Digital forensics: What you need to know
Matt Burns & Dave Ranner
Digital image forensics is a branch of digital forensics. Also known as forensic image analysis, the discipline focuses on image authenticity and image content. This helps law enforcement leverage relevant data for prosecution in a wide range of criminal cases, not limited to cybercrime.
Digital image forensics is performed on local machines and can be used in both open and closed source investigations. It’s a highly sophisticated field of investigation which requires several software applications and specialist training.
The scope of digital image forensics is so wide-reaching because digital imagery is data-rich, by comparison to film photography. Using a variety of techniques, digital image forensics investigators can mine everything from camera properties to individual pixels for information.
Bellingcat’s investigation considered granular evidence to reveal the image’s exact location. This included topographical evidence including grassland weeds as well as dimensional analysis of bell and altar towers.
UK police were alerted to Tetley’s crimes after explicit images were discovered on a victim’s phone.
A huge variety of digital evidence can be gleaned from a single image. These evidence forms can be split into two main groups which are used to complement one another:
Two common uses of digital image forensics techniques are:
A) When a suspect denies their presence in an image
B) When a suspect claims that an incriminating image has been faked
In these different examples, law enforcement use digital image forensics techniques flexibly to reach a conclusion:
If identities are somehow obscured, deconvolution can be applied to reverse image blurring. Geolocation, metadata and exif data can also help to either prove or disprove a defendant’s presence at a crime scene.
In the age of deep fakes, image authentication is crucial. Reviewing colour space and colour level anomalies would help to assess the digital photo’s authenticity. Landmarks could also be used to help prove or disprove the suspect’s whereabouts.
The pros of digital forensics far outweigh the cons. However, both are important to consider when setting expectations for criminal investigations.
Heaps of granular data. The more data available to law enforcement, the greater chance it has of digitally identifying a suspect’s criminal activity.
Flexible use cases. Digital image forensics techniques can be used in open and closed source investigations.
Validated approaches and algorithms. Scientific underpinnings of discipline mean that it’s highly accurate and reliable.
Though many digital image forensics tools are on the market, few of them are designed specifically for law enforcement. By contrast, CameraForensics’s ExifExtractor is developed alongside global agencies, helping users access the right information at the right time.
The ExifExtractor proactively alerts users in different locations when they’re viewing the same or similar images. This allows them to securely collaborate and deconflict investigative efforts.
If you’d like to explore our digital image forensics platform further, arrange a demo.