The advancement of technology has brought about massive change in the lives of people. These developments have greatly affected how they transact and behave online. Many of the activities that were conducted face-to-face have transformed in the virtual world. More and more people have built comprehensive online profiles for them to shop, bank, and connect with friends to the point that they have created a Virtual Identity or Persona of themselves.

An individual’s Virtual Persona allows them to access their credit status, bank balances, engage in gaming, socializing, dating, blogging, etc. This makes your Virtual Identity of immense value to organizations and people. Your online behaviour indicates your buying patterns; your social and financial status attracts certain people who want to befriend you.

Virtual Persona has real value and certain entities may want access it and impersonate in the virtual world. Data derived from the virtual persona has become a source of profiteering legally and illegally. The widespread proliferation of illegal and unrestricted use of private information necessitates the need for effective online Identity Management to create a safe online environment for ecommerce and Internet usage as a whole (Smedinghoff, 2011).

People need to understand that in the virtual world, their online identities have immense value. Earlier, people stored their identity cards in their wallets. Now these are stored online – whether it is your social, legal or financial profile. This means, your Virtual Identity can potentially be stolen electronically. Even something as harmless as online gaming is subject to the same threats. Games such as “World of Warcraft” are termed Massively Multiplayer Online Role-Playing Game (MMORPG) as it engages a huge number of users. The “World of Warcraft” holds the Guinness World Records for the largest monthly subscribers of 11.6 million (Mitchell, 2009). The other most played MMORPG include Final Fantasy, The Elder Scrolls Online, Guild Wars 2, Blade & Soul, Black Desert Online, RuneScape, EVE Online and Star Wars (IG Critic, 2016). Various Augmented Reality games, Pokémon Go for example, also are gaining popularity. Such virtual communities are not immune to cyber attacks.

This paper explores the subject of Virtual Identity, the risk and opportunities of losing them to cyber theft. It reports on how organizations, legally and illegally, are analysing your Virtual Persona and what it could mean to losing accessing your Virtual Identity. The paper focuses on Virtual Reality (VR), Augmented Reality (AR), Analytical Tools and services available to analyse Virtual Identities.


Virtual Reality (VR) describes the world that exists in our minds when we are interacting online. It is the computer-generated artificial environment that users can interact with (Biocca & Levy, 1995). This artificial environment can be experienced via stimuli as sounds and sights afforded by a computer. Virtual Identities are created in VR and represent users in the video games, chat rooms, virtual common space or any other similar environments. These identities aimed at complementing various virtual spaces and platforms are simply referred to as “Avatars” (Morgan, 2009). An Avatar includes a representative video content or image, a profile, a name, or a “handle” that offers more information about an individual’s Virtual Identities.

People create virtue identities by creating virtual representatives of themselves (Rheingold, 1991). In online games, the individual’s Virtual Identity may be part of their identity but may differ from their own identity. In other spaces such as Basecamp, Virtual Identities may be less creatively oriented and represent the user’s actual physical identity, where the user uses their own image or name for an Avatar (Witmer & Singer, 1998).

These virtual platforms pose special risks to users, as they are hubs for Cybercriminals. This occurs because VR technology is built upon existing platforms (Lanier, 1992). As such, it offers little new attack opportunity. At the highest level, VR is largely a new input and display mechanism added to the traditional devices. The technology is powered with underlying computers (whether a mobile, personal computer or console device) that have not really changed much. However, VR facilitates positional and orientation tracking. Physical body movements are tracked. The comprehensive behaviour tracking can be quantified to understand preferences, divert the user’s attention and even sell things (Rubin, 2016). Perhaps, the risk posed by it is not any greater than any other device or software that the user may add to his or her computer.

Today, the use of VR in gaming provides users with a fantasy world that is disconnected from reality. This way, it offers the opportunity to the identity thieves to attack VR and monetize such attacks via social engineering.

Finally, tracking data on online shopping facilitated through VR may allow Cybercriminals to make dangerous attacks. Online shopping provides users with an entirely different VR experience. It allows users to browse items online and even try these items on the Avatar. Unfortunately, the program used can identify a person’s debit card or credit card and Cybercriminals can capture and sell this information.

