Digital Commons Network^™

Front Matter

Journal of Digital Forensics, Security and Law

No abstract provided.

Deepfuzzer: Accelerated Deep Greybox Fuzzing, Jie Liang, Yu Jiang, Mingzhe Wang, Houbing Song, Kim-Kwang Raymond Choo

Publications

Fuzzing is one of the most effective vulnerability detection techniques, widely used in practice. However, the performance of fuzzers may be limited by their inability to pass complicated checks, inappropriate mutation frequency, arbitrary mutation strategy, or the variability of the environment. In this paper, we present DeepFuzzer, an enhanced greybox fuzzer with qualified seed generation, balanced seed selection, and hybrid seed mutation. First, we use symbolic execution in a lightweight approach to generate qualified initial seeds which then guide the fuzzer through complex checks. Second, we apply a statistical seed selection algorithm to balance the mutation frequency between different seeds. …

Fast Forensic Triage Using Centralised Thumbnail Caches On Windows Operating Systems, Sean Mckeown, Gordon Russell, Petra Leimich

Journal of Digital Forensics, Security and Law

A common investigative task is to identify known contraband images on a device, which typically involves calculating cryptographic hashes for all the files on a disk and checking these against a database of known contraband. However, modern drives are now so large that it can take several hours just to read this data from the disk, and can contribute to the large investigative backlogs suffered by many law enforcement bodies. Digital forensic triage techniques may thus be used to prioritise evidence and effect faster investigation turnarounds. This paper proposes a new forensic triage method for investigating disk evidence relating to …

Improved Decay Tolerant Inference Of Previously Uninstalled Computer Applications, Oluwaseun Adegbehingbe, James Jones

Journal of Digital Forensics, Security and Law

When an application is uninstalled from a computer system, the application’s deleted file contents are overwritten over time, depending on factors such as operating system, available unallocated disk space, user activity, etc. As this content decays, the ability to infer the application’s prior presence, based on the remaining digital artifacts, becomes more difficult. Prior research inferring previously installed applications by matching sectors from a hard disk of interest to a previously constructed catalog of labeled sector hashes showed promising results. This prior work used a white list approach to identify relevant artifacts, resulting in no irrelevant artifacts but incurring the …

Memoryranger Prevents Highjacking File_Object Structures In Windows Kernel, Igor Korkin

Journal of Digital Forensics, Security and Law

Windows OS kernel memory is one of the main targets of cyber-attacks. By launching such attacks, hackers are succeeding in process privilege escalation and tampering users’ data by accessing kernel-mode memory. This paper considers a new example of such an attack, which results in access to the files opened in an exclusive mode. Windows built-in security features prevent such a legal access, but attackers can circumvent them by patching dynamically allocated objects. The research shows that the newest Windows 10 x64 is vulnerable to this attack. The paper provides an example of using MemoryRanger, a hypervisor- based solution to prevent …

Blocks' Network: Redesign Architecture Based On Blockchain Technology, Moataz Hanif

Doctoral Dissertations and Master's Theses

The Internet is a global network that uses communication protocols. It is considered the most important system reached by humanity, which no one can abandon. However, this technology has become a weapon that threatens the privacy of users, especially in the client-server model, where data is stored and managed privately. Additionally, users have no power over their data that store in a private server, which means users’ data may interrupt by government or might be sold via service provider for-profit purposes. Furthermore, blockchain is a technology that we can rely on to solve issues related to client-server model if appropriately …

Design Of Personnel Big Data Management System Based On Blockchain, Houbing Song, Jian Chen, Zhihan Lv

Publications

With the continuous development of information technology, enterprises, universities and governments are constantly stepping up the construction of electronic personnel information management system. The information of hundreds of thousands or even millions of people’s information are collected and stored into the system. So much information provides the cornerstone for the development of big data, if such data is tampered with or leaked, it will cause irreparable serious damage. However, in recent years, electronic archives have exposed a series of problems such as information leakage, information tampering, and information loss, which has made the reform of personnel information management more and …

Adaboost‑Based Security Level Classifcation Of Mobile Intelligent Terminals, Feng Wang, Houbing Song, Dingde Jiang, Hong Wen

Publications

With the rapid development of Internet of Things, massive mobile intelligent terminals are ready to access edge servers for real-time data calculation and interaction. However, the risk of private data leakage follows simultaneously. As the administrator of all intelligent terminals in a region, the edge server needs to clarify the ability of the managed intelligent terminals to defend against malicious attacks. Therefore, the security level classification for mobile intelligent terminals before accessing the network is indispensable. In this paper, we firstly propose a safety assessment method to detect the weakness of mobile intelligent terminals. Secondly, we match the evaluation results …

Front Matter

Journal of Digital Forensics, Security and Law

No abstract provided.

