Autonomous System for Ensuring Integrity of documents (Especially Transcript) using Secure QR Code

The use of fake mark sheets, fake transcripts, fake degree certificates and other such educational documents is often high-lighted in news channels and print media nowadays. People forge their documents to gain maliciously not only in India but the problem is prevalent worldwide including instances of students applying to US universities. Over the past few years cases involving the submission of such fake documents to acquire admission to prestigious institutions, getting jobs or promotions in their jobs have seen a rise globally. There are websites available on internet which make forged/ fake document(s) for a payment and deliver the counterfeit to any location in the world. The availability of latest printing and scanning technologies have made it easy for the criminals to create an original like fake document, which poses a serious threat to the credibility of the document issuing institution(s). At the same time it has become very difficult for the administrative bodies at colleges, universities and employers to differentiate between the original and the fake. 

Colleges, universities and companies across the country have started taking help of forensic experts who can manually verify the authenticity of submitted documents as verifying them from issuing authorities is not only costly but also turnaround time is very high. Also, most institutions (issuer of documents viz transcript etc.) do not want to expose their database for the external world from the fear of misuse including security reasons, it becomes important that a solution is developed which can verify the integrity of document without depending on issuers database in a real time and in an automatic manner.

There is a lack of automated solutions for ensuring the integrity of these educational documents. In this work, we have proposed a mechanism which uses secure QR code for protecting the integrity of educational documents. Our solution includes a module for generation of secure QR code at issuing side, verification module which uses Public Key Cryptography for ensuring the document integrity at the verification side. Verification module can smartly identify changes into the document and decide whether the changes originated from a tampering attempt or due to OCR errors. 

In this work, we have designed and implemented secure QR code for mark sheets and other educational documents and demonstrated how these can be validated successfully using QR code without depending on any external sources (database query from the document issuing authority). With this system in place, it is next to impossible to create fake mark sheets. We have incorporated several innovative techniques to overcome the limitations of OCR errors; thus we are able to detect intentional tampering. Entire process is fully automated, efficient, and verification can be done using an application (freely available at issuing authority website) in an offline, real-time manner and result will not only verify the integrity of the submitted document (image taken either by scanner or digital camera or phone camera) but also highlight what has been tampered in case of forged/ fake document. A sample implementation on CBSE 12th class transcript is shown below

Original Sample Transcript

Questioned Transcript 

 

Resultant Integrity Verification

Future of Forensic Labs: Government Forensic Labs versus Private Forensic Labs

Cases are piling up in Courts and one of the major cause of delay in delivering justice is delay in forensic investigation reports from forensic labs. In India, legal cases go to government (central forensic science laboratories and/ or state forensic science laboratories). Forensic labs cite the reason of delay to lack of trained manpower, space and infrastructure, which is true in most cases. The average number of cases handled by forensic scientist in India outnumber their counterpart worldwide. Hence most experts do not get time and opportunity to upgrade their knowledge which in turn again leads to further delay in execution of forensic investigation. Area like digital forensic is most neglected as most of forensic scientist dealing with such cases do not have educational background and in depth knowledge to handle such cases. Active research is declining as there is not time for research. The government forensic labs have equipments, which are lying unused as there are not enough skilled personnel's, who could use this expensive infrastructure, which is leading to slow death of government forensic labs in India.

I would like to draw a parallel here with health care system where many of private hospitals are able to deliver quality health care by optimally using their resources and by providing scope for research and knowledge upgrade to the employees.

I foresee that slow death of government forensic lab and pressure from judiciary and industry readiness will open the doors of opportunity for private forensic labs in India especially private digital forensic labs as the world is getting more and more connected and our dependency on technology is increasing on each passing day. We need experts who know their state of the art and carry out research to develop innovative, efficient and scalable solutions. this will also be in line with out National Cyber Security Policy 2013 as announced by Government of India. There has be a clear policy to monitor the working on private forensic labs. These private forensic labs need to meet highest level of standards to remain operational and law should allow them to be used in place of government forensic labs. This healthy competition will help both government and private forensic labs and thus society in general.