A Cybercriminal can also use VR/ AR headsets tracker such as web-coding tricks to find valuable information of the user, monitor mouse clicks and movements and use this data in recreating the user actions in a similar way one could mimic the manual pin entry (Fox, Arena, & Bailenson, 2009).


Augmented Reality (AR) describes a series of technologies (i.e., Head-Mounted Displays (HMDs)) that makes it possible for the real-time mixing of content generated via computer with video display (Azuma R. T., 1997). It is used to integrate virtual information into the physical environment of a person making it possible for them to perceive it as existing in their environment (Janin, Mizell, & Caudell, 1993). Its functioning is based on the techniques that was developed in VR and interacts with the virtual world. AR technologies are defined by the following features: (1) interactive in real-time; (2) combining virtual and real; and (3) registered in 3D (Azuma, Baillot, Behringer, Feiner, Julier, & MacIntyre, 2001). This means that these technologies are registered in 3D and interact in real-time. This ensures accurate registration and tracking to ensure the user obtains a believable image. As such, the three key building blocks of AR systems are real-time rendering, display technology and tracking and registration (de Sa & Churchill, 2012).

New mobile wearable computing applications supporting AR functionality are increasingly become possible with the decrease in size and increase in the power of computers making it possible for users to access online services everywhere and always. This flexibility allows applications that enable users to exploit the surrounding context. This AR presents a powerful User Interface (UI) to context aware computing environments (Mekni & Lemieu, 2013). Currently, AR exists in consumer products including Microsoft’s HoloLens, Google Glass, Apple’s iPhone X, Samsung Pixie and games such as Pokémon Go.

AR devices may be prone to attacks and lead to identity theft. For instance, a Cybercriminal using Social Engineering and 3D models can alter and create fake videos and games. Computer scientists and animators have already succeeded in creating the techniques to take the voice recording of a person and make them say something they didn’t. They can give a person different lip movements and expressions by altering the person’s video. This can be achieved by way of tracking a history of movement of a person in VR. While these fake videos are yet to be perfected on, it demonstrates how accurate 3D models and VR tracking could change things. The individual’s unique identifiers could be their physical or verbal “ticks” or unique movements. If compromised, Cybercriminals can use these personal intricacies to digitally impersonate a user or to socially engineer one’s friends (Shatte, Holdsworth, & Lee, 2014).

AR technology was developed over forty years back. Pokémon Go just made AR mainstream. Cybercriminals see AR as an opportunity to execute their malicious intents, and have already seized the opportunity of the popularity of games and various other applications to execute their malicious intents (Zhou, Duh, & Billinghurst, 2008). They have succeeded in creating Windows ransomware, SMS spam, scareware apps, lockscreen apps and apps for purpose of executing their malicious intents. They use fake Windows-based Pokémon Go Bot to attack the users of Pokémon Go Bot. This Pokémon Go Bot application levels the account of the user with little effort by mimicking the role of a fake Pokémon trainer (Paz, 2016).

People are also exploiting Pokémon Go to spread malware to the AR game via bogus guides (Tynan, 2017). Augmented wearable technology pose a serious risk as images in the field of view of a person could be manipulated. These Cybercriminals essentially substitute real virtual objects with fake virtual objects. These AR Cybercriminals could also reinvent a new version of ransomware, which could be used for malicious purposes. By using this new breed of ransomware, these Cybercriminals could make a Doctor who is using Microsoft HoloLens to lose control of it or to pay ransoms. Cybercriminals can also use AR devices to collect personal health data and biometric data and use it for malicious intentions (Boyajian, 2017).


The online technology has generated huge amount of data from video streaming, social media activities, online game playing and browsing in the Internet. These data are accumulating day by day from various sources, through different methods of inputting via different technologies. These data accumulated are called as “Big Data” which is considered to be broad, fast and voluminous. It is either structured or unstructured, but still useful to derive data sets and subsets to sell and utilize by online and non-online companies for increasing market coverage and profits (Tiwarkhede & Kakde, 2015).

