Open Access. Powered by Scholars. Published by Universities.®

Computer Engineering Commons

Open Access. Powered by Scholars. Published by Universities.®

Digital Communications and Networking

Conference

Annual ADFSL Conference on Digital Forensics, Security and Law

Articles 1 - 3 of 3

Full-Text Articles in Computer Engineering

Source Anonymization Of Digital Images: A Counter–Forensic Attack On Prnu Based Source Identification Techniques, Prithviraj Sengupta, Venkata Udaya Sameer, Ruchira Naskar, Ezhil Kalaimannan May 2017

Source Anonymization Of Digital Images: A Counter–Forensic Attack On Prnu Based Source Identification Techniques, Prithviraj Sengupta, Venkata Udaya Sameer, Ruchira Naskar, Ezhil Kalaimannan

Annual ADFSL Conference on Digital Forensics, Security and Law

A lot of photographers and human rights advocates need to hide their identity while sharing their images on the internet. Hence, source–anonymization of digital images has become a critical issue in the present digital age. The current literature contains a number of digital forensic techniques for “source–identification” of digital images, one of the most efficient of them being Photo–Response Non–Uniformity (PRNU) sensor noise pattern based source detection. PRNU noise pattern being unique to every digital camera, such techniques prove to be highly robust way of source–identification. In this paper, we propose a counter–forensic technique ...


Harnessing Predictive Models For Assisting Network Forensic Investigations Of Dns Tunnels, Irvin Homem, Panagiotis Papapetrou May 2017

Harnessing Predictive Models For Assisting Network Forensic Investigations Of Dns Tunnels, Irvin Homem, Panagiotis Papapetrou

Annual ADFSL Conference on Digital Forensics, Security and Law

In recent times, DNS tunneling techniques have been used for malicious purposes, however network security mechanisms struggle to detect them. Network forensic analysis has been proven effective, but is slow and effort intensive as Network Forensics Analysis Tools struggle to deal with undocumented or new network tunneling techniques. In this paper, we present a machine learning approach, based on feature subsets of network traffic evidence, to aid forensic analysis through automating the inference of protocols carried within DNS tunneling techniques. We explore four network protocols, namely, HTTP, HTTPS, FTP, and POP3. Three features are extracted from the DNS tunneled traffic ...


An Accidental Discovery Of Iot Botnets And A Method For Investigating Them With A Custom Lua Dissector, Max Gannon, Gary Warner, Arsh Arora May 2017

An Accidental Discovery Of Iot Botnets And A Method For Investigating Them With A Custom Lua Dissector, Max Gannon, Gary Warner, Arsh Arora

Annual ADFSL Conference on Digital Forensics, Security and Law

This paper presents a case study that occurred while observing peer-to-peer network communications on a botnet monitoring station and shares how tools were developed to discover what ultimately was identified as Mirai and many related IoT DDOS Botnets. The paper explains how researchers developed a customized protocol dissector in Wireshark using the Lua coding language, and how this enabled them to quickly identify new DDOS variants over a five month period of study.