Comparison Study and Forensic Analysis between Experiment and Coupled Dynamics Simulation for Submerged Floating Tunnel Segment with Free Ends under Wave Excitations

This paper presents dynamic-behavior comparisons and related forensic analyses of a submerged floating tunnel(SFT)between numerical simulation and physical experiment under regular and irregular waves.The experiments are conducted in the 3Dwave tank with 1:33.3 scale,and the corresponding coupled time-domain simulation tool is devised for comparison.The entire SFT systemconsists of a long concrete tunnel and 12 tubular aluminummooring lines.Two numerical simulation models,the Cummins equation with 3D potential theory including second-order wave-body interaction effects and the much simpler Morison-equation-based formula with the lumped-massbased line model,are designed and compared.Forensic analyses for mooring-line adjustments in the simulation are carried out in view of the best representation of the physical system.After that,the measured pre-tension distribution and systemstiffness of twelvemooring lines arewell reproduced in the numericalmodel.Subsequently,the dynamic responses and mooring tensions of the SFT are compared under regular and irregular waves.The measured and simulated results coincide reasonably well for both regular-and irregular-wave conditions.

Windows 10’s Browser Forensic Analysis for Tracing P2P Networks’Anonymous Attacks

A web browser is the most basic tool for accessing the internet from any of the machines/equipment.Recently,data breaches have been reported frequently from users who are concerned about their personal information,as well as threats from criminal actors.Giving loss of data and information to an innocent user comes under the jurisdiction of cyber-attack.These kinds of cyber-attacks are far more dangerous when it comes to the many types of devices employed in an internet of things(IoT)environment.Continuous surveillance of IoT devices and forensic tools are required to overcome the issues pertaining to secure data and assets.Peer to peer(P2P)applications have been utilized for criminal operations on the web.Therefore,it is a challenge for a forensic investigator to perform forensic analysis of the evolving hardware and software platforms for IoT.For identity concealment and privacy protection,the Onion Router(Tor)and Chrome with the Invisible Internet Project(I2P)as the foundation browser are often used.Confirmation is required to determine whether Tor is truly anonymous and private as they claim.Some people,on the other hand,utilize the Tor browser for evil reasons.Tools and techniques are available for the collection of artifacts,identifying problem areas,further processing and analysis of data on the computer and IoT.Present research tried to explore a few tools for the tracing of I2P activities over computer on windows 10 that reflects IoT devices.According to the results of this research,it leaves an excessive amount of important digital evidence on the operating system that can be exploited to attack the information of users.This research is based on windows operating system and does not support other operating systems.

TIFAflow: Enhancing Traffic Archiving System with Flow Granularity for Forensic Analysis in Network Security

The archiving of Internet traffic is an essential function for retrospective network event analysis and forensic computer communication. The state-of-the-art approach for network monitoring and analysis involves storage and analysis of network flow statistic. However, this approach loses much valuable information within the Internet traffic. With the advancement of commodity hardware, in particular the volume of storage devices and the speed of interconnect technologies used in network adapter cards and multi-core processors, it is now possible to capture 10 Gbps and beyond real-time network traffic using a commodity computer, such as n2disk. Also with the advancement of distributed file system （such as Hadoop, ZFS, etc.） and open cloud computing platform （such as OpenStack, CloudStack, and Eucalyptus, etc.）, it is practical to store such large volume of traffic data and fully in-depth analyse the inside communication within an acceptable latency. In this paper, based on well- known TimeMachine, we present TIFAflow, the design and implementation of a novel system for archiving and querying network flows. Firstly, we enhance the traffic archiving system named TImemachine＋FAstbit （TIFA） with flow granularity, i.e., supply the system with flow table and flow module. Secondly, based on real network traces, we conduct performance comparison experiments of TIFAflow with other implementations such as common database solution, TimeMachine and TIFA system. Finally, based on comparison results, we demonstrate that TIFAflow has a higher performance improvement in storing and querying performance than TimeMachine and TIFA, both in time and space metrics.