Companies engaging in analytic services record and then sell online profiles like user/ screen names, email addresses, web site addresses, interests, preferences, home addresses, professional history, and the number of friends or followers an online user has. There are also companies who gather and synthesize data on the tweets, posts, comments, likes, shares, and recommendations of the user in his social media accounts (Beckett, 2012).

Analytic service and online data industry is reported to be a $300 billion-a-year industry, employing around 3 million people in the United States alone (Morris & Lavandera, 2012). There are a lot of successful companies that provide analytical services and data brokering. These companies, supposedly, know more about you than Google. The list includes Acxiom, Corelogic, Datalogix, eBureau, ID Analytics, Intelius, PeekYou, Rapleaf, and Recorded Future (Mirani & Nisen, 2014). What they do is look into online personal profiles of the users, gathering information like names, friends, activities and interests of those personal profiles and selling them to end users for advertising, marketing and other legitimate economic activities. Basically, it collects information like contact detail, interests, preferences and demographics, then aggregating those information gathered based on a subset needed or applicable to its clients. Acxiom alone has recorded over a billion dollar in revenue for its analytical services involving 144 million US households (Morris & Lavandera, 2012).

Data brokers are intelligent in gathering data and know how to use it. They take advantage of the vast data available online in order to deliver relevant services to users, suggest products and services that the users might need or subliminally suggesting that they need it. These companies claim that all the information gathered and sold is legal, secure and suitable for the users. Data brokers cater to different customers that can range from small enterprises to large Fortune 500 companies (Morris & Lavandera, 2012).

Data brokers source their information from a variety of places. For example, Facebook, Google and other free apps are collecting your data and selling it to those who are willing to pay for it. And then there are Cybercriminals who steal this information and sell on the dark net.

It is scary to think what damage a cyber attack on data aggregators could do. In September 2017, Equifax reported a massive data breach. Initially reported as affective 143 million people, the estimate was revised to 145.5 million later. Cybercriminals accessed consumer’s highly sensitive personal and financial information including names, birthdates, addresses and credit card numbers (Hackett, 2017).


The cost of virtual persona of a user is priced depending on its legality, usage and the purpose of its application. Bank details, credit history and the availability of personal documents like driver’s license are seen as high value. Financial Times has presented a calculator to show what each bit of your personal information is worth (Steel, Locke, Cadman, & Freese, 2013). The more is revealed about your real and virtual behaviour, the more valuable your information is. And consider the fact that this information is constantly traded and resold to multiple buyers. It is not difficult to imagine that over the course of your lifetime (or afterlife) your persona may be worth 500 million Euros.

In almost all of the cases the owner of such personal information does not receive the income, or even a tiny share of it, from the revenues generated by the analytics service providers who sell this to willing buyers. The owner themselves are facing risk of breach in security when their information is leaked to undesirable elements who will use their identity to commit fraudulent and criminal activities, leaving them liable for credit fraud or for the unpaid loan that they did not apply for in the first place. The real owner of the personal data faces the burden of proving his/ her innocence.

AR and VR devices are highly complex and relatively new. They are vulnerable and attractive to Cybercriminals looking for the weakest link. Some argue that Cybersecurity’s weakest link are the organization’s own employees (Banham, 2017). Social engineering, as it is also known, is where Cybercriminals deceive their victims and gain their trust. Once the Cybercriminal gains entry, the best protective software turns useless. Therefore, organizations need to invest in on-going Cybersecurity awareness for their employees.

Does it make sense to blame people who are the value creators in organizations? Shouldn’t technical systems be built for normal people rather than techies building systems for techies?


1.Azuma, R. T. (1997). A Survey of Augmented Reality. Presence: Teleoperators and Virtual Environments , 6 (4), 355-385.

2.Azuma, R., Baillot, Y., Behringer, R., Feiner, S., Julier, S., & MacIntyre, B. (2001). Recent advances in augmented reality. Computer Graphics and Applications , 21 (6), 34–47.