Examining The Correlates Of Failed Drdos Attacks, Thomas Hyslip, Thomas Holt

Journal of Digital Forensics, Security and Law

Over the last decade, there has been a rise in cybercrime services offered on a feefor- service basis, enabling individuals to direct attacks against various targets. One of the recent services offered involves stresser or booter operators, who offer distributed reflected denial of service (DRDoS) attacks on an hourly or subscription basis. These attacks involve the use of malicious traffic reflected off of webservers to increase the volume of traffic, which is directed toward websites and servers rendering them unusable. Researchers have examined DRDoS attacks using realtime data, though few have considered the experience of their customers and the factors …

Df 2.0: An Automated, Privacy Preserving, And Efficient Digital Forensic Framework That Leverages Machine Learning For Evidence Prediction And Privacy Evaluation, Robin Verma, Jayaprakash Govindaraj Dr, Saheb Chhabra, Gaurav Gupta

Journal of Digital Forensics, Security and Law

The current state of digital forensic investigation is continuously challenged by the rapid technological changes, the increase in the use of digital devices (both the heterogeneity and the count), and the sheer volume of data that these devices could contain. Although data privacy protection is not a performance measure, however, preventing privacy violations during the digital forensic investigation, is also a big challenge. With a perception that the completeness of investigation and the data privacy preservation are incompatible with each other, the researchers have provided solutions to address the above-stated challenges that either focus on the effectiveness of the investigation …

Enhancing Forensic-Tool Security With Rust: Development Of A String Extraction Utility, Jens Getreu, Olaf Maennel

Journal of Digital Forensics, Security and Law

The paper evaluates the suitability of the Rust ecosystem for forensic tool development. As a case study, a forensic tool named Stringsext is developed. Starting from analyzing the specefic requirements of forensic software in general and those of the present case study, all stages of the software development life-cycle are executed and evaluated. Stringsext is a re-implementation and enhancement of the GNU-strings tool, a widely used program in forensic investigations. Stringsext recognizes Cyrillic, CJKV East Asian characters and other scripts in all supported multi-byte-encodings while GNU-strings fails in finding these in UTF-16 and other encodings. During the case study it …

Forensic Cell Site Analysis: Mobile Network Operator Evidence Integrity Maintenance Research, John B. Minor

Journal of Digital Forensics, Security and Law

Mobile Network Operator (MNO) and Mobile Virtual Network Operator (MVNO) evidence have become an important evidentiary focus in the courtroom. This type of evidence is routinely produced as business records under U.S. Federal Rules of Evidence for use in the emerging discipline of Forensic Cell Site Analysis. The research was undertaken to determine if evidence produced by operators should be classified as digital evidence and, if so, what evidence handling methodologies are appropriate to ensure evidence integrity. This research project resulted in the creation of a method of determining if business records produced by MNO/MVNO organizations are digital evidence and …

Data Mining And Machine Learning To Improve Northern Florida’S Foster Care System, Daniel Oldham, Nathan Foster, Mihhail Berezovski

Beyond: Undergraduate Research Journal

The purpose of this research project is to use statistical analysis, data mining, and machine learning techniques to determine identifiable factors in child welfare service records that could lead to a child entering the foster care system multiple times. This would allow us the capability of accurately predicting a case’s outcome based on these factors. We were provided with eight years of data in the form of multiple spreadsheets from Partnership for Strong Families (PSF), a child welfare services organization based in Gainesville, Florida, who is contracted by the Florida Department for Children and Families (DCF). This data contained a …

Forensic Analysis Of Spy Applications In Android Devices, Shinelle Hutchinson, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

Smartphones with Google's Android operating system are becoming more and more popular each year, and with this increased user base, comes increased opportunities to collect more of these users' private data. There have been several instances of malware being made available via the Google Play Store, which is one of the predominant means for users to download applications. One effective way of collecting users' private data is by using Android Spyware. In this paper, we conduct a forensic analysis of a malicious Android spyware application and present our findings. We also highlight what information the application accesses and what it …

Cybersecurity In The Maritime Domain, Gary C. Kessler

Publications

In 2017 and 2018, the maritime industry saw a record number of attempted—and many successful—frauds via email, phishing, or other means. Demonstrated and actual attacks on vessel networks, communication systems, and navigation systems have become practically routine. Port and shipping line networks are increasingly vulnerable to what appears to be increasingly targeted attacks against maritime systems.

