For your info, my thesis title is “
An Analytical Framework for Digital CCTV Forensic Data Recovery”. This research outcome could be used in Malaysia and/or in other countries.
Not only the governments but also the households are deploying CCTVs. Therefore, there is a need for a framework to process the CCTV DVR in a case investigation.
Below is the brief abstract.
"The
digital forensics process typically involves identification, preservation,
analysis and presentation of evidence. Expertise in data recovery is an
essential part of the digital forensics process.
Difficulties
arise with digital video recorder (DVR) of a closed-circuit television (CCTV) because
the manufacturers have generally developed customize and proprietary systems
making the data recovery attempts by digital forensics practitioners almost
impossible. It is pertinent to delve into data recovery technique of digital
CCTV systems for digital forensics discipline advancement.
Hypothetically,
this undertaking is achievable through forensic analysis of the video stream
attributes. The contribution of this research is to develop a specialized technique
and a proof-of-concept tool that is “forensically sound” to carve the video
file of digital CCTV systems based on selected timestamp. This sort of
reference is lacking and essentially required by the digital forensics
practitioners and law enforcement agencies for their best practice guidelines."
I’ve mentioned briefly on this research in my paper “Digital Forensics Institute in Malaysia: The way forward” to be published by Digital Evidence and Electronic Signature Law Review (in progress). I’m hoping to write more this year.
Beside the framework, I’ll also develop a tool to ease the analysis because the amount of data will be typically in the range 500GByte – 1TByte.
Some surveys will be conducted with my colleagues from the Royal Malaysia Police or perhaps my friends from the Australia’s police.
