Journal of Digital Security and Forensics

COMPARISON OF CHARACTERISTIC FEATURES OF INKJET PRINTERS OF DIFFERENT MAKE AND MODEL USING VIDEO SPECTRAL COMPARATOR

2025-07-01T06:24:55+00:00

The present study aims to identify and analyze the individualizing characteristics of documents printed using various inkjet printers through non-destructive examination with a Video Spectral Comparator (VSC-40). Printed samples were collected from twelve different inkjet printer models, primarily from the EPSON, HP, Canon, and Brother brands. Standardized A4 paper was used to ensure uniformity in analysis. Under VSC-40 magnification, several distinguishing features such as edge sharpness, dot roundedness, blooming effect, extraneous dots (satellite drops and overspray), directional artefacts, line defects, and banding patterns were systematically examined. The study observed that EPSON printers, utilizing piezoelectric technology, demonstrated superior edge sharpness and minimal blooming effects compared to other brands. Printers like Brother-DCP J140w exhibited pronounced blooming and banding defects. Features such as directional tailing and consistent line defects proved useful for determining the type of printing technology employed and for linking documents to their sources. The findings confirm that VSC-40 imaging provides a reliable, non-destructive means for the forensic differentiation of inkjet-printed documents, enhancing authenticity verification and source identification processes in questioned document examination.

AN EVALUATION OF CYBER INCIDENT MANAGEMENT SYSTEMS IN HIGHER EDUCATION INSTITUTIONS (HEIS) IN KENYA

2025-10-07T09:13:10+00:00

Kenyan universities are increasingly integrating digital technologies into their academic and administrative operations. However, this digital transformation has exposed institutions to escalating cybersecurity threats, including data breaches, ransomware attacks, and unauthorized access to critical information. This study evaluates the effectiveness of existing cybersecurity measures and incident management systems in Kenyan universities, aiming to identify key vulnerabilities and areas for improvement. A structured survey was conducted among IT personnel from four major Kenyan universities, gathering data on cybersecurity preparedness, existing frameworks, and incident response strategies. The findings indicate that while universities have implemented basic cybersecurity measures such as firewall protections and access controls, there are significant gaps in real-time threat detection, incident response preparedness, and cybersecurity training programs. Many institutions lack dedicated cybersecurity teams, and incident response mechanisms are largely reactive rather than proactive. Additionally, limited financial and technical resources hinder effective implementation of cybersecurity policies. This paper highlights critical deficiencies in cybersecurity frameworks currently in use and emphasizes the need for real-time monitoring systems, improved staff training, and the adoption of automated threat detection tools. The study recommends a multi-stakeholder approach involving universities, government agencies, and cybersecurity experts to enhance resilience against evolving cyber threats. Addressing these gaps will allow Kenyan universities can strengthen their cybersecurity posture, protect academic assets, and safeguard the privacy of students and faculty members. This research contributes to ongoing discussions on cybersecurity in higher education and provides a foundation for developing more effective cybersecurity policies and frameworks in African academic institutions.

TACKLING INSTANT LIQUIDITY DRAINING ATTACKS IN DEFI SMART CONTRACTS WITH HYBRID BLOCKCHAIN-AI SOLUTIONS

2025-10-30T09:42:52+00:00

Decentralized finance (DeFi) protocols are becoming increasingly targeted by cyber threats, such as liquidity drain attacks, smart contracts flaws that leverage instant loans, and increasingly sophisticated threats that include DarkGate ransomware. We develop a hybrid framework that integrates CTI and predictive analytics to facilitate improving consensus mechanisms in a blockchain network. The proposed framework is centered on three layers , a data collection and processing layer, a security oracle layer that engages to mitigate intervention, and a dynamic adaptive mechanism to reach consensus.
A 250-node testbed was built and deployed with the Hyperledger Besu and Geth deployments of Ethereum incorporating hybrid GRU-BiLSTM which utilize GNN's for predicting attacks. The results reveal improvements of transaction processing TPS of up to +236%, settlement latency improved -75%, fork rate improved to less than 3%, and downtime improved from 15% to 1.5%. Statistical tests T-Test and ANOVA also reveal these were of high statistically significance at p < 0.01.
This study emphasizes that bridging functional aspects of AI with adaptive consensus mechanisms will be an effective approach at combating advanced cyber-attacks while maintaining reliability and resilience in DeFi systems.