Digitized Document Fraud Detection and Fixing

In our daily life, we still depend on printed documents like judicial papers, currency notes, certificates, bank cheques, property papers, security documents, licenses etc. As these sensitive documents play a very important role, criminals very often indulge in producing counterfeit version of such documents for unlawful and malicious gain. Modern technology has enabled the easy conversion of the hardcopy of the documents to digitized form. With the help of cheap and sophisticated scanning technology or digital camera, such digitization can be achieved. For the documents, scanners are preferred as the capturing can be done in a controlled manner. Thus, in the modern system, the documents can be archived in the digitized form and copies can be generated as and when required through the computerized system.

Furthermore, the digital printing technology has enabled the generation of documents maintaining the desired level of quality. Thus, the advent of digital scanning and printing technology has rendered an easy and safe way for generating fake documents. Once a hardcopy of a target document is available, it can be captured through scanner, tampered using image processing software and printed. As a result, frequency of the occurrences of fake stamp paper, scorecard, licenses, currency etc. has risen significantly. Such malpractices are referred as Digitized Document Frauds (DDF)

Current process of detecting counterfeiting requires an expert to manually use sophisticated hardware tool viz. Video Spectral Comparator and/ or Microscopes which are slow and their efficiency is limited by many constraints and on the other hand chemical analysis of paper and ink is destructive in nature. There is no standard procedure for linking the questioned counterfeit document to its source.

In this light, the first objective of our research work funded by Department of Information Technology, is to develop an efficient, portable, non-destructive automated system for tackling digitized document frauds (including counterfeit currency) in forensic context. This will be achieved by developing a new methodology for efficiently detecting a fraudulent document and then linking this fraudulently generated document to scanning/ printing device (including printing press, color laser printers and/ or color inkjet printers and/ or color photocopying machines and/ or scanners) in a closed set of suspect devices. 

The second objective of the study is to identify suitable parameters from magnified image of document under question using high quality microscopes, Scanning electron microscopes and or VSC 5000, VSC 6000 and hand held microscopes which can be quantified using image processing techniques.

Next objective is to test large number of commonly used documents including currency notes to identify robust features, which are independent of a manufacturer rather, will depend on the defects present in each device.

The basis of this proposed research work is that the scanning and or printing devices are made perfect only for naked eyes but when a magnifying device is used to investigate defect specific to each device (device fingerprint) is unique and these defects are quantifiable, which can be used to develop an automated system for tackling DDF. This is useful for law enforcement agencies as the automated tool will provide potential evidence to be used in Court of Law.

We are also conducting study of available security features present in documents to identify suitable parameters, which will also be used to develop an automated tool to assist investigative agencies to detect and fix digitized document frauds (DDF) to its source in forensic context. There is an urgent need of develop a method for detecting digitized document fraud and then linking it to its origin in forensic context to minimize the negative consequences on society and the economy.

Digital Forensic Research Direction

Digital forensics have passed through its golden era as suggested by Simpson Garfinkle raises an important question in front of digital forensic research community i.e. whats next for digital forensics? What will be he future of digital forensics? What does end of golden era mean? Can we expect the platinum era to start sometime soon. What are the next generation challenges and what direction the digital forensic research take? These are some of the very important questions. However things which will not change are the speed of change of technology and quest for providing convenience, which will increase the scope of incidents and digital forensic research has to match up with speedy development of solutions which are not only scalable but also efficient, economical and do not hinder in the convenience of the users. The cycle of technological changes has gathered speed and hence technologies become obsolete before even they are fully utilized. Thus scalability and speed of development of digital forensic solutions  are the need of the hour.

Capacity building @National Cyber Security Policy 2013

National Cyber Security Policy 2013 talk about creating a workforce of 500,000 professionals to cater to national cyber security. In recently concluded Assocham event "11th India Knowledge Summit 2013 Cyber Era - securing the Future" experts emphasised that country indeed needs professional to cater to cyber security, however there is no road map mentioned to attain the target. To create the workforce, we need a clearly defined road map where experts from academia and industry has to come together to formulate right curriculum, resources and benchmarks including certifications. Thus need of the hour is to prepare these resources. Since security and forensic go hand in hand and forensic provides feedback to security hence digital forensics skills gains importance as they are available in abundance. Digital Forensic Group @ IIIT-Delhi is working on solving problems pertaining to real work challenges faced by law enforcement and other investigative agencies and would like to make a positive impact on the lives of citizens of India. The important problems we  are working on are:
1. Detecting and fixing digitized document fraud detection including counterfeit currency
2. Privacy preserving digital forensic investigation
3. Document integrity establishment in real time, efficient,offline manner through automated system.
4. Resource development for capacity building to support National Cyber Security Policy 2013

