{"id":"https://openalex.org/W4400885733","doi":"https://doi.org/10.1145/3680294","title":"InvesTEE: A TEE-supported Framework for Lawful Remote Forensic Investigations","display_name":"InvesTEE: A TEE-supported Framework for Lawful Remote Forensic Investigations","publication_year":2024,"publication_date":"2024-07-22","ids":{"openalex":"https://openalex.org/W4400885733","doi":"https://doi.org/10.1145/3680294"},"language":"en","primary_location":{"id":"doi:10.1145/3680294","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3680294","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3680294","source":{"id":"https://openalex.org/S4210235901","display_name":"Digital Threats Research and Practice","issn_l":"2576-5337","issn":["2576-5337","2692-1626"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Digital Threats: Research and Practice","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3680294","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5057044885","display_name":"Christian Lindenmeier","orcid":"https://orcid.org/0000-0003-2369-2196"},"institutions":[{"id":"https://openalex.org/I181369854","display_name":"Friedrich-Alexander-Universit\u00e4t Erlangen-N\u00fcrnberg","ror":"https://ror.org/00f7hpc57","country_code":"DE","type":"education","lineage":["https://openalex.org/I181369854"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Christian Lindenmeier","raw_affiliation_strings":["Department of Computer Science, Friedrich-Alexander-Universit\u00e4t Erlangen-N\u00fcrnberg (FAU), Erlangen, Germany"],"raw_orcid":"https://orcid.org/0000-0003-2369-2196","affiliations":[{"raw_affiliation_string":"Department of Computer Science, Friedrich-Alexander-Universit\u00e4t Erlangen-N\u00fcrnberg (FAU), Erlangen, Germany","institution_ids":["https://openalex.org/I181369854"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5025460867","display_name":"Jan Gruber","orcid":"https://orcid.org/0000-0003-1862-2900"},"institutions":[{"id":"https://openalex.org/I181369854","display_name":"Friedrich-Alexander-Universit\u00e4t Erlangen-N\u00fcrnberg","ror":"https://ror.org/00f7hpc57","country_code":"DE","type":"education","lineage":["https://openalex.org/I181369854"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Jan Gruber","raw_affiliation_strings":["Department of Computer Science, Friedrich-Alexander-Universit\u00e4t Erlangen-N\u00fcrnberg (FAU), Erlangen, Germany"],"raw_orcid":"https://orcid.org/0000-0003-1862-2900","affiliations":[{"raw_affiliation_string":"Department of Computer Science, Friedrich-Alexander-Universit\u00e4t Erlangen-N\u00fcrnberg (FAU), Erlangen, Germany","institution_ids":["https://openalex.org/I181369854"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5035871932","display_name":"Felix Freiling","orcid":null},"institutions":[{"id":"https://openalex.org/I181369854","display_name":"Friedrich-Alexander-Universit\u00e4t Erlangen-N\u00fcrnberg","ror":"https://ror.org/00f7hpc57","country_code":"DE","type":"education","lineage":["https://openalex.org/I181369854"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Felix Freiling","raw_affiliation_strings":["Department of Computer Science, Friedrich-Alexander-Universit\u00e4t Erlangen-N\u00fcrnberg (FAU), Erlangen, Germany"],"raw_orcid":"https://orcid.org/0000-0002-8279-8401","affiliations":[{"raw_affiliation_string":"Department of Computer Science, Friedrich-Alexander-Universit\u00e4t Erlangen-N\u00fcrnberg (FAU), Erlangen, Germany","institution_ids":["https://openalex.org/I181369854"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5057044885"],"corresponding_institution_ids":["https://openalex.org/I181369854"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.09005526,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"5","issue":"3","first_page":"1","last_page":"20"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7712812423706055},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7315725684165955},{"id":"https://openalex.org/keywords/covert","display_name":"Covert","score":0.6772831082344055},{"id":"https://openalex.org/keywords/law-enforcement","display_name":"Law enforcement","score":0.6281993985176086},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.6244478225708008},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.6239098310470581},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.4915662705898285},{"id":"https://openalex.org/keywords/vendor","display_name":"Vendor","score":0.4572635889053345},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.4328552484512329},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.3428781032562256},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.1963823139667511},{"id":"https://openalex.org/keywords/law","display_name":"Law","score":0.19577434659004211},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.09581014513969421}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7712812423706055},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7315725684165955},{"id":"https://openalex.org/C2779338814","wikidata":"https://www.wikidata.org/wiki/Q5179285","display_name":"Covert","level":2,"score":0.6772831082344055},{"id":"https://openalex.org/C2780262971","wikidata":"https://www.wikidata.org/wiki/Q44554","display_name":"Law