Digital forensics –
apprehending cyber criminals
Hein Venter, Department of Computer Science
In an interconnected cyber world, cyber security is used to secure our emails, documents stored in
the cloud, social media interactions, internet banking transactions, online shopping, and much more. Unfortunately, cyber criminals seem always to be one step ahead of the cyber security professional.
Cyber security professionals attempt to secure systems from various angles in an attempt not
to leave a single aspect of a digital system vulnerable to cyber attack. Cyber criminals, on the other hand, only have to discover one single vulnerability in order to perpetrate
a successful attack. Therefore, cyber security inevitably fails at some point, and this is when digital forensic investigations need to be conducted.
Professor Hein Venter, Head of the Digital Forensic Science (DigiForS) research group in the Department of Computer Science, conducts research in this field. His main research
efforts are focussed on pioneering intelligent digital forensic investigation principles and techniques across all computing platforms. His research group’s focus include, among others, the standardisation of new and intelligent digital forensic investigation
Hein Venter (far right) and his students who graduated at the April 2019 graduation ceremony: Derek Masvosvere, Albert Antwi-Boasiako, Elsabe Ross, and Dirk Ras.
 techniques (specifically within the public cloud computing domain), digital forensic readiness (in the cloud, internet-of-things and smart cities), and enabling digital forensic policing in Africa.
The group’s work is highly relevant
in an increasingly digital and
digitised world. The sheer volumes
of big data increase by the minute
in these environments. The volatility of the cloud environment further exacerbates the degree of complexity of digital forensic investigations. What is more, it becomes impossible for digital forensic investigators to sift manually through the sheer volumes of data. In a paper published in
the Journal of Machine Learning and Cybernetics, co-authored by members of the research group and their collaborators, an intelligent new digital forensic investigation technique is reported on that was developed to
use a person’s mouse-behavioural statistics to determine whether the real computer user was responsible for suspicious actions on their computing device, or a cyber criminal.
Dr Albert Antwi-Boasiako, a recent PhD graduate supervised by Professor Venter, developed a model for establishing the admissibility and evidential weight of digital evidence
as part of his doctoral studies. The United Nations Office on Drugs and Crime has adopted the model as
part of its Education for Justice (E4J) Programme on Cybercrime.
Professor Venter’s leadership in the field of cyber security is underscored by his close involvement in the writing of international standards
for the International Organization for Standardization (ISO), notably the ISO 27043: Incident investigation principles and processes.
95