3.Banham, R. (2017, March 20). The Weakest Link In Your Cyber Defenses? Your Own Employees. Retrieved 2017, from

4.Beckett, L. (2012, November 9). Yes, Companies Are Harvesting – and Selling – Your Facebook Profile. Retrieved 2017, from ProPublica:

5.Bimber, O., Raskar, R., & Inami, M. (2005). Spatial Augmented Reality. Wellesley: AK Peters.

6.Biocca, F., & Levy, M. (1995). Communication applications of Virtual Reality. Hillsdale, NJ: Erlbaum.

7.Boyajian, L. (2017, February 27). The 3 biggest challenges facing Augmented Reality. Retrieved 2017, from Network World: Sa, M., & Churchill, E. (2012). Mobile augmented reality: exploring design and prototyping techniques. 14th international conference on Human-computer interaction with mobile devices and services (pp. 221–23). ACM.

9.Eskelinen, M. (2001). Towards computer game studies. Digital Creativity , 175–183.

10.Fox, J., Arena, D., & Bailenson, J. N. (2009). Virtual Reality: A Survival Guide for the Social Scientist. Journal of Media Psychology , 95–113.

11.Hackett, R. (2017, October 2). Equifax Underestimated by 2.5 Million the Number of Potential Breach Victims. Retrieved 2017, from

12.IG Critic. (2016). Most Played MMORPG Games of 2016. Retrieved 2017, from

13.Janin, A. L., Mizell, D. W., & Caudell, T. P. (1993). Calibration of head-mounted displays for augmented reality applications. (pp. 246–255). IEEE.

14.Lanier, J. (1992). Virtual reality: The promise of the future. Interactive Learning International , 275–279.

15.Mekni, M., & Lemieu, A. (2013). Augmented Reality: Applications, Challenges and Future Trends. Applied Computational Science .

16.Mirani, L., & Nisen, M. (2014, May 27). The nine companies that know more about you than Google or Facebook. Retrieved 2017, from

17.Mitchell, B. (2009, June 5). E3 2009: Guinness World Records announces awards at E3. Retrieved 2017, from

18.Morgan, G. (2009, July 24). Challenges of Online Game Development: A Review. Simulation & Gaming. (Sage) Retrieved 2017, from Simulation & Gaming:

19.Morris, J., & Lavandera, E. (2012, August 12). Why big companies buy, sell your data. Retrieved 2017, from CNN:

20.Paz, R. D. (2016, August 24). Pokémon Go Accounts Targeted by Bogus Pokémon Go Bot. Retrieved 2017, from Fortinet:

21.Rheingold, H. (1991). Virtual reality. New York: Simon & Schuster.

22.Rubin, P. (2016). AR, VR, MR: Making Sense of Magic Leap and the Future of Reality. Retrieved 2017, from

23.Shatte, A., Holdsworth, J., & Lee, I. (2014). Mobile augmented reality based context-aware library management system. Expert Systems with Applications , 41 (5), 2174–2185.

24.Smedinghoff, T. J. (2011). Introduction to Online Identity Management. Colloquium on Electronic Commerce .

25.Steel, E., Locke, C., Cadman, E., & Freese, B. (2013, June 13). How much is your personal data worth? Retrieved 2017, from

26.Tiwarkhede, A. A., & Kakde, V. (2015). A Review Paper on Big Data Analytics. International Journal of Science and Research , 845-848.

27.Tynan, D. (2017, June 9). Augmented reality could be next hacker playground. Retrieved 2017, from

28.Witmer, B., & Singer, M. (1998). Measuring presence in virtual environments: A presence questionnaire. PRESENCE: Teleoperators and Virtual Environments. Presence , 7 (3), 225–240.

29.Zhou, F., Duh, B. I., & Billinghurst, M. (2008). Trends in augmented reality tracking, interaction and display: A review often years of ISMAR. 7th IEEE/ACM International Symposium on Mixed and Augmented Reality (pp. 193–202). IEEE Computer Society.





Technology is rapidly advancing. The technology that was there ten years ago is not the technology that is there today and it will not be there in ten years to come, as new technologies would have been adopted (Briggs & Thomas, 2015). Smartphone manufacturers have adopted various biometric security measures such as voice recognition, fingerprints, facial recognition and IRIS scanners to protect its users. In the not too distant future, biometric scanners and other new security measures would be commonplace. This article shows how such technological advancements can be creepy, as the safety of users’ information would no longer be guaranteed.


