Professional Documents
Culture Documents
Abstract— The demand for digital evidence is increasing wise ledger sharing and Hyperledger Fabric are proposed for
worldwide. A reliable digital evidence management system is maintaining evidence confidentiality in this research. The
needed to ensure that justice is served in court. The chain of research identifies gaps in existing blockchain-based Chain of
custody plays a vital role in this process, but people are the Custody (CoC) systems compared to the proposed one. These
weakest link in any trust chain. Blockchain technology can be gaps include private blockchain use, permissioned networks,
used to store and analyze digital evidence data in a secure and group-wise ledger sharing, confidential evidence transfer, and
confidential manner, with proper access control. As digital high supervision during investigations [3]. The study
evidence comes in various forms, blockchain can be dynamically
addresses the need for innovative blockchain solutions,
changed to accommodate new data extraction methods. This
highlighting privacy concerns in public blockchains and the
research paper proposes and develops a blockchain-based
digital evidence management system using Hyperledger Fabric,
lack of higher authority supervision. It presents research
Dynamic chaincode ,Hybrid access control. questions and objectives for developing a specific, secure, and
confidential CoC system using blockchain technology in
Keywords — Dynamic Chaincode, Data Extraction, digital forensic investigations [4].
Blockchain, Hyperledger Fabric, Hybrid Access Control And also this study describes a novel technique for data
extraction for mobile device forensics. We offer a unique
I. INTRODUCTION approach for acquiring call logs, contacts, messages, and
device-specific information using a precisely constructed
Digital technology is now an important aspect in our daily system that includes an Android APK, a memory dump
life, where most of the industries including healthcare, collection mechanism, server infrastructure, and a desktop
finance, food, transportation heavily relying on it. However, application. Notably, our encryption system protects data
rising cybercrime underscores the importance of digital integrity by utilizing a proprietary hash-based encryption
evidence in prosecution. Traditional Chain of Custody process, which is augmented by real-time communication
processes have limitations, necessitating a decentralized over web sockets. This study establishes a complete
system for secure, confidential, authentic, and auditable framework for redefining mobile device forensic operations,
management of digital evidence. Blockchain technology, with resulting in increased accuracy and security in digital evidence
its immutable transaction history, is a promising solution. This extraction[11].
research introduces "Binary Themis," proposing a blockchain-
based Chain of Custody system, emphasizing evidence
confidentiality through group-wise ledger sharing, with II. LITERATURE REVIEW
implementation details involving Hyperledger Fabric . [1]
The chain of custody is the chronological order The concept of chain of custody in digital evidence
documentation or paper trail that records the sequence of management has evolved alongside advancements in digital
custody, control, transfer, analysis, and disposition of technology and the increasing role of digital evidence in
materials, including physical or electronic evidence. It is a investigations.
critical process in ensuring the integrity of evidence, and it is In the early days of digital forensics, during the 1980s and
essential for the admissibility of evidence in court. but it is 1990s, there was limited awareness of the need for a
challenging to maintain. [2] formalized chain of custody. Digital evidence was often
handled without the same level of care as physical evidence.
Combining private blockchain, and cryptography The late 1990s and early 2000s saw increased recognition of
enhances the chain of custody, ensuring transparency,
the importance of chain of custody in digital evidence
authenticity, security, and auditability. Additionally, group-
through legal cases. Courts began to require documentation
of the handling and storage of digital evidence to ensure its There Yet?" by Erbium et al. (2020) [9]. Finally, the choice
admissibility. [5] of Hyperledger Fabric as the blockchain platform aligns with
Organizations such as the National Institute of Standards and the trend of using this technology.
Technology (NIST) in the United States began developing
guidelines and standards for digital evidence handling. The While prior research leveraged Ethereum-based consensus
NIST Special Publication 800-101 is an example of such a methods, notably Proof-of-Work (PoW) and Istanbul
guideline. [6] Byzantine Fault Tolerance (IBFT), this study introduces a
novel approach, adopting the Raft consensus algorithm
(RAFT). Unlike PoW's energy-intensive nature and IBFT's
A. Hyperledger Fabric blockchain network
multiple voting rounds, RAFT simplifies consensus with a
single authoritative node, minimizing network overhead,
Hyperledger Fabric is a prominent blockchain network
enhancing real-time processing, and reducing energy
framework that has gained significant attention in both
consumption. RAFT's efficiency and low latency make it a
academic research and industry applications. Developed
promising choice for digital forensics evidence management,
under the Linux Foundation's Hyperledger project, Fabric
highlighting the proposed system's innovative departure from
stands out for its modular and permissioned architecture,
conventional methods in the field. [10]
making it suitable for various enterprise use cases. One of its
key features is its support for smart contracts, which are
programmable logic components that facilitate the execution
of predefined actions upon certain conditions. This flexibility
enables the creation of decentralized applications (dApps)
tailored to specific business needs, such as supply chain
management and financial services. Additionally, Fabric
employs a robust consensus mechanism, often using Practical
Byzantine Fault Tolerance (PBFT) or Raft, to ensure Figure 1: Performance Comparison of Raft, Pbft, and PoW [10]
transaction finality and data integrity [7].