MobSafe:Cloud Computing Based Forensic Analysis for Massive Mobile Applications Using Data Mining

With the explosive increase in mobile apps, more and more threats migrate from traditional PC client to mobile device. Compared with traditional Win＋Intel alliance in PC, Android＋ARM alliance dominates in Mobile Internet, the apps replace the PC client software as the major target of malicious usage. In this paper, to improve the security status of current mobile apps, we propose a methodology to evaluate mobile apps based on cloud computing platform and data mining. We also present a prototype system named MobSafe to identify the mobile app＇s virulence or benignancy. Compared with traditional method, such as permission pattern based method, MobSafe combines the dynamic and static analysis methods to comprehensively evaluate an Android app. In the implementation, we adopt Android Security Evaluation Framework （ASEF） and Static Android Analysis Framework （SAAF）, the two representative dynamic and static analysis methods, to evaluate the Android apps and estimate the total time needed to evaluate all the apps stored in one mobile app market. Based on the real trace from a commercial mobile app market called AppChina, we can collect the statistics of the number of active Android apps, the average number apps installed in one Android device, and the expanding ratio of mobile apps. As mobile app market serves as the main line of defence against mobile malwares, our evaluation results show that it is practical to use cloud computing platform and data mining to verify all stored apps routinely to filter out malware apps from mobile app markets. As the future work, MobSafe can extensively use machine learning to conduct automotive forensic analysis of mobile apps based on the generated multifaceted data in this stage.

CVIP-Net: A Convolutional Neural Network-Based Model for Forensic Radiology Image Classification

Automated and autonomous decisions of image classification systems have essential applicability in this modern age even.Image-based decisions are commonly taken through explicit or auto-feature engineering of images.In forensic radiology,auto decisions based on images significantly affect the automation of various tasks.This study aims to assist forensic radiology in its biological profile estimation when only bones are left.A benchmarked dataset Radiology Society of North America(RSNA)has been used for research and experiments.Additionally,a locally developed dataset has also been used for research and experiments to cross-validate the results.A Convolutional Neural Network(CNN)-based model named computer vision and image processing-net(CVIP-Net)has been proposed to learn and classify image features.Experiments have also been performed on state-of-the-art pertained models,which are alex_net,inceptionv_3,google_net,Residual Network(resnet)_50,and Visual Geometry Group(VGG)-19.Experiments proved that the proposed CNN model is more accurate than other models when panoramic dental x-ray images are used to identify age and gender.The specially designed CNN-based achieved results in terms of standard evaluation measures including accuracy(98.90%),specificity(97.99%),sensitivity(99.34%),and Area under the Curve(AUC)-value(0.99)on the locally developed dataset to detect age.The classification rates of the proposed model for gender estimation were 99.57%,97.67%,98.99%,and 0.98,achieved in terms of accuracy,specificity,sensitivity,and AUC-value,respectively,on the local dataset.The classification rates of the proposed model for age estimation were 96.80%,96.80%,97.03%,and 0.99 achieved in terms of accuracy,specificity,sensitivity,and AUC-value,respectively,on the RSNA dataset.

Forensic Significance of Touch Deoxyribonucleic Acid

Touch deoxyribonucleic acid(DNA)refers to the DNA that is left behind from skin cells when a person touches or comes into contact with an object.In crimes where the identification of suspects becomes a challenge,touch DNA has been a proven investigative tool.The present study aims to provide a systematic review of the role of touch DNAin criminal cases which discusses the nature and importance of touch DNA evidence at crime scenes;various phenomena including the transfer and persistence of touched samples;different factors affecting the touch sample deposition and DNA shedding;the best recovery methods and collection of samples from different substrates;and the interpretation of profiles through advanced techniques that identify the suspects.The present study also aims to optimize standard protocols in the laboratories for touched samples appropriate to the substrates that improve the success rate of profiles from touched items.