A smartphone can say so much about a person’s personality including the person’s likes and dislikes, the person’s location, which services are being used and how much time spent on various apps, even the mood can be predicted. The smartphone could in fact trigger services to send the individual targeted advertisements (Tene & Polonetsky, 2013).

A study conducted by the University of Lancaster indicated that the operating system of a smartphone, whether Android or OS can depict the personality of an individual. Apparently, people who used Android phones were found to be more honest and humble than those who used iPhones. Further research indicated that Android phone users were found to be kinder, more open and less extroverted that OS users. They concluded by stating that the smartphone is the most basic level of personalization, which can tell a lot about a user (Shaw, Ellis, Kendrick, Ziegler, & Wiseman, 2016).

The applications that the users download could also tell about their personality traits, where that person is downloading from and the services that the individual is using which allow advertising companies to send targeted ads to that individual. A future with Radio Frequency Identification (RFID) implants offer a wide range of challenges and opportunities with identifying pepole (Rotter, Daskala, & Compano, 2008). It has become more and more apparent that the smartphone is the mini digital version of a user and that is why many users do not like other people using their smartphones. This calls for the use of security measures such as biometric scanners to protect the users.


Over the years, smartphone manufacturers have managed to upgrade these devices with embedded biometric scanners (Mayer-Schönberger & Cukier, 2014). Smartphone manufacturers companies have started adding biometric scanners to protect the users. The biometric scanners are beneficial in that they can identify criminals, understand an individual’s online behavior, and predict the political or religious affiliations of that person (Hubbard, 2008). For instance, when a criminal tries to withdraw funds from a person’s online banking through a smartphone, biometric scanners may be able to detect that there is a change of fingerprints and use mechanisms to protect the user such as locking down of the smartphone to prevent withdrawal of the funds. A biometric scanner could proactively scans for viruses to protect the user of the smartphone (Gilbert, 2009).

However, this has proven to be more creepy than beneficial since the personal information of the users can be compromised if someone can hack the biometric scanner. The biometric scanner stores personal information such as the fingerprints of an individual, individual likes and dislikes, app preferences, physical location, etc. (Lieberoth & Hansen, 2011). The biometric scanner could predict a person’s political or religious affiliations. For example, if political elections registers voters using biometric registration, this information can be linked to the person (Greenberger & Padesky, 2015). It is, therefore, evident that future smartphone with more biometric scanners are creepier as they are in a position to store personal information, identify criminals, understand the online behavior of an individual, and depict his or her political or religious affiliations.


It is being suggested that smartphones will, in future, carry out blood tests, medical scans, and even offer diagnosis by linking with advanced medical profiles and databases. Biosensors would be linked to smartphones, monitor the patient’s vital signs and treatment (Topol, 2016).

Powerful alogorithms that run the in backend and link to your smartphone could help the government fight terrorism or online retailers predict buying patterns. For example, Amazon, through its Kindle application, knows which section of the book is most engaging and which one is not. This information can be used to target the user with other interesting sections or prompt the reader to buy another book. Big data and real-time constant surveillance through our smartphones mark the start of new digital revolutions that can change the way we think and interact in a new world. Big data could even predict our future behavior and possibly implicate us for something we did not even do (Mayer-Schönberger & Cukier, 2014).


While the benefits of smartphones and in-built security are much touted, one needs to consider the power they are increasingly being vested with as technology advances. With the emergence of new technologies, smartphone manufacturers can enhance more security measures for the users while at the same time store more personal information (Ferguson, 2015). The personal information that is likely to be kept by a biometric scanner includes an individual’s fingerprints, personality traits, likes and dislikes, political and religious affiliations, geo-location, preferred apps and so forth (Fadiman, 2012).