B. Evidence collecting and data extraction
The framework's focus on privacy and confidentiality is
noteworthy, with channels that enable private transactions
Recent work has emphasized the importance of developing
between select participants. Its rich permissioning system
novel techniques to solve constraints such as accurate and
further enhances security and access control. Hyperledger
secure digital evidence collection. The incorporation of
Fabric's widespread adoption and continuous development
cross-platform frameworks, such as Flutter, offers a viable
underscore its significance in the blockchain ecosystem,
path for developing efficient Android apps with privileged
offering a compelling solution for enterprises seeking to
access to the kernel. This ensures the recovery of complete
harness the benefits of blockchain technology while
data, including call records, contacts, messages, and device-
addressing their unique requirements for scalability, privacy,
specific information.
and control [8].
The use of SHA-256 encryption, a tried-and-true standard in
In the Binary Themis system, several key concepts and data security, provides another degree of protection to the
novelties are introduced to enhance evidence management in process. Notably, the proposed hash-based encryption
digital forensics. Firstly, the utilization of a private approach, in conjunction with real-time communication
blockchain stands out as a fundamental concept, ensuring that enabled by web sockets, adds to data integrity while in transit.
the network remains restricted to authorized participants,
which aligns with similar systems as presented in the work by
Ahmad et al. (2020) [9]. Additionally, the emphasis on a
permissioned network, where only authorized parties can
participate in the blockchain, reinforces the security and
control aspects, a shared concern as seen in the paper
"Blockchain-Based Chain of Custody for Digital Evidence
Management in Cloud" by Wang et al. (2019) [1]. The
introduction of group-wise ledger sharing among specific
stakeholders is a promising innovation that can enhance
collaboration and security in evidence management.
The ledger for the subnetwork will only be shared with the
members of the subnetwork. The ledger is encrypted using
cryptography, so only authorized users can access it. The
encryption keys are managed by the organization's fabric CA,
which is under the control of a higher authority.
Figure 3: Overall System Diagram The application of smart contract techniques that make it
possible to alter data pertaining to evidence based on user
A. Main hyperledger fabric blockchain network interactions and inputs. Let's look at a few chaincode
characteristics that contribute to its dynamic nature:
Electron is used to construct a desktop application for Figure 6: Access control mechanism.
analysis and exploration. This program takes encrypted data
from the server, decrypts it with the secret key, and converts IV. DISCUSSION
it back to its original JSON format. Forensic investigators can
then carefully review and analyze this encrypted data,
providing critical insights into the mobile device's The research presented in this paper introduces "Binary
communication history, contact exchanges, and more. By Themis," a blockchain-based Chain of Custody (CoC) system
combining these technical components smoothly, the designed to address the limitations of traditional CoC
technique ensures a complete and secure approach to mobile processes in managing digital evidence. The system
device data extraction and analysis for forensic reasons. emphasizes evidence confidentiality through group-wise
ledger sharing and utilizes Hyperledger Fabric for
D. Implement a hybrid access control mechanism using implementation.
both role-based access controls (RBAC) and attribute-
based access controls (ABAC) The "Binary Themis" system has broad implications for the
field of digital forensics and beyond. Its ability to ensure the
The initial step involves identifying the roles within the confidentiality, security, and authenticity of digital evidence
system, which represent various job functions or user duties. can bolster the admissibility of evidence in court, ultimately
Roles such as "Judge", "police officer" or "Administrator" are strengthening the justice system's reliance on digital data.
examples that may present in the system. Each role is given Moreover, the system's emphasis on privacy and security
the permissions that are appropriate for their job duties. The aligns with the growing concerns regarding data protection in
actions that users in a certain role permitted to take are the digital age.
determined by these permissions. An "Administrator" for
instance, might have access to data creation, read, update, and
deletion, whereas a "policeman " role might just have access V. CONCLUSION
to read and update.
The "Binary Themis" system introduces a novel approach to
Rules are established to integrate attribute-based Chain of Custody management for digital evidence through
requirements with role-based permissions. Based on a piece the integration of private blockchain technology,
of data's properties, these policies decide whether a person cryptography, and the use of the Raft consensus algorithm.
with a particular role is permitted access to it. For instance, By addressing existing gaps in blockchain-based CoC
you could create a policy that only permits a role with the title systems and emphasizing evidence confidentiality, this
"police officer" to read a particular type of data if it has not research provides a promising solution for enhancing the
been designated as sensitive. Access control mechanisms are integrity and security of digital evidence in forensic
used in accordance with the specified policies and these investigations. The system's innovative departure from
guidelines can be applied in a number of ways, including conventional methods opens new avenues for research and
custom code within your application, database triggers, and development in this critical field.
access control lists (ACLs).