Open Access. Powered by Scholars. Published by Universities.®

Computer Engineering Commons

Open Access. Powered by Scholars. Published by Universities.®

Articles 1 - 16 of 16

Full-Text Articles in Computer Engineering

A Survey Of Social Network Forensics, Umit Karabiyik, Muhammed Abdullah Canbaz, Ahmet Aksoy, Tayfun Tuna, Esra Akbas, Bilal Gonen, Ramazan S. Aygun Dec 2016

A Survey Of Social Network Forensics, Umit Karabiyik, Muhammed Abdullah Canbaz, Ahmet Aksoy, Tayfun Tuna, Esra Akbas, Bilal Gonen, Ramazan S. Aygun

Journal of Digital Forensics, Security and Law

Social networks in any form, specifically online social networks (OSNs), are becoming a part of our everyday life in this new millennium especially with the advanced and simple communication technologies through easily accessible devices such as smartphones and tablets. The data generated through the use of these technologies need to be analyzed for forensic purposes when criminal and terrorist activities are involved. In order to deal with the forensic implications of social networks, current research on both digital forensics and social networks need to be incorporated and understood. This will help digital forensics investigators to predict, detect and even prevent ...


In-The-Wild Residual Data Research And Privacy, William B. Glisson, Tim Storer, Andrew Blyth, George Grispos, Matt Campbell Jan 2016

In-The-Wild Residual Data Research And Privacy, William B. Glisson, Tim Storer, Andrew Blyth, George Grispos, Matt Campbell

Journal of Digital Forensics, Security and Law

As the world becomes increasingly dependent on technology, researchers in both industry and academia endeavor to understand how technology is used, the impact it has on everyday life, the artifact life-cycle and overall integrations of digital information. In doing so, researchers are increasingly gathering 'real-world' or 'in-the-wild' residual data, obtained from a variety of sources, without the explicit consent of the original owners. This data gathering raises significant concerns regarding privacy, ethics and legislation, as well as practical considerations concerning investigator training, data storage, overall security and data disposal. This research surveys recent studies of residual data gathered in-the-wild and ...


A 3-D Stability Analysis Of Lee Harvey Oswald In The Backyard Photo, Srivamshi Pittala, Emily Whiting, Hany Farid Jan 2015

A 3-D Stability Analysis Of Lee Harvey Oswald In The Backyard Photo, Srivamshi Pittala, Emily Whiting, Hany Farid

Journal of Digital Forensics, Security and Law

Fifty years have passed since the assassination of U.S. President Kennedy. Despite the long passage of time, it is still argued that the famous backyard photo of Oswald, holding the same type of rifle used to assassinate the President, is a fake. These claims include, among others, that Oswald’s pose in the photo is physically implausible. We describe a detailed 3-D stability analysis to determine if this claim is warranted.


Exploring The Use Of Plc Debugging Tools For Digital Forensic Investigations On Scada Systems, Tina Wu, Jason R.C. Nurse Jan 2015

Exploring The Use Of Plc Debugging Tools For Digital Forensic Investigations On Scada Systems, Tina Wu, Jason R.C. Nurse

Journal of Digital Forensics, Security and Law

The Stuxnet malware attack has provided strong evidence for the development of a forensic capability to aid in thorough post-incident investigations. Current live forensic tools are typically used to acquire and examine memory from computers running either Windows or Unix. This makes them incompatible with embedded devices found on SCADA systems that have their own bespoke operating system. Currently, only a limited number of forensics tools have been developed for SCADA systems, with no development of tools to acquire the program code from PLCs. In this paper, we explore this problem with two main hypotheses in mind. Our first hypothesis ...


The Use Of Ontologies In Forensic Analysis Of Smartphone Content, Mohammed Alzaabi, Thomas A. Martin, Kamal Taha, Andy Jones Jan 2015

The Use Of Ontologies In Forensic Analysis Of Smartphone Content, Mohammed Alzaabi, Thomas A. Martin, Kamal Taha, Andy Jones

Journal of Digital Forensics, Security and Law

Digital forensics investigators face a constant challenge in keeping track with evolving technologies such as smartphones. Analyzing the contents of these devices to infer useful information is becoming more time consuming as the volume and complexity of data are increasing. Typically, such analysis is undertaken by a human, which makes it dependent on the experience of the investigator. To overcome such impediments, an automated technique can be utilized in order to aid the investigator to quickly and eciently analyze the data.In this paper, we propose F-DOS; a set of ontologies that models the smartphone content for the purpose of ...