  1. Briggs, P., & Thomas, L. (2015). An inclusive, value sensitive design perspective on future identity technologies. ACM Transactions on Computer-Human Interaction (TOCHI) , 22 (5).
  2. Fadiman, A. (2012). The spirit catches you, and you fall: A Hmong child, her American doctors, and the collision of two cultures. Macmillan.
  3. Ferguson, A. G. (2015). Big Data and Predictive Reasonable Suspicion (Vol. 163). University of Pennsylvania Law Review.
  4. Gilbert, D. (2009). Stumbling on happiness. USA: Vintage Books.
  5. Greenberger, D., & Padesky, C. A. (2015). Mind over Mood: Change how you feel by changing the way you think. USA: Guilford Publications.
  6. Hubbard, T. E. (2008). Automatic license plate recognition: an exciting new law enforcement tool with potentially scary consequences. Syracuse Journal of Science & Techlogy Law , 18 (3).
  7. Lieberoth, A., & Hansen, F. A. (2011). Can autobiographical memories create better learning? The case of a scary game. Proceedings of ECGBL. The 5th European Conference on Games Based Learning, (pp. 350-357). Athens, Greece.
  8. Mayer-Schönberger, V., & Cukier, K. (2014). Big data: A revolution that will transform how we live, work, and think. Houghton Mifflin Harcourt.
  9. Rotter, P., Daskala, B., & Compano, R. (2008). RFID implants: Opportunities and challenges for identifying people. IEEE Technology and Society Magazine , 27 (2).
  10. Shaw, H., Ellis, D. A., Kendrick, L.-R., Ziegler, F., & Wiseman, R. (2016). Predicting Smartphone Operating System from Personality and Individual Differences. Cyberpsychology, Behavior, and Social Networking , 19 (12), 727-732.
  11. Tene, O., & Polonetsky, J. (2013). A theory of creepy: technology, privacy, and shifting social norms. Yale Journal of Law and Technology , 16 (1).
  12. Topol, E. (2016). The patient will see you now: the future of medicine is in your hands. Basic Books.





This paper looks at the techniques and tools used by Cyber Forensic Investigators in various scenarios that prove to be quite challenging. Cyber Forensic Investigators are tasked with presenting digital evidence to the courts. The courts would only accept evidence that is based on reliable principles and methods. One therefore needs to have a way to distinguish reliable techniques from unreliable ones. For example, certain groups consider evidence from astronomy reliable while evidence from astrology is not considered reliable even though they both use the same tools – star charts, planetary positions, telescopes, etc. Cyber Forensic techniques and tools need to be evaluated for reliability before presenting to the courts.


Live forensic is mostly applied when the item under investigation is rather too large to be represented practically by imaging (Karie & Venter, 2015). Also, there are situations where the system that is to be investigated is too big to be broken down for postmortem. There also occurs a situation where the computer that is to be investigated is very far away from the Cyber Forensic Investigator. This entire situation will have required the technique of live forensics to be applied. However, the whole case does not mean that one would have to download all these details from a remote location since this will require a more sophisticated network to perform this operation (Christopher, 2006). Additionally, there are cases where the aspect of capture cannot be used for the purpose of postmortem analysis for example memory contents, open ports and other operating aspects of a running computer. In this case, it is advisable that one should use court tested methods to avoid a situation where you will be required to prove the viability of the method in question. According to Peter (2005), the most used situation where the assistance of live forensics is required is in the cases of digital forensic incidence response where it is used if one has an understanding of what is in the memory, what is being communicated out by the computer and what processes and ports are running.

There has been the migration of organization’s data to storage in the cloud at a high rate by various corporations. Many decision makers of technology have invested their businesses in the cloud services. Based on the experience of the organizations, there are three main challenges that one ought to overcome to perform sound data collection in the cloud. Firstly, it is easy to get in, but hard to get back the organization’s data out once it has been drawn to the cloud. Secondly, data protection laws are different in various countries. Thirdly, Office 365, which is seeing a growing adoption among organizations, are inadequate for large-scale collection creating a great challenge for data collection (Barocchini & Maccherola, 2017).


