and J.-L. Dugelay, “Digital image forensics: A booklet for beginners,” Multimedia Tools Appl., vol. 51,
no. 1, pp. 133–162, Jan. 2011. [Online]. Available: https://link.springer.com/article/10.1007/s11042-010-0620-1
[20] Arora, A., & Reddy, V. (2020). Deep learning for crime prediction: A survey. Journal of Ambient Intelligence and Humanized
Computing, 11(11), 5083-5101.
[21] Bag, S., Saha, S., & Roy, S. (2018). A novel deeplearning approach for improved crime prediction. In 2018 IEEE Calcutta
Conference (CALCON) (pp. 1-6).
[22] Wang, L., Gu, C., & Porikli, F. (2016). Deep learning for image tamper detection: A comprehensive review. Journal of Visual
Communication and Image Representation, 41, 276298.
[23] Zhai, Y., Cheng, J., Yang, Z., & Li, X. (2018). Crime prediction using LSTM. In 2018 IEEE International Conference on
Systems, Man, and Cybernetics (SMC) (pp. 3566-3570).
[24] Chen, Y., Lin, Z., Zhao, X., Wang, G., & Gu, Y.(2019). CRIMENET: A deep learning framework for crime prediction using
spatial-temporal representation. Neurocomputing, 324, 34-44.
[25] Jarrett A, Choo KKR. The impact of automation and artificial intelligence on digital forensics. Wiley Interdiscip Rev Forensic
Sci. 2021;3(6):e1418. Available from: http://dx.doi.org/10.1002/wfs2.1418
[26] Shamoo Y. The Role of Explainable AI (XAI) in Forensic Investigations. In: Digital Forensics in the Age of AI. IGI Global
Scientific Publishing; 2025;31–62. Available from: https://www.igi-global.com/chapter/the-role-of-explainable-ai-xai-in-forensic-
investigations/367310
[27] E.g., Peter Swire, The Golden Age of Surveillance, SLATE (July 15, 2015, 4:12 PM), http://perma.cc/957N-QFL4.
[28] Rodolfo Machuca, Fatoumata Sankare, “Remote Data Auditing and How it May Affect the Chain of Custody in a Cloud
Environment“, 26 Aug 2022, https://doi.org/10.48550/arXiv.2208.12759
[29] Sikeridis, D., Kampanakis, P., Devetsikiotis, M.: Post-quantum authentication in tls 1.3: A performance study. In: Proceedings of
the 2020 Network and Distributed System Security Symposium (2020). https://doi.org/10.14722/ndss.2020.24203
[30] Guynn, Jessica, Anxiety, depression and PTSD: The hidden epidemic of data breaches and cyber crimes, USA Today, (Feb. 21,
2020), https://www.usatoday.com/story/tech/conferences/2020/02/21/data-breach-tips-mental-health-tolldepression-anxiety/
4763823002/
[31] Karabatak, Orkun. (2023). Cognitive Behavioral Therapy (CBT) for Criminal Behaviors. 10.5772/intechopen.1002039.
[32] González Moraga, Fernando R. & Klein Tuente, Stéphanie & Perrin, Sean & Enebrink, Pia & Sygel, Kristina & Veling, Wim &
Wallinius, Märta. (2022). New Developments in Virtual Reality-Assisted Treatment of Aggression in Forensic Settings: The Case of
VRAPT. Frontiers in Virtual Reality. 2. 174. 10.3389/frvir.2021.675004.
[33] Herman, A.: Q-day is coming sooner than we think. https://www.forbes.com/sites/arthurherman/2021/06/07/q-day-is-coming-
sooner-than-we-think/?sh=75092b3d3f5d. Accessed: Sep. 11, 2023 (2021)
[34] Aikata Aikata, Ahmet Can Mert, Malik Imran, Samuel Pagliarini, and Sujoy Sinha Roy. 2022.KaLi: A crystal for post-quantum
security using Kyber and Dilithium.IEEE Transactions on Circuits and Systems I: Regular Papers 70, 2 (2022), 747–758.


                                                                                                                                     7/7