• Skip navigation
  • Skip to navigation
  • Skip to the bottom
Simulate organization breadcrumb open Simulate organization breadcrumb close
IT Security Infrastructures Lab
  • FAUTo the central FAU website
  1. Friedrich-Alexander-Universität
  2. Faculty of Engineering
  3. Department Computer Science
  • Campo
  • UnivIS
  • Jobs
  • Map
  • Help
  1. Friedrich-Alexander-Universität
  2. Faculty of Engineering
  3. Department Computer Science

IT Security Infrastructures Lab

Navigation Navigation close
  • Research
    • Forensic Computing Group
    • Human Factors in Security and Privacy Group
    • Multimedia Security
    • Security Education Development Group
    • System Security Group
    • Archive
    • Funded Projects
    • Publications
    Portal Research
  • Lab
    • Staff & Research Groups
    • Alumni
    • Partners
    Portal Lab
  • Teaching
    • Courses
    • Hinweise zu den Lehrveranstaltungen
    • Notes on Examinations
    • eTeaching
    • Theses
    • Writing a Thesis at Informatik 1
    Portal Teaching
  • How to reach us
  1. Home
  2. Research
  3. Archive
  4. Privacy Aspects of Forensic Computing

Privacy Aspects of Forensic Computing

In page navigation: Research
  • Forensic Computing Group
    • DiOS: Dynamic Privacy Analysis of iOS Applications
    • Fingerprinting Mobile Devices Using Personalized Configurations
    • Selective Deletion
  • Human Factors in Security and Privacy Group
    • Antivirus Usability
    • Browser Fingerprinting
    • IoT Security Update Labels
    • Phishing Susceptibility
    • Security Experts
    • ZigBee Security Research
  • Multimedia Security
    • Image & Video Forensics
    • Image Analysis & Enhancement
    • X-ray Phase Contrast
    • Blog
    • Code and Data
      • Copy-Move Forgery Detectors and Ground Truth Generator
      • Image Manipulation Dataset
    • Colloquium
  • Security Education Development Group
    • Open C3S Overview
    • Open-C3S-Projektergebnisse
    • Ulix – a Literate OS
  • System Security Group
    • AppAuth: On App-based Matrix Code Authentication in Online Banking
    • AppTAN (In)Security: (In)Security of App-based TAN Methods in Online Banking
    • AVX Crypto: AVX Instructions to Accelerate Crypto Primitives
    • Bispe: A Bytecode Interpreter for Secure Program Execution in Untrusted Main Memory
    • Centroid
    • CPU-bound Encryption (TRESOR, TreVisor, ARMORED)
    • FROST: Forensic Recovery Of Scrambled Telephones
    • How Android’s UI Security is Undermined by Accessibility
    • HyperCrypt: Hypervisor-based Encryption of Kernel and User Space
    • N26
    • Nomorp
    • One Key to Rule Them All: Recovering the Master Key from RAM to break Android’s File-Based Encryption
    • RamCrypt: Kernel-based Address Space Encryption for User-mode Processes
    • ReFuzz — Structure Aware Fuzzing of the Resilient File System (ReFS)
    • RISCoT – Security Analysis of Trusted Execution Environments on RISC-V
    • SED (In)Security: Hardware-based Full Disk Encryption (In)Security
    • SGX-Kernel: Isolating Operating System Components with Intel SGX
    • SGX-Timing: Cache Attacks on Intel SGX
    • SoK: The Evolution of Trusted UI on Mobile
    • Soteria: Offline Software Protection within Low-cost Embedded Devices
    • STARK / MARK: Tamperproof/Mutual Authentication to Resist Keylogging
    • TEEshift: Protecting Code Confidentiality by Selectively Shifting Functions into TEEs
    • VMAttack: Deobfuscating Virtualization-Based Packed Binaries
  • Archive
    • ContrOWL: A new security app based on crowed intelligence
    • Ext4 File Recovery
    • Forensic Email Visualization
    • Forensic RAID Recovery
    • Forensig²: File System Images for Training Courses in Forensic Computing
    • Mobile Hotspots
    • Mobile-Sandbox & ADEL: Automated Malware Analyses / Mobile Phone Forensics
    • Privacy Aspects of Forensic Computing
    • PyBox – A Python Sandbox
    • TrustedPals: Framework to Help Establish Security in a Mutually Untrusted Distributed System
    • VirMA: Windows NT pagefile.sys Virtual Memory Analysis
    • Win Vista/7/8/10 Thumbnails Analyzer
  • Funded Projects
  • Publications
    • Technische Berichte in Digitaler Forensik

