Go to the content (press return)

Advanced forensics analysis

Total activity: 7
Type of activity
Competitive project
Funding entity
Funding entity code
138.545,00 €
Start date
End date
Digital Forensics (DF) encompasses the recovery and investigation of material found in digital devices. Generally, it is used to support or
refute a hypothesis before courts identifying direct evidence of a crime, confirming alibis or statements, identifying sources (for example, in
copyright cases), or authenticating documents. Besides that, DF techniques are also very widely used during internal corporate
investigations or intrusion investigation.
The ANFORA team has a large field experience in DF applied to solve court trials or inter-corporate disputes. Moreover, the team has
carried out all of its research, with quantitative and qualitative results, in the field of Information Security and, more precisely, in fields such
as privacy, anonymity, key management, cryptography, channel coding and fingerprinting. ANFORA is the ideal framework to extend this
previous experience into the DF specific cases.
We have identified 3 topics in which ANFORA will contribute to the innovation in DF:
1) The use of existing or modified fingerprinting and network coding techniques for NF. DF techniques are often used over storage
devices, such as hard disks and SD cards, but they are increasingly used over network traffic in what is called Network Forensics (NF).
The case of huge celebrity photo leaks from iCloud (Apple Cloud) in September 2014, still unsolved, makes evidence of the need of more powerful an efficient NF techniques. The ANFORA team believes that applying fingerprinting and
network coding techniques to network DF will probably result in developing better, more-efficient and less-indiscriminate procedures.
2) The creation of new techniques and tools aimed at simplifying the forensic-investigator work flow. The target is to enhance current DF
processes by improving or freshly implementing tools automatizing procedures, by innovating in the analysis of the DF data, e.g. with Big-
Data techniques, and by implementing our own network-DF proposals. The large experience of the team in real use cases defines an
unbeatable starting point for this goal.
3) The development of anti-forensic tools that allow preserving privacy of citizens, corporations and organizations. The application of NF
techniques could be a double-edged sword. We can find several examples of massive, indiscriminate gathering of user-connection data,
as well as massive infections with police-managed malware that literally spies on users. Aiming at finding a good balance between
traceability and privacy, the goal is to implement: anonymization techniques that allow tracking real identities only after committing a crime,
techniques to hide the traceability of resources, and mechanisms for providing plausible deniability.
The need of innovation in DF has caused the interest in this project by several companies (corroborated by the signature of a letter of
interest): Uría-Menendez, a lawyers office; Scytl, a company supporting electronic voting; and INCIDE, a digital forensics company.
anonimato, anonymity, codificación de red, digital evidence, evidencia digital, forense, forensics, network coding, privacidad, privacy, security, seguridad
Adm. Estat
Plan Estatal de Investigación Científica y Técnica y de Innovación 2013-2016
Resoluton year
Funcding program
Programa Estatal de I+D+i Orientada a los Retos de la Sociedad
Funding call
Retos de Investigación: Proyectos de I+D+i
Grant institution
Gobierno De España. Ministerio De Economía Y Competitividad, Mineco


Scientific and technological production

1 to 7 of 7 results