Destruction of Digital Traces when Concealing a Crime as a Challenge to Forensic Science

Detection, examination and use of digital traces of crime are important tasks of forensic science. However, the effective use of these objects is impossible in many cases due to their destruction by an offender himself or other persons. For the first time ever this article deals with a detailed scientific systematization of methods for destroying digital traces for the first time basing on domestic and foreign experience and describes a general algorithm for forensic computer-technical expert examination of the fact of destruction of digital traces of a crime as well as lost information recovery. It seems appropriate to study the patterns of criminal destruction of digital traces in close connection with provisions and results of the development of the forensic doctrine of concealment of traces of a crime by domestic scientists in the “pre-digital era”. One of the relevant tasks is also the development of domestic technical and software tools for destroyed computer information recovery.

1. Methods of Concealment of Traces of Crimes and Criminalistic Methods of Their Identification. Collected Works. Moscow: Moskovskii filial yuridicheskogo zaochnogo obucheniya pri Akademii MVD SSSR, 1984. 108 p. (In Russ.).

2. The Criminalistic Essence, Means and Methods for Establishing Ways to Conceal Traces of Crimes. Collection of Scientific Papers. Moscow: Moskovskii filial yuridicheskogo zaochnogo obucheniya pri Akademii MVD SSSR, 1987. 78 p. (In Russ.).

3. Mikhailov I. Key to Start: The Best Software and Hardware for Computer Forensics. The blog of F6 Company. 10.06.2019. (In Russ.). https://habr.com/ru/companies/facct/articles/454672/

4. Gutmann P. Secure Deletion of Data from Magnetic and Solid-State Memory. Proceedings of the Sixth USENIX UNIX Security Symposium (San Jose, July 22–25, 1996). San Jose, 1996. P. 77–90.

5. Kissel R., Regenscheid A., Scholl M., Stine K. Guidelines for Media Sanitization. Computer Security. National Institute of Standards and Technology, 2014. 56 p. https://doi.org/10.6028/NIST.SP.800-88r1

6. Hughes G., Coughlin T. Tutorial on Disk Drive Data Sanitization. San Diego: Center for Magnetic Recording Research, 2006. 15 p.

7. Al Saadi E.A.M. Anti-Computer Forensics Techniques. Zayed University, 2013. 46 p.

8. Garfinkel S. Anti-Forensics: Techniques, Detection and Countermeasures. The 2nd International Conference on i-Warfare and Security. Monterey: Naval Postgraduate School, 2007. P. 77–84.

9. Patel S.A., Yadav S.K., Kumar R., Singh A., Kumar P. Recovery of Deleted Data from Virtual Machine Using Open Source Tools: A Review. International Journal of Research and Analytical Reviews. 2024. Vol. 11. No. 1. P. 764–769.

10. Demidov A.A. Guaranteed Information Destruction Based on Code Noise Suppression. Infocommunication technologies. 2007. Vol. 5. No. 2. P. 75–78. (In Russ.).

11. Kutz D.V., Porshnev S.V., Sokolov I.P., Kutz M.P. On the Issue of Mashing Individual Files on Solid-state Drives. The Don Engineering Bulletin. 2024. No. 2 (110). P. 35–51. (In Russ.).

12. Kutz D.V., Porshnev S.V., Sokolov I.P., Kutz M.P. Analyzing the Problem of Reliable File Deletion on Solid-state Drives and Approaches to Its Solution. Bulletin of Ural Federal District (UrFD). Information security. 2024. No. 1 (51). P. 39– 44. (In Russ.). https://doi.org/10.14529/secur240105

13. Khlopov B.V., Samoylovich M.I., Mityagina A.B. Resiliency of Multiferroid HMDD Materials under Their Exposion to External Magnetic Fields. Innovative science. 2016. No. 4. P. 39–41. (In Russ.).

14. Curnett B., Darian T., Wojcik K., McCarthy S. Chemical Restoration of Damaged Hard Drives. Journal of Purdue Undergraduate Research. 2014. Vol. 4. Article 76. http://doi.org/10.5703/1288284315437

15. Al-Saleh M.I., Al-Shamaileh M.J. Forensic Artefacts Associated with Intentionally Deleted User Accounts. International Journal of Electronic Security and Digital Forensics. 2017. Vol. 9. No. 2. P. 167–179. http://doi.org/10.1504/IJESDF.2017.083992

16. Molodtsova Yu.V., Yakovlev A.N. Forensic Computer and Technical Examination. Study Guide. Мoscow: MGTU im. N.E. Baumana, 2021. 71 p. (In Russ.).

17. Beglaryan M.E., Voznyak G.N. Forensic Computer and Technical Examination. Мoscow: Unity-Dana, 2022. 72 p. (In Russ.).

18. Tushkanova O.V., Zubkov A.A., Vavilin A.Yu., Gudkova M.A. Typical Methodology for Forensic Information and Analytical Examination. Moscow: Sledstvennyi komitet Rossiiskoi Federatsii, 2023. 66 p. (In Russ.).

19. Horsman G. Understanding and Comparing Digital Traces. Australian Journal of Forensic Sciences. 2024. P. 1–11. https://doi.org/10.1080/00450618.2024.2381535

20. Soni N., Soni P. Tracing the Unseen: The Role of Digital Footprints in Modern Forensic Investigations. International Journal of Innovative Research in Technology. 2024. Vol. 11. No. 4. P. 346–352.

21. Rossinskaya E.R., Zinin A.M. Forensic Examination in Legal Proceedings: Textbook / E.R. Rossinskaya (ed.). Мoscow: Prospekt, 2022. 416 p. (In Russ.).

22. Theory of Information and Computer Support of Criminalistic Activities / E.R. Rossinskaya (ed.). Мoscow: Prospekt, 2022. 254 p. (In Russ.).