POLYGRAPHY AS A TOOL FOR FORENSIC PSYCHOLOGICAL EVALUATION IN CASES OF WORKPLACE HARASSMENT: ADVANCES AND ETHICAL CONCERNS

2025-11-17T09:35:20+00:00

From a conventional technique for detecting lies, polygraphy has developed into an important psychophysiological instrument for forensic psychological analysis. The use of polygraphy in evaluating psychological trauma and confirming veracity in workplace harassment cases is examined in this review. The study looks at the main polygraph methods, their theoretical underpinnings, and how they can be combined with clinical and psychometric tests to improve the accuracy of forensic analyses. According to the literature currently in publication, polygraph tests offer important insights into emotional arousal, trauma recall, and the veracity of witness or victim statements when used ethically and in combination with other psychological tests. However, issues with legal admissibility, examiner bias, and the possibility of victim re-traumatization make careful, trauma-informed application necessary. According to the review's findings, polygraphy is most effective when used in conjunction with conventional psychological and investigative evaluations to help comprehend the intricate relationships between trauma, emotion, and the truth in cases of workplace harassment.

AN AI-DRIVEN MODEL FOR OPERATIONAL THREAT INTELLIGENCE TO ENHANCE REAL-TIME INCIDENT DETECTION AND RESPONSE IN THE KENYAN JUDICIARY

2025-11-28T08:40:15+00:00

Current threat intelligence systems often lack scalable, adaptive AI architectures capable of delivering real time incident detection and dynamic response, particularly in resource constrained environment such as judicial institutions. This paper presents a novel AI-driven architectural design for operational threat intelligence, specifically tailored to enhance cybersecurity in the Kenyan judiciary system. The proposed model integrates three foundational frameworks which are, Integrated Adaptive Cyber Defense (IACD), the Cyber Kill Chain, and Moving Target Defense (MTD) into an architecture that supports real-time data ingestion, continuous AI model retraining, and automated response orchestration. Key features include a dynamic feedback loop for adaptive learning, AI-powered multi-stage threat detection aligned with attack lifecycle mapping, and resource-efficient dynamic defense mechanisms suitable for low-resource judicial environments. This design significantly improves incident response capabilities by enabling faster, more accurate threat detection and automated mitigation, reducing mean time to detect and respond. By providing a scalable, transparent, and explainable AI model, the architecture offers a practical blueprint for enhancing cybersecurity resilience in judicial systems worldwide, with applicability to the unique challenges faced by Kenyan courts. This study lays the foundation for future extensions involving federated learning to enable secure, multi-court deployments, further strengthening collective judicial cybersecurity defenses.

DIGITAL FORGERY IN THE AGE OF MISINFORMATION USING TECHNIQUES FOR RELIABLE IMAGE MANIPULATION DETECTION AND ASSESSING THEIR SOCIETAL IMPACT

2025-12-02T05:48:04+00:00

Digital image forgery has become a serious concern in today's information-driven society, as images rapidly circulate across social media, news platforms, and digital communication. As the creation of manipulated images becomes easier and their detection more difficult, the demand for reliable forgery detection techniques has become more urgent than ever. This review covers a wide range of methods that can be used to identify tampered images, with particular attention to metadata verification, hashing-based approaches, and learning-driven strategies. Metadata inspection remains among the simplest and earliest techniques, but it is usually vulnerable because metadata can be easily removed or altered. Hashing-based methods have much stronger robustness by generating unique digital signatures for images. However, they usually fail when minor edits are performed. Machine learning and deep learning techniques have significantly advanced the area, which primarily enables learning complex manipulative patterns automatically. These include convolutional neural networks, attention mechanisms, and hybrid models combining traditional features and deep features for superior detection accuracy. Some of the main focuses of current research are on hybrid architectures aimed at combining strengths for better performance against real-world forgeries, including sophisticated deepfakes. Besides technical advancements, this review highlights the societal importance of image integrity. Reliable forgery detection is important in journalism, forensic analysis, medical imaging, and national security-all those domains where misinformation or tampering could have dire consequences. While tremendous progress has been made, some challenges still remain, particularly with respect to how easily metadata can be tampered with or the realism of AI-generated content. Finally, the paper concludes by identifying future research avenues that have the potential to make forensic systems resilient and help rebuild trust in digital media.