Privacy Aspects of Forensic Computing

Privacy Aspects of Forensic Computing

Privacy is usually perceived as a limiting factor in forensic investigations, particularly with regard to digital traces. In many cases the investigation of such traces yields large amounts of data which could be analyzed automatically. The aim of this project is to examine one part of this area of conflict – the field of forensic data aquisition as part of a seizure.

The state-of-the-art method for aquiring data – especially from private individuals – is to create a physical copy of the storage medium (forensic 1:1 copy or image). This type of copy necessarily includes all private data irrespective of its relevance to the investigation. In consequence forensic investigations often intrude on the owners privacy which necessitates that the applied methods satisfy the principle of proportionality. To what extent and in which cases forensic investigations intrude on privacy is still an open question. This question will be studied in this project.

Points of interest are:

  • business environment vs. private environment

  • normal user vs. adept user

  • police officer vs. private investigator

  • investigation with or without judicial decision

  • content types of private data

  • investigations in social networks

  • Email analysis

  • cloud computing

  • live/network/dead analysis

Currently we conduct empirical studies based on questionnaires and interviews of forensic investigators in order to obtain details on the forensic methods applied in various cases. The final aim of our work is to identify legal problems in forensic practice as well as legal prerequisites and limitations for forensic investigations.

This project is being realized in cooperation with Seicpro – Marion Liegl.

Contact and additional information: Felix Freiling (FAU)


Datenschutzaspekte forensischer Informatik

Datenschutz wird oft als limitierender Faktor bei forensischen Untersuchungen wahrgenommen. Dies gilt insbesondere für den Bereich digitaler Spuren, die in großer Menge anfallen und häufig vollkommen automatisiert ausgewertet werden können. In diesem Projekt soll ein Aspekt dieses Spannungsfeldes untersucht werden: Der Bereich der forensischen Datensicherung.

Der Stand der Technik bei der Sicherung digitaler Spuren (insbesondere im privaten Umfeld) schreibt in der Regel eine physische Komplettsicherung (forensische 1:1-Kopie) vor. Dabei werden jedoch auch viele Daten mit gesichert, die nichts mit dem untersuchten Fall zu tun haben. Dies führt unter Umständen zu tiefen Eingriffen in die Privatsphäre der Besitzer dieser Daten und zu Fragen nach der rechtlich vorgeschriebenen Verhältnismäßigkeit forensischer Datensicherungen. Noch ist aber unklar, in welchem Maß und in welchen Kontexten die Privatsphäre von Betroffenen eingeschränkt wird. Dies soll im Rahmen dieses Forschungsprojekts untersucht werden.

Spannungsfelder:

  • betriebliches vs. privates Umfeld
  • normaler vs. technik-affiner Nutzer
  • privater vs. polizeilicher Ermittler
  • mit vs. ohne richterlichen Beschluss (Privatauftrag)
  • verschiedene Datenformate
  • Untersuchungen in sozialen Netzwerken
  • E-Mail-Sicherung
  • Cloud-Computing
  • Live- / Netzwerk- / Dead-Analysis

Aktuelles Ziel ist die Erhebung empirischer Daten auf Basis von Fragebögen und strukturierter Interviews von IT-Forensikern zur Erfassung forensischer Methoden in konkreten Situationen. Schlussendlich sollen dadurch rechtliche Probleme in der Praxis für IT-Forensiker identifiziert aber auch Möglichkeiten und Grenzen für die forensische Datensicherung aufgezeigt werden.

Das Projekt wird durchgeführt in Kooperation mit Seicpro – Marion Liegl.

Kontakt und weitere Informationen: Felix Freiling (FAU).

Lehrstuhl für Informatik 1
Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU)

Martensstrasse 3
91058 Erlangen
  • Impressum
  • Datenschutz
Up