Critical review of the use and scientific basis of forensic gait analysis

This review summarizes the scientific basis of forensic gait analysis and evaluates its use in the Netherlands,United Kingdom and Denmark,following recent critique on the admission of gait evidence in Canada.A useful forensic feature is(1)measurable,(2)consistent within and(3)different between individuals.Reviewing the academic literature,this article found that(1)forensic gait features can be quantified or observed from surveillance video,but research into accuracy,validity and reliability of these methods is needed;(2)gait is variable within individuals under differing and constant circumstances,with speed having major influence;(3)the discriminative strength of gait features needs more research,although clearly variation exists between individuals.Nevertheless,forensic gait analysis has contributed to several criminal trials in Europe in the past 15 years.The admission of gait evidence differs between courts.The methods are mainly observer-based:multiple gait analysts(independently)assess gait features on video footage of a perpetrator and suspect.Using gait feature databases,likelihood ratios of the hypotheses that the observed individuals have the same or another identity can be calculated.Automated gait recognition algorithms calculate a difference measure between video clips,which is compared with a threshold value derived from a video gait recognition database to indicate likelihood.However,only partly automated algorithms have been used in practice.We argue that the scientific basis of forensic gait analysis is limited.However,gait feature databases enable its use in court for supportive evidence with relatively low evidential value.The recommendations made in this review are(1)to expand knowledge on inter-and intra-subject gait variabilities,discriminative strength and interdependency of gait features,method accuracies,gait feature databases and likelihood ratio estimations;(2)to compare automated and observer-based gait recognition methods;to design(3)an international standard method with known validity,reliability and proficiency tests for analysts;(4)an international standard gait feature data collection method resulting in database(s);(5)(inter)national guidelines for the admission of gait evidence in court;and(6)to decrease the risk for cognitive and contextual bias in forensic gait analysis.This is expected to improve admission of gait evidence in court and judgment of its evidential value.Several ongoing research projects focus on parts of these recommendations.

Near-Real-Time Analysis of Publicly Communicated Disaster Response Information

Analysis of a disaster event can identify strengths and weaknesses of the response implemented by the disaster management system;however, analysis does not typically occur until after the response phase is over.The result is that knowledge gained can only benefit future responses rather than the response under investigation. This article argues that there is an opportunity to conduct analysis while the response is operational due to the increasing availability of information within hours and days of a disaster event. Hence, this article introduces a methodology for analyzing publicly communicated disaster response information in near-real-time. A classification scheme for the disaster information needs of the public has been developed to facilitate analysis and has led to the establishment of best observed practice standards for content and timeliness. By comparing the information shared with the public within days of a disaster to these standards,information gaps are revealed that can be investigated further. The result is identification of potential deficiencies in communicating critical disaster response information to the public at a time when they can still be corrected.

An inter-laboratory study of DNA-based identity,parentage and species testing in animal forensic genetics

The probative value of animal forensic genetic evidence relies on laboratory accuracy and reliability.Inter-laboratory comparisons allow laboratories to evaluate their performance on specific tests and analyses and to continue to monitor their output.The International Society for Animal Genetics(ISAG)administered animal forensic comparison tests(AFCTs)in 2016 and 2018 to assess the limitations and capabilities of laboratories offering forensic identification,parentage and species determination services.The AFCTs revealed that analyses of low DNA template concentrations(≤300 pg/μL)constitute a significant challenge that has prevented many laboratories from reporting correct identification and parentage results.Moreover,a lack of familiarity with species testing protocols,interpretation guidelines and representative databases prevented over a quarter of the participating laboratories from submitting correct species determination results.Several laboratories showed improvement in their genotyping accuracy over time.However,the use of forensically validated standards,such as a standard forensic short tandem repeat(STR)kit,preferably with an allelic ladder,and stricter guidelines for STR typing,may have prevented some common issues from occurring,such as genotyping inaccuracies,missing data,elevated stutter products and loading errors.The AFCTs underscore the importance of conducting routine forensic comparison tests to allow laboratories to compare results from each other.Laboratories should keep improving their scientific and technical capabilities and continuously evaluate their personnel’s proficiency in critical techniques such as low copy number(LCN)analysis and species testing.Although this is the first time that the ISAG has conducted comparison tests for forensic testing,findings from these AFCTs may serve as the foundation for continuous improvements of the overall quality of animal forensic genetic testing.

Rapid Screening of Nine Illicit Drugs in Human Blood and Urine by Direct Analysis in Real‑Time Mass Spectrometry

We aimed to establish for the rapid detection of morphine,O6‑monoacetylmorphine,heroin,codeine,cocaine,methamphetamine,ketamine,methadone,and dolantin in human blood and urine by direct analysis in real‑time coupled with tandem mass spectrometry(DART‑MS/MS).These samples were extracted by acetonitrile‑methanol(V/V=4:1),using DART 12 Dip‑it automatic sampling system.They were injected at 400℃,and analyzed by positive ion and multiple reaction monitoring mode.The detection limits of morphine,O6‑Monoacetylmorphine,heroin,codeine,cocaine,methamphetamine,ketamine,methadone,and dolantin were 100,50,50,100,20,20,10,1,and 0.01 ng/mL,respectively.The practical cases contained methamphetamine,codeine,cocaine,and O6‑monoacetylmorphine were detected accurately and rapidly.The method has the advantages of high sensitivity and good accuracy.The sample processing is simple and can be analyzed in a short time.This method is suitable for the analysis of morphine,O6‑monoacetylmorphine,heroin,codeine,cocaine,methamphetamine,ketamine,methadone,and dolantin in some practical cases.