Reliable methods of data recovery are critical for any Forensic Investigator as the situation of losing data is sometimes inevitable during criminal investigations (Rogers & Seigfried, 2014). For any Cyber Forensic Investigator, information is key and therefore it is highly recommended that measures are put in place to ensure that information can be recovered once lost. In case the information is lost, effective methods of data recovery should be put forward. For example, when one loses a file that he or she has no extra copy of; it would really be easy for them to recover the file if the file were recent and not overwritten. The methods to be deployed in the process of data recovery depend on whether one wants to get the data in in-depth or just a copy of the file. For the case of the whole file, it is possible to recover the file by bookmarking the file as you analyze them bit by bit as you go just like in document forensics (Karie & Venter, 2015). For the case of a copy of the file, computer forensics allows one to get the file from the Image as a stand-alone file.


Digital storage is designed in such a way that when one deletes a file, it stays saved in the digital memory to allow natural restoration of the file. But there is a situation, mainly as a result of disk fragmentation, which could result in this particular data being lost. Fragmentation results in the overwriting of this particular files and it would be possible to recover these files using the file table (Samy et al., 2017). The file table is what determines the way files are stored physically within that particular storage. If the data has been partially overwritten, it will be possible to recover the data by reconstruction of the file header. If the file header has been overwritten, file carving is used (Rogers & Seigfried, 2014).


Passwords are put in place to ensure data security, and there comes a time when the password itself becomes a threat to data security. For this reason, it is important that measures for password recovery should be in place. The process may be easy or hard depending on the type of password that is being recovered (Bennet, 2012). The easiest way to password recovery is the dictionary. This tool assumes that the passwords are a dictionary and through trial and error the appropriate password is found. After the dictionary attack, hash or password replacement is the next step of password recovery. This case does not apply to all situations given that other systems are complex. If the dictionary attack is not successful in password recovery, then another process called brute force can be used. This process is a widely known password recovery process but is time consuming. The time factor here is determined by the number of possible combination in order to receive the actual password that is required.


Forensic Image Analysis uses search indexing and file filtering techniques. Index search technique is used in where the data has been grouped into various categories using the index. Digital devices store data using the index for the purpose of aiding people to retrieve data. The file filtering tool, on the other hand, uses hashes to gain access to the necessary files (Karie & Venter, 2015).

The general idea about forensic image analysis lies in the various tools that are used for this challenge. The most used tool is the search tool which includes two types of search. Index search is the easiest form of search that involves the search of the database. When an application is processing the disk for image analysis, it creates then indexes table in the back-end database. Searching of the image will be done through the aid of this particular index. The second technique that is applied is the file filtering. The file filtering tool uses hashes to gain access to the necessary files. This method works by eliminating the undesirable item and select those that the forensic investigator prefers (Simon & Choo, 2014).


Steganalysis is the process of finding hidden data within digital objects. This is similar to cryptanalysis applied to cryptography. Information can be hidden in messages, images, or file within another message (Otair, 2015).

The idea of encryption has always been a major obstacle to most of the Cyber Forensic Investigators since they are very hard to break and also due to the fact that not all encryption is the same. The process of encryption is usually done by an application which most of the time leave trails of plaintext behind. These plain texts are hard to find, yet they provide all the necessary requirements to break encryption. The first step towards breaking encryption is to identify the type of application that has been used. Some applications are good in deleting all traces of plain text, but it would be still possible to break the encryption if the plaintext was saved elsewhere of even in another version. The next step is you identify the weakness of the application that has been used for encryption then you exploit the weakness then you can finally access the file if you know the file name (Quick & Choo, 2016).


Sniffing is the process of analyzing all the data that passes through a given network. Sniffers are available as open-source, commercial and more sophisticated ones (Dykstra & Sherman, 2013). For sniffers to work in a particular network, it must be configured in promiscuous mode allowing them to receive network traffic even if not addressed to this particular Network Interface Cards (NICs) (Gordon, 2016).


The challenge of big data is to try to isolate the useful data from the vast amounts of data available. In forensics, big data is randomly distributed as compared to simple data, which is stratified, and its analysis requires just simple methods of data mining. After separation of the data, cluster analysis is the step that follows. Cluster analysis involves using a given criteria to try to group the data in an orderly manner depending on the attributes of the data (Rogers & Seigfried, 2014).