A REVIEW OF BEHAVIOURAL FINGERPRINTING FOR CLOUD RANSOMWARE DETECTION VIA SYSTEM AND API CALL ANALYSIS

2025-12-05T06:40:40+00:00

The rapid spread of cloud computing has opened profit centres for ransomware attacks. Classical methods of detection are static in nature and signature-based have more and more difficulties with modern ransomware. Ransomware today employs obfuscation and misuses genuine administrative functions, especially in API-centric cloud environments. The paper delivers a structured literature review that focuses on various methodologies for ransomware detection advocating for the central importance of classifying and assessing attacks based on their actions. We argue that behavioural fingerprinting based on extensive studying of cloud workloads and API calls to the cloud control plane is the best approach for early and accurate detection of cloud-native ransomware. This review looks at what is present in the field of malware analysis, we present the fundamental elements of behavioural fingerprinting which we see across the ransomware attack cycle, also we note that which system and API calls are the main data sources for very accurate fingerprints. Also, we report on the machine learning and deep learning tools which we use to automate detection into which we are also putting forward the issue in the real-world setting. Performance issue. We look at what issues bring up as we apply these principles to cloud structures which are also home to new primary data sources in the form of cloud API logs for defenders. We end with a review of what we found out, we also put forth that there is a need for cloud specific data sets and explainable AI which are present research gaps and we also put forth what may prove to be very good areas for future research in what is very much a growing field of cyber security.

RECONSTRUCTING USER ACTIVITY THROUGH BROWSER FORENSICS BY EXAMINING TECHNIQUES AND ETHICAL CONSIDERATIONS

2025-12-05T06:59:06+00:00

It is a study based on the importance of web browsers as we use it in everyday life and primary sources of online evidence for investigation. This perspective extends beyond the technical, including the human and investment aspects that create the constant evolution of browser forensics over recent years. By examining research that utilizes a range of forensic tools and methodologies and also the study identifies how investigators extract and analyze these artifacts to reconstruct timelines, track user actions, and recover deleted and hidden information. As with the time browsers continue to integrate advanced privacy features with synchronization across devices and stronger encryption forensic methods must evolve accordingly. This review highlights how advancements in technology compel ongoing improvements in forensic strategies and emphasizes the need for adaptive, ethical, and well-validated approaches. By the advancements of browser usage, the potential for cybercrime is also increasing and by that it is very crucial for investigators to understand browser forensics to retrieve the essential evidences. Researchers have to work ethically and balancing rigorous forensic analysis with concerns about preserving user’s privacy, and most of the research reviewed in this paper discussed about this dilemma. This study analyses and examines browsers artifacts e.g. cache, cookies, and history in normal, private, and portable modes in different commonly used browsers by using different multiple tools and methodologies.it also helps to recover meeting data, user details, and encrypted content by memory and browser forensics in SaaS platforms. The paper discussed how technological development compels forensic methods to evolve continuously.

AI-BASED DERADICALIZATION: OPPORTUNITIES, RISKS, AND CASE STUDIES

2025-12-15T11:40:58+00:00

Radicalization is a multifaceted process characterized by the embrace of extreme ideologies and actions that contravene societal norms, potentially culminating in violent extremism. Deradicalization, or more broadly, countering violent extremism (CVE), encompasses the processes, initiatives, and interventions aimed at reversing or counteracting radicalization, facilitating individuals' disengagement from extremist ideology or behaviors. Recent studies underscore the increasing significance of artificial intelligence (AI) in combating online extremism and facilitating deradicalization initiatives. AI tools are being developed to identify extremist content, forecast at-risk individuals, and study the communication patterns and propaganda tactics of extreme groups, especially on social media platforms. These platforms can distribute counter-narratives and positive representations to contest extreme ideas; nevertheless, their efficacy relies on ethical and responsible implementation, along with interdisciplinary collaboration. Although Artificial Intelligence (AI) has emerged as a potential instrument in various fields including extensive data, pattern recognition, personalization, automation, and decision support, there is a paucity of research about the application of AI in the deradicalization of terrorist criminals within correctional facilities. This study aims to examine the prospects, risks, and trajectories of AI-based deradicalization. This study seeks to comprehend the role of AI in deradicalization efforts. This study identified ways for implementing AI-based deradicalization through a literature analysis and interviews with cyber and deradicalization specialists, as well as past terrorist offenders, which are included in the RARE Model (Relation-Assistance-Reintegration-Evaluation). This research may assist practitioners or governments in executing AI-driven deradicalization initiatives.