Evaluation of the AGCU Expressmarker 16 and 22 PCR Amplification Kits Using Biological Samples Applied to FTA Micro Cards in Reduced Volume Direct PCR Amplification Reactions

This study evaluated the performance of the Wuxi AGCU ScienTech Incorporation(HuiShan,Wuxi,China)AGCU Expressmarker 16(EX 16)and 22(EX22)short tandem repeat(STR)amplification kits in reduced reaction volumes using direct polymerase chain reaction(PCR)amplification workflows.The commercially available PowerPlex21(PP21)System(Promega,Wisconsin,USA),which follows similar direct workflows,was used as a reference.Anticoagulate blood applied to chemically impregnated FTATM Micro Cards(GE Healthcare UK Limited,Amersham Place,Little Chalfont,Buckinghamshire,HP79NA,UK)was used to represent a complex biological sample.Allelic concordance,first‑pass success rate,average peak heights,heterozygous peak height ratios(HPHRs),and intracolor and intercolor peak height balance were determined.In reduced volume PCR reactions,the performances of both the EX16 and EX22 STR amplification kits were comparable to that of the PP21 System.The level of performance was maintained at PCR reaction volumes,which are 40%of that recommended.The EX22 and PP21 System kits possess comparable overlapping genome coverage.This study evaluated the performance of the AGCU EX16 and EX22 STR amplification kits in reduced PCR reaction volumes using direct workflows in combination with whole blood applied to FTATM Micro Cards.Allelic concordance,first‑pass success rate,average peak heights,HPHRs,and intracolor and intercolor peak height balance were determined.A concordance analysis was completed that compared the performance of the EX16 and EX22 kits using human blood applied to FTA Micro Cards in combination with full,half,and reduced PCR reaction volumes.The PP21 System(Promega)was used as a reference kit.Where appropriate,the distributions of data were assessed using the Shapiro‑Wilk test.For normally‑distributed data,statistics were calculated using analysis of variance(ANOVA)and for nonparametric data the Wilcoxon/Kruskal‑Wallis test was used.Statistical significance was set at P<0.05.Confidence intervals for mean values were set at 95%.On using reduced volume PCR reactions in combination with dried blood spots applied to FTA sample collection cards,both the EX16 and EX22 kits were shown to generate STR profiles of sufficient quality to allow entry into National DNA databases.The performance of both EX16 and EX22 was comparable to that of the PP21 System.This study demonstrates the successful use of the Wuxi AGCU ScienTech Incorporation EX16 and EX22 kits in reduced PCR reaction volumes with complex biological samples applied to chemically impregnated FTA sample collection cards.

Comparison of the Concentrations of Lidocaine in Different Body Fluids/Tissues after Subarachnoid Space and Intravenous Administration of a Lethal Dose of Lidocaine

The objective of the study was to compare the concentration of lidocaine in different body fluids/tissues after subarachnoid space and intravenous administrations of a lethal dose of lidocaine.Totally 18 dogs were used in the experiment.Six dogs were given subarachnoid anesthesia,another were given an intravenous injection of a dose of 75 mg/kg weight of lidocaine hydrochloride in 5 min and the last 6 dogs were used as the blank control dogs and given a subarachnoid space injection or a femoral artery injection of the same volume of sodium chloride.As soon as its vital signs disappeared,each dog was dissected and the specimen,such as brain,cerebrospinal fluid(CSF)in lateral ventricle,CSF in subarachnoid space,spinal cord(cervical spinal cord,thoracic spinal cord,lumbar spinal cord,and waist spinal cord),heart,lung,liver,spleen,kidney,bile,urine,heart blood,peripheral blood,muscle in injection location,and muscle in no injection location,were collected for analysis of lidocaine immediately.Analysis was performed with gas chromatography‑mass spectrometry(GC‑MS).From the maximum to the minimum,the order of lidocaine concentration detected in the subarachnoid space‑administered dogs was as follows:CSF in subarachnoid space,waist spinal cord,thoracic spinal cord,CSF in lateral ventricle,lumbar spinal cord,cervical spinal cord,lung,kidney,muscle in injection location,heart,brain,spleen,heart blood,liver,peripheral blood,bile,muscle in no injection location,and urine.The order of lidocaine concentration detected in the intravenously administered dogs was as followed:Kidney,heart,lung,spleen,brain,liver,peripheral blood,bile,heart blood,cervical spinal cord,thoracic spinal cord,muscle in injection location,lumbar spinal cord,muscle in no injection location,CSF in subarachnoid space,urine,and CSF in lateral ventricle.The maximum concentration of lidocaine was detected in the subarachnoid space CSF of subarachnoid space‑administered dead dogs,while in intravenously injected dead dogs,the maximum concentration of lidocaine was detected in the kidney.Our study provides some useful data for the forensic identification of epidural anesthesia accidents to decide the way the lidocaine enters the body.

