Open Access. Powered by Scholars. Published by Universities.®

Computer Engineering Commons

Open Access. Powered by Scholars. Published by Universities.®

Articles 1 - 5 of 5

Full-Text Articles in Computer Engineering

Forensic State Acquisition From Internet Of Things (Fsaiot): A General Framework And Practical Approach For Iot Forensics Through Iot Device State Acquisition, Christopher S. Meffert, Devon R. Clark, Ibrahim Baggili, Frank Breitinger Aug 2017

Forensic State Acquisition From Internet Of Things (Fsaiot): A General Framework And Practical Approach For Iot Forensics Through Iot Device State Acquisition, Christopher S. Meffert, Devon R. Clark, Ibrahim Baggili, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

IoT device forensics is a difficult problem given that manufactured IoT devices are not standardized, many store little to no historical data, and are always connected; making them extremely volatile. The goal of this paper was to address these challenges by presenting a primary account for a general framework and practical approach we term Forensic State Acquisition from Internet of Things (FSAIoT). We argue that by leveraging the acquisition of the state of IoT devices (e.g. if an IoT lock is open or locked), it becomes possible to paint a clear picture of events that have occurred. To this ...


Breaking Into The Vault: Privacy, Security And Forensic Analysis Of Android Vault Applications, Xiaolu Zhang, Ibrahim Baggili, Frank Breitinger Aug 2017

Breaking Into The Vault: Privacy, Security And Forensic Analysis Of Android Vault Applications, Xiaolu Zhang, Ibrahim Baggili, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

In this work we share the first account for the forensic analysis, security and privacy of Android vault applications. Vaults are designed to be privacy enhancing as they allow users to hide personal data but may also be misused to hide incriminating files. Our work has already helped law enforcement in the state of Connecticut to reconstruct 66 incriminating images and 18 videos in a single criminal case. We present case studies and results from analyzing 18 Android vault applications (accounting for nearly 220 million downloads from the Google Play store) by reverse engineering them and examining the forensic artifacts ...


Drop (Drone Open Source Parser) Your Drone: Forensic Analysis Of The Dji Phantom Iii, Devon R. Clark, Christopher S. Meffert, Ibrahim Baggili, Frank Breitinger Jan 2017

Drop (Drone Open Source Parser) Your Drone: Forensic Analysis Of The Dji Phantom Iii, Devon R. Clark, Christopher S. Meffert, Ibrahim Baggili, Frank Breitinger

Electrical & Computer Engineering and Computer Science Faculty Publications

The DJI Phantom III drone has already been used for malicious activities (to drop bombs, remote surveillance and plane watching) in 2016 and 2017. At the time of writing, DJI was the drone manufacturer with the largest market share. Our work presents the primary thorough forensic analysis of the DJI Phantom III drone, and the primary account for proprietary file structures stored by the examined drone. It also presents the forensically sound open source tool DRone Open source Parser (DROP) that parses proprietary DAT files extracted from the drone's nonvolatile internal storage. These DAT files are encrypted and encoded ...


Leveraging The Srtp Protocol For Over-The-Network Memory Acquisition Of A Ge Fanuc Series 90-30, George Denton, Filip Karpisek, Frank Breitinger, Ibrahim Baggili Jan 2017

Leveraging The Srtp Protocol For Over-The-Network Memory Acquisition Of A Ge Fanuc Series 90-30, George Denton, Filip Karpisek, Frank Breitinger, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

Programmable Logic Controllers (PLCs) are common components implemented across many industries such as manufacturing, water management, travel, aerospace and hospitals to name a few. Given their broad deployment in critical systems, they became and still are a common target for cyber attacks; the most prominent one being Stuxnet. Often PLCs (especially older ones) are only protected by an outer line of defense (e.g., a firewall) but once an attacker gains access to the system or the network, there might not be any other defense layers. In this scenario, a forensic investigator should not rely on the existing software as ...


Availability Of Datasets For Digital Forensics–And What Is Missing, Cinthya Grajeda, Frank Breitinger, Ibrahim Baggili Jan 2017

Availability Of Datasets For Digital Forensics–And What Is Missing, Cinthya Grajeda, Frank Breitinger, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

This paper targets two main goals. First, we want to provide an overview of available datasets that can be used by researchers and where to find them. Second, we want to stress the importance of sharing datasets to allow researchers to replicate results and improve the state of the art. To answer the first goal, we analyzed 715 peer-reviewed research articles from 2010 to 2015 with focus and relevance to digital forensics to see what datasets are available and focused on three major aspects: (1) the origin of the dataset (e.g., real world vs. synthetic), (2) if datasets were ...