enforcement","level":2,"score":0.6281993985176086},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.6244478225708008},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.6239098310470581},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.4915662705898285},{"id":"https://openalex.org/C2777338717","wikidata":"https://www.wikidata.org/wiki/Q1762621","display_name":"Vendor","level":2,"score":0.4572635889053345},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.4328552484512329},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3428781032562256},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.1963823139667511},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.19577434659004211},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.09581014513969421},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3680294","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3680294","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3680294","source":{"id":"https://openalex.org/S4210235901","display_name":"Digital Threats Research and Practice","issn_l":"2576-5337","issn":["2576-5337","2692-1626"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Digital Threats: Research and Practice","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1145/3680294","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3680294","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3680294","source":{"id":"https://openalex.org/S4210235901","display_name":"Digital Threats Research and Practice","issn_l":"2576-5337","issn":["2576-5337","2692-1626"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Digital Threats: Research and Practice","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.8199999928474426}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4400885733.pdf"},"referenced_works_count":23,"referenced_works":["https://openalex.org/W157582757","https://openalex.org/W791694307","https://openalex.org/W992690141","https://openalex.org/W1963957521","https://openalex.org/W2018174446","https://openalex.org/W2093972407","https://openalex.org/W2114381667","https://openalex.org/W2820688723","https://openalex.org/W2885965503","https://openalex.org/W2890576169","https://openalex.org/W2912606234","https://openalex.org/W3094885733","https://openalex.org/W3104625507","https://openalex.org/W3127135009","https://openalex.org/W3157587990","https://openalex.org/W3205577829","https://openalex.org/W3215735523","https://openalex.org/W4250967659","https://openalex.org/W4297324204","https://openalex.org/W4311111731","https://openalex.org/W4383199682","https://openalex.org/W4400346372","https://openalex.org/W6964269915"],"related_works":["https://openalex.org/W17155033","https://openalex.org/W3207760230","https://openalex.org/W1496222301","https://openalex.org/W1590307681","https://openalex.org/W2536018345","https://openalex.org/W4312814274","https://openalex.org/W4285370786","https://openalex.org/W2296488620","https://openalex.org/W2971540978","https://openalex.org/W2150732388"],"abstract_inverted_index":{"Remote":[0],"forensic":[1,104,117,185],"investigations,":[2],"i.e.,":[3],"the":[4,19,31,76,115,141,149,158,170],"covert":[5],"lawful":[6],"infiltration":[7],"of":[8,21,160,183,192],"computing":[9],"devices,":[10],"are":[11],"a":[12,67,93,98,122,135,154,174,189],"generic":[13],"method":[14],"to":[15,33,45,74,113,130,144,148],"acquire":[16],"evidence":[17],"in":[18,58,66,89,173],"presence":[20],"strong":[22],"defensive":[23],"security.":[24],"A":[25],"precondition":[26],"for":[27,69,168],"such":[28,47,81],"investigations":[29],"is":[30,50,112,195],"ability":[32],"execute":[34,131],"software":[35,55,118],"with":[36],"sufficient":[37],"privileges":[38,147],"on":[39,153,197],"target":[40],"devices.":[41],"The":[42,110],"standard":[43],"way":[44],"achieve":[46],"remote":[48,87,103,116,184],"access":[49,88,105],"by":[51,126,140],"exploiting":[52],"yet":[53],"unpatched":[54],"vulnerabilities.":[56],"This":[57],"turn":[59],"puts":[60],"other":[61],"users":[62],"at":[63],"risk,":[64],"resulting":[65],"dilemma":[68],"state":[70],"authorities":[71],"that":[72,85,100,194],"aim":[73],"protect":[75],"general":[77],"public":[78],"(by":[79],"patching":[80],"vulnerabilities)":[82],"and":[83,134,181],"those":[84],"need":[86],"criminal":[90,161],"investigations.":[91],"As":[92],"partial":[94],"solution,":[95],"we":[96,177],"present":[97],"framework":[99],"enables":[101],"privileged":[102,108],"without":[106],"using":[107],"exploits.":[109],"idea":[111],"separate":[114],"into":[119],"two":[120],"parts:":[121],"Forensic":[123,150],"Software,":[124,138],"designed":[125],"law":[127],"enforcement":[128],"agencies":[129],"investigative":[132],"actions,":[133],"(privileged)":[136],"Control":[137,171],"provided":[139],"device":[142],"vendor":[143],"selectively":[145],"grant":[146],"Software":[151,172],"based":[152,196],"court":[155],"warrant":[156],"within":[157],"rules":[159],"procedure.":[162],"By":[163],"leveraging":[164],"trusted":[165],"execution":[166],"environments":[167],"running":[169],"tamper-proof":[175],"manner,":[176],"enable":[178],"trustful":[179],"deployment":[180],"operation":[182],"software.":[186],"We":[187],"provide":[188],"proof-of-concept":[190],"implementation":[191],"InvesTEE":[193],"ARMv8-A":[198],"TrustZone.":[199]},"counts_by_year":[],"updated_date":"2025-11-06T06:51:31.235846","created_date":"2025-10-10T00:00:00"}