Determination of Periplocymarin in Human Blood and Urine by High-Performance Liquid Chromatography-Mass Spectrometry

A simple,rapid and sensitive liquid chromatography with tandem mass spectrometry method for the determination of periplocymarin in human blood and urine was developed.The digoxin‑d3 was used as an internal standard.Periplocymarin and digoxin‑d3(IS)were processed with ethyl acetate by liquid–liquid extraction.The chromatographic separation was performed on a Shim‑pack XR‑ODSIII C18 column with a 7 min gradient elution using methanol‑ammonium formate(5 mmol/L)as mobile phase at a flow rate of 0.3 mL/min(65:35,v/v).The detection was performed on a triple quadrupole tandem mass spectrometer using positive‑ion mode electrospray ionization in selected reaction monitoring mode.The periplocymarin was well separated from the internal standard.Two calibration curves were linear within the concentration range 0.01–1µg/mL.The limit of detection and quantification of blood and urine samples were both estimated at 0.005 and 0.01µg/mL.The interday and intraday precisions,accuracy,and recovery were assessed to verify this method.The results showed that the method was suitable for the determination of periplocymarin in forensic toxicological analysis and clinical diagnosis.

Determination of Chlorpyrifos in Human Blood by Gas Chromatography-Mass Spectrometry

Gas chromatography-mass spectrometry method was developed for the qualitative and quantitative analyses of chlorpyrifos in human blood samples.The chlorpyrifos and parathion(internal standard)in human blood were extracted with a mixed solvent of hexane and acetonitrile.Chlorpyrifos was well separated from the internal standard.The linear range of chlorpyrifos was 0.01-2 μg/ml in blood.The limit of detection and limit of quantification were estimated at 0.002 and 0.01μg/ml,respectively.The inter-and intra-day precisions,accuracy,and recovery were assessed to verify this method.The results showed that the developed method is rapid,sensitive,and reliable.It is suitable for the determination of chlorpyrifos in forensic toxicological analysis and clinical diagnosis.

Identification of Colored Dyes that are Resistant to Fading on Exposure to Ethylene Oxide;Use with Indicating FTA™Sample Collection Cards

Regulatory Standards and Forensic Communities are expressing an expectation for HID products to be certified as“DNA‑free.”Recently,“DNA‑free”status was described for HID‑related products using ethylene oxide(EtO);this gas reduces the presence of amplifiable DNA and causes minimal interference to downstream HID‑analytical methods.During sample collection,indicating cards,for example,Indicating FTA™(GE Healthcare Life Sciences,UK),are used to collect and store buccal cell DNA.These cards contain a dye which changes color on application of a colorless sample.Generating“DNA‑free”indicating cards using EtO should not impact the dyes’ability to indicate sample location or the efficacy of the card in downstream HID‑analytical methods.This study was initiated to identify alternative dyes to those currently used with sample indicating collection cards.The most promising,dyes when applied to cellulose papers exhibited a uniform color distribution and excellent sample indicating properties even when mixed with chemicals associated with FTA™.When dyed cellulose papers were exposed to EtO,ultraviolet radiation,elevated temperature,and humidity,negligible fading or discoloration was observed.The presence of these dyes on cellulose papers did not interfere with direct short tandem repeat(STR)profiling.Allelic concordance,first pass success rate,and mean peak heights were comparable to samples applied to Indicating FTA.Biological samples applied to EtO‑treated dyed cellulose papers and stored>1 month produced full STR profiles of sufficient quality to allow submission to DNA databases,confirming negligible interference from EtO treatment.These alternative sample indicating dyes resist EtO‑mediated fading while fulfilling the Forensic Community’s expectation for“DNA‑free”with negligible impact on collection card performance.