Alpha Insurance: A Predictive Analytics Case To Analyze Automobile Insurance Fraud Using Sas Enterprise Miner (Tm), Richard Mccarthy, Wendy Ceccucci, Mary Mccarthy, Leila Halawi

Publications

Automobile Insurance fraud costs the insurance industry billions of dollars annually. This case study addresses claim fraud based on data extracted from Alpha Insurance’s automobile claim database. Students are provided the business problem and data sets. Initially, the students are required to develop their hypotheses and analyze the data. This includes identification of any missing or inaccurate data values and outliers as well as evaluation of the 22 variables. Next students will develop and optimize their predictive models using five techniques: regression, decision tree, neural network, gradient boosting, and ensemble. Then students will determine which model is the best fit …

A Framework To Reveal Clandestine Organ Trafficking In The Dark Web And Beyond, Michael P. Heinl, Bo Yu, Duminda Wijesekera

Journal of Digital Forensics, Security and Law

Due to the scarcity of transplantable organs, patients have to wait on long lists for many years to get a matching kidney. This scarcity has created an illicit market place for wealthy recipients to avoid long waiting times. Brokers arrange such organ transplants and collect most of the payment that is sometimes channeled to fund other illicit activities. In order to collect and disburse payments, they often resort to money laundering-like schemes of money transfers. As the low-cost Internet arrives in some of the affected countries, social media and the dark web are used to illegally trade human organs. This …

Front Matter

Journal of Digital Forensics, Security and Law

No abstract provided.

Digital Forensics, A Need For Credentials And Standards, Nima Zahadat

Journal of Digital Forensics, Security and Law

The purpose of the conducted study was to explore the credentialing of digital forensic investigators, drawing from applicable literature. A qualitative, descriptive research design was adopted which entailed searching across Google Scholar and ProQuest databases for peer reviewed articles on the subject matter. The resulting scholarship was vetted for timeliness and relevance prior to identification of key ideas on credentialing. The findings of the study indicated that though credentialing was a major issue in digital forensics with an attentive audience of stakeholders, it had been largely overshadowed by the fundamental curricula problems in the discipline. A large portion of research …

Astria Ontology: Open, Standards-Based, Data-Aggregated Representation Of Space Objects, Jennie Wolfgang, Kathleen Krysher, Michael Slovenski, Unmil P. Karadkar, Shiva Iyer, Moriba K. Jah

Space Traffic Management Conference

The necessity for standards-based ontologies for long-term sustainability of space operations and safety of increasing space flights has been well-established [6, 7]. Current ontologies, such as DARPA’s OrbitOutlook [5], are not publicly available, complicating efforts for their broad adoption. Most sensor data is siloed in proprietary databases [2] and provided only to authorized users, further complicating efforts to create a holistic view of resident space objects (RSOs) in order to enhance space situational awareness (SSA).

The ASTRIA project is developing an open data model with the goal of aggregating data about RSOs, parts, space weather, and governing policies in order …

Chip-Off Success Rate Analysis Comparing Temperature And Chip Type, Choli Ence, Joan Runs Through, Gary D. Cantrell

Journal of Digital Forensics, Security and Law

Throughout the digital forensic community, chip-off analysis provides examiners with a technique to obtain a physical acquisition from locked or damaged digital device. Thermal based chip-analysis relies upon the application of heat to remove the flash memory chip from the circuit board. Occasionally, a flash memory chip fails to successfully read despite following similar protocols as other flash memory chips. Previous research found the application of high temperatures increased the number of bit errors present in the flash memory chip. The purpose of this study is to analyze data collected from chip-off analyses to determine if a statistical difference exists …

An Overview Of Cryptography (Updated Version 24 January 2019), Gary C. Kessler

Publications

There are many aspects to security and many applications, ranging from secure commerce and payments to private communications and protecting health care information. One essential aspect for secure communications is that of cryptography. But it is important to note that while cryptography is necessary for secure communications, it is not by itself sufficient. The reader is advised, then, that the topics covered here only describe the first of many steps necessary for better security in any number of situations.

Artificial Intelligence In The Aviation Manufacturing Process For Complex Assemblies And Components, Elena Vishnevskaya, Ian Mcandrew, Michael Johnson

Publications

Aviation manufacturing is at the leading edge of technology with materials, designs and processes where automation is not only integral; but complex systems require more advanced systems to produce and verify processes. Critical Infrastructure theory is now used to protect systems and equipment from external software infections and cybersecurity techniques add an extra layer of protection. In this research, it is argued that Artificial Intelligence can reduce these risks and allow complex processes to be less exposed to the threat of external problems, internal errors or mistakes in operation.

Speech Interfaces And Pilot Performance: A Meta-Analysis, Kenneth A. Ward

International Journal of Aviation, Aeronautics, and Aerospace

As the aviation industry modernizes, new technology and interfaces must support growing aircraft complexity without increasing pilot workload. Natural language processing presents just such a simple and intuitive interface, yet the performance implications for use by pilots remain unknown. A meta-analysis was conducted to understand performance effects of using speech and voice interfaces in a series of pilot task analogs. The inclusion criteria selected studies that involved participants performing a demanding primary task, such as driving, while interacting with a vehicle system to enter numbers, dial radios, or enter a navigation destination. Compared to manual system interfaces, voice interfaces reduced …