The criteria that will be used in the grouping will be up to the efforts of the Cyber Forensic Investigator. Another method that is very vital here is detection, which looks at the data in a perspective which is different from that of the Cyber Forensic Investigator. The last approach is independencies which use some rule to try to find the various relationships of the data that interest the Cyber Forensic Investigator (Gordon, 2016).


Cyber Forensic Investigators need to identify and if possible, eliminate all imminent dangers posed by malware before analyzing digital evidence. The most common method used for this particular challenge is sandboxing. Sandboxing involves creating a virtual machine on the physical computer that can be operated in the computer as a separate entity (Rogers & Seigfried, 2014).

Which this approach, it will be possible for one to undertake high-risk activities using the virtual machine and deal will eliminate the malware that pose a threat to the work being done by the Cyber Forensic Investigator. According to Samy et al. (2017), the sandboxing tools also have the capability of encapsulating a computer in web-browsing thus providing security from drive-by malware.


A common tool for data visualization in Cyber Forensics is link analysis. This particular tool includes the use of graphs, pie charts, and crosstabs, among others to try to create a visual impression. This is a more practical approach in the field of forensic analysis where it is more interactive and literarily visual (Bennet, 2012).

Ruan et al. (2011) indicate that data visualization entirely depends on the visualization tools possess by Cyber Forensic Investigator meaning that there are many open-source and commercial visualization tools present in the market. The basic idea of data visualization is to aid people to understand the data by seeing the data. (Ruan, Carthy, Kechadi, & Crosbie, 2011).


A national workshop found that the most important challenges in Cyber Forensics were education, training and funding, the size of memory, data volume, and understanding of technology (Baggili & Breitinger, 2017). Cyber forensic investigators are very vital in various cases today given that there has been a rapid change in technology over the years. This knowledge is very crucial today especially in court cases where the use of this kind of technology has seen into it that there has been a change in the way various cases that proved hard to make a conclusion be easy.


  1. Baggili, I., & Breitinger, F. (2017, June 22). NSF National Workshop on Redefining Cyber Forensics. Retrieved 2017, from
  2. Barocchini, A., & Maccherola, S. (2017, May 31). 3 Challenges to Data Collection in the Cloud. Retrieved 2017, from
  3. Bennet, D. W. (2012). The Challenges Facing Computer Forensics Investigators in Obtaining Information from Mobile Devices for Use in Criminal Investigations. Information Security Journal: A Global Perspective , 21 (3), 159-168.
  4. Brown, C. L. (2006). Computer Evidence Collection & Preservation. Massachusetts: Charles River Media, Inc.
  5. Dykstra, J., & Sherman, A. T. (2013). Design and implementation of FROST: Digital forensic tools for the OpenStack cloud computing platform. Digital Investigation , 10, 87-95.
  6. Karie, N. M., & Venter, H. S. (2015). Taxonomy of challenges for digital forensics. Journal of forensic sciences , 60 (4), 885-893.
  7. Quick, D., & Choo, K. (2016). Big forensic data reduction: digital forensic images and electronic evidence. Cluster Computing , 19 (2), 723-740.
  8. Rogers, M. K., & Seigfried, K. (2014). The future of computer forensics: a needs analysis survey. Computers & Security , 23 (1), 12-16.
  9. Ruan, K., Carthy, J., Kechadi, T., & Crosbie, M. (2011). Cloud forensics. IFIP International Conference on Digital Forensics (pp. 35-46). Berlin: Springer.
  10. Samy, G. N., Shanmugam, B., Maarop, N., Magalingam, P., Perumal, S., & Albakri, S. H. (2017). Digital Forensic Challenges in the Cloud Computing Environment. International Conference of Reliable Information and Communication Technology , 669-676.
  11. Simon, M., & Choo, K. (2014). Digital forensics: challenges and future research directions. In I.-S. Kim, & J. Liu, Contemporary Trends in Asian Criminal Justice: Paving the Way for the Future (pp. 105-146). Seoul, South Korea: Korean Institute of Criminology.
  12. Stephenson, P. (n.d.). (ISC)² Guide to the CCFP CBK.

Translate »