Computer Forensic Projects For Accountants, Grover S. Kearns Jan 2015

Computer Forensic Projects For Accountants, Grover S. Kearns

Journal of Digital Forensics, Security and Law

Digital attacks on organizations are becoming more common and more sophisticated. Firms are interested in providing data security and having an effective means to respond to attacks. Accountants possess important investigative and analytical skills that serve to uncover fraud in forensic investigations. Some accounting students take courses in forensic accounting but few colleges offer a course in computer forensics for accountants. Educators wishing to develop such a course may find developing the curriculum daunting. A major element of such a course is the use of forensic software. This paper argues the importance of computer forensics to accounting students and offers ...


On The Network Performance Of Digital Evidence Acquisition Of Small Scale Devices Over Public Networks, Irvin Homem, Spyridon Dosis Jan 2015

On The Network Performance Of Digital Evidence Acquisition Of Small Scale Devices Over Public Networks, Irvin Homem, Spyridon Dosis

Journal of Digital Forensics, Security and Law

While cybercrime proliferates – becoming more complex and surreptitious on the Internet – the tools and techniques used in performing digital investigations are still largely lagging behind, effectively slowing down law enforcement agencies at large. Real-time remote acquisition of digital evidence over the Internet is still an elusive ideal in the combat against cybercrime. In this paper we briefly describe the architecture of a comprehensive proactive digital investigation system that is termed as the Live Evidence Information Aggregator (LEIA). This system aims at collecting digital evidence from potentially any device in real time over the Internet. Particular focus is made on the ...


Technology Corner Visualising Forensic Data: Evidence (Part 1), Damian Schofield, Ken Fowle Jan 2013

Technology Corner Visualising Forensic Data: Evidence (Part 1), Damian Schofield, Ken Fowle

Journal of Digital Forensics, Security and Law

Visualisation is becoming increasingly important for understanding information, such as investigative data (for example: computing, medical and crime scene evidence) and analysis (for example: network capability assessment, data file reconstruction and planning scenarios). Investigative data visualisation is used to reconstruct a scene or item and is used to assist the viewer (who may well be a member of the general public with little or no understanding of the subject matter) to understand what is being presented. Analysis visualisations, on the other hand, are usually developed to review data, information and assess competing scenario hypotheses for those who usually have an ...


Technology Corner: Visualising Forensic Data: Evidence Guidelines (Part 2), Damian Schofield, Ken Fowle Jan 2013

Technology Corner: Visualising Forensic Data: Evidence Guidelines (Part 2), Damian Schofield, Ken Fowle

Journal of Digital Forensics, Security and Law

Visualisation is becoming increasingly important for understanding information, such as investigative data (for example: computing, medical and crime scene evidence) and analysis (for example, network capability assessment, data file reconstruction and planning scenarios). Investigative data visualisation is used to reconstruct a scene or item and is used to assist the viewer (who may well be a member of the general public with little or no understanding of the subject matter) to understand what is being presented. Analysis visualisations, on the other hand, are usually developed to review data, information and assess competing scenario hypotheses for those who usually have an ...


On The Development Of A Digital Forensics Curriculum, Manghui Tu, Dianxiang Xu, Samsuddin Wira, Cristian Balan, Kyle Cronin Jan 2012

On The Development Of A Digital Forensics Curriculum, Manghui Tu, Dianxiang Xu, Samsuddin Wira, Cristian Balan, Kyle Cronin

Journal of Digital Forensics, Security and Law

Computer Crime and computer related incidents continue their prevalence and frequency, resulting in losses approaching billions of dollars. To fight against these crimes and frauds, it is urgent to develop digital forensics education programs to train a suitable workforce that can effectively investigate computer crimes and incidents. There is presently no standard to guide the design of digital forensics curriculum for an academic program. In this research, previous work on digital forensics curriculum design and existing education programs are thoroughly investigated. Both digital forensics educators and practitioners were surveyed and results were analyzed to determine the industry and law enforcement ...


Survey On Cloud Forensics And Critical Criteria For Cloud Forensic Capability: A Preliminary Analysis, Keyun Ruan, Ibrahim Baggili, Joe Carthy, Tahar Kechadi Jan 2011

Survey On Cloud Forensics And Critical Criteria For Cloud Forensic Capability: A Preliminary Analysis, Keyun Ruan, Ibrahim Baggili, Joe Carthy, Tahar Kechadi

Electrical & Computer Engineering and Computer Science Faculty Publications

In this paper we present the current results and analysis of the survey “Cloud forensics and critical criteria for cloud forensic capability” carried out towards digital forensic experts and practitioners. This survey was created in order to gain a better understanding on some of the key questions of the new field - cloud forensics - before further research and development. We aim to understand concepts such as its definition, the most challenging issues, most valuable research directions, and the critical criteria for cloud forensic capability.