Digital Forensic Principles

Since time immemorial, crime has had a direct association with human civilization. This association generated a need for proper and thorough investigation, leading to the evolution of various investigation techniques and methodologies and in turn forensic science. The relationship of forensic science with law and pure science is very clear and they influence each other. Traditional forensic science uses pure science to answer questions pertaining to investigation in an admissible manner primarily using physicochemical and biological characteristics. The properties (physicochemical and biological) of entities (matter) change as a result of an incidence (events/ actions). This fundamental framework of entities and events along with their ever-changing physicochemical and biological properties (states) strongly influences the forensic principles, investigation process models, guidelines, standards, best practices and administrative/ legal requirements of forensic knowledge. The change to an entity due to any incidence leads to the transition of the entire system to a new state where the physicochemical and biological characteristics of entities (some/ all) gets transformed. The quantification of these state transformations before and after the crime results into potential evidences leading to reconstruction of the sequence of events of the incident. In today‟s world, digital realm is proving a ripe and ready stomping ground for crooks of all kinds and the evidence against them that may be used in a court of law, now mostly comes in digital format. Unlike other conventional forensic science branches (physical, chemical and biological), which have admissible and well defined principles, guidelines and methodologies, the digital forensics science is still evolving. As a result of this ongoing evolution, the IT Laws still treat digital forensic evidence as only corroborative evidence; so evaluating and enhancing forensics principles and forensic knowledge will help digital forensic science to acquire its rightful status in the eyes of the Court of Law. In this research work, we evaluated the established traditional forensic knowledge and principles in digital realm. These famous principles of traditional forensic science have yet to be evaluated in the realm of digital forensics. This evaluation leads to the evolution of new constraints and enhancement of existing traditional forensic science principles. This will help in the development of investigative framework and model for tackling computer frauds and cyber crimes by standardizing the digital evidences to be presented in the court of Law. It will also help in evidence dynamics and reconstruction of sequence of events (time-lining digital evidence) by realizing the properties of Individuality, Repeatability, Reliability, Performance, Testability, Scalability, Quality and Standards in analysis of computer frauds and cyber crimes. The evaluated and enhanced principle and knowledge will help in developing new solutions for unsolved problems and in scaling existing solutions to tackle rapid change of digital technology. The enhanced principles encompass the traditional crimes as well as the computer fraud and cyber crime (CFCC).

TRANSFORMABILITY PRINCIPLE
The division of matter due to forces of various kinds is a fundamental event of nature. In material world, force or action can produce deformations other than division. In the digital world, in most cases, there is no division or deformation of matter, but there may be complete or partial division or copying of information in the form of content and traits. Thus, due to some action, transformation(s) of information or shape, size, volume or appearance of entities takes place in both the physical and digital world. This transformation serves the same purpose as the divisibility of matter does in traditional world. This transformed information or trait becomes evidence by the virtue of its connection with criminal act. The Transformability principle can thus be derived from the Divisibility principle as follows:

“An entity gets transformed into one or more components due to specific actions. The components will acquire the properties traceable to the properties of the original entity or the process of transformation or both”.
 
GENERALIZED EXCHANGE PRINCIPLE
In the material world, every contact and the consequent interplay of forces between the contacting objects result in the exchange of matter or trait. Even in some cases involving digital objects, the above phenomenon takes place. But CFCC constitutes of more generic type of exchanges and transfer, viz., exchange or transfer of information or digital traits. Not only that, the exchange or transfer in many cases involve transfer of even whole object or a large part of the object, instead of only a trace. Thus a generalized restatement of Locard‟s Exchange principle is

“Action involving an entity will result in the exchange of information or matter between the components or properties of the entity and the environment”.

This generalized exchange principle covers both conventional as well as digital realm. The transfer in the Generalized Exchange principle relies not only on physicochemical and biological transfer but it also includes transfer of information.