Clustering Spam Domains And Destination Websites: Digital Forensics With Data Mining, Chun Wei, Alan Sprague, Gary Warner, Anthony Skjellum Jan 2010

Clustering Spam Domains And Destination Websites: Digital Forensics With Data Mining, Chun Wei, Alan Sprague, Gary Warner, Anthony Skjellum

Journal of Digital Forensics, Security and Law

Spam related cyber crimes have become a serious threat to society. Current spam research mainly aims to detect spam more effectively. We believe the identification and disruption of the supporting infrastructure used by spammers is a more effective way of stopping spam than filtering. The termination of spam hosts will greatly reduce the profit a spammer can generate and thwart his ability to send more spam. This research proposes an algorithm for clustering spam domains extracted from spam emails based on the hosting IP addresses and tracing the IP addresses over a period of time. The results show that many ...


The Impact Of Hard Disk Firmware Steganography On Computer Forensics, Iain Sutherland, Gareth Davies, Nick Pringle, Andrew Blyth Jan 2009

The Impact Of Hard Disk Firmware Steganography On Computer Forensics, Iain Sutherland, Gareth Davies, Nick Pringle, Andrew Blyth

Journal of Digital Forensics, Security and Law

The hard disk drive is probably the predominant form of storage media and is a primary data source in a forensic investigation. The majority of available software tools and literature relating to the investigation of the structure and content contained within a hard disk drive concerns the extraction and analysis of evidence from the various file systems which can reside in the user accessible area of the disk. It is known that there are other areas of the hard disk drive which could be used to conceal information, such as the Host Protected Area and the Device Configuration Overlay. There ...


An Evaluation Of Windows-Based Computer Forensics Application Software Running On A Macintosh, Gregory H. Carlton Jan 2008

An Evaluation Of Windows-Based Computer Forensics Application Software Running On A Macintosh, Gregory H. Carlton

Journal of Digital Forensics, Security and Law

The two most common computer forensics applications perform exclusively on Microsoft Windows Operating Systems, yet contemporary computer forensics examinations frequently encounter one or more of the three most common operating system environments, namely Windows, OS-X, or some form of UNIX or Linux. Additionally, government and private computer forensics laboratories frequently encounter budget constraints that limit their access to computer hardware. Currently, Macintosh computer systems are marketed with the ability to accommodate these three common operating system environments, including Windows XP in native and virtual environments. We performed a series of experiments to measure the functionality and performance of the two ...


The Forensics Aspects Of Event Data Recorders, Jeremy S. Daily, Nathan Singleton, Elizabeth Downing, Gavin W. Manes Jan 2008

The Forensics Aspects Of Event Data Recorders, Jeremy S. Daily, Nathan Singleton, Elizabeth Downing, Gavin W. Manes

Journal of Digital Forensics, Security and Law

The proper generation and preservation of digital data from Event Data Recorders (EDRs) can provide invaluable evidence to automobile crash reconstruction investigations. However, data collected from the EDR can be difficult to use and authenticate, complicating the presentation of such information as evidence in legal proceedings. Indeed, current techniques for removing and preserving such data do not meet the court’s standards for electronic evidence. Experimentation with an EDR unit from a 2001 GMC Sierra pickup truck highlighted particular issues with repeatability of results. Fortunately, advances in the digital forensics field and memory technology can be applied to EDR analysis ...


Providing A Foundation For Analysis Of Volatile Data Stores, Timothy Vidas Jan 2007

Providing A Foundation For Analysis Of Volatile Data Stores, Timothy Vidas

Journal of Digital Forensics, Security and Law

Current threats against typical computer systems demonstrate a need for forensic analysis of memory-resident data in addition to the conventional static analysis common today. Certain attacks and types of malware exist solely in memory and leave little or no evidentiary information on nonvolatile stores such as a hard disk drive. The desire to preserve system state at the time of response may even warrant memory acquisition independent of perceived threats and the ability to analyze the acquired duplicate.

Tools capable of duplicating various types of volatile data stores are becoming widely available. Once the data store has been duplicated, current ...