Open Access. Powered by Scholars. Published by Universities.®
- Discipline
Articles 1 - 7 of 7
Full-Text Articles in Computer Engineering
A Novel Privacy Preserving User Identification Approach For Network Traffic, Nathan Clarke, Fudong Li, Steven Furnell
A Novel Privacy Preserving User Identification Approach For Network Traffic, Nathan Clarke, Fudong Li, Steven Furnell
Research outputs 2014 to 2021
The prevalence of the Internet and cloud-based applications, alongside the technological evolution of smartphones, tablets and smartwatches, has resulted in users relying upon network connectivity more than ever before. This results in an increasingly voluminous footprint with respect to the network traffic that is created as a consequence. For network forensic examiners, this traffic represents a vital source of independent evidence in an environment where anti-forensics is increasingly challenging the validity of computer-based forensics. Performing network forensics today largely focuses upon an analysis based upon the Internet Protocol (IP) address – as this is the only characteristic available. More typically, …
Whatsapp Network Forensics: Decrypting And Understanding The Whatsapp Call Signaling Messages, Filip Karpisek, Ibrahim Baggili, Frank Breitinger
Whatsapp Network Forensics: Decrypting And Understanding The Whatsapp Call Signaling Messages, Filip Karpisek, Ibrahim Baggili, Frank Breitinger
Electrical & Computer Engineering and Computer Science Faculty Publications
WhatsApp is a widely adopted mobile messaging application with over 800 million users. Recently, a calling feature was added to the application and no comprehensive digital forensic analysis has been performed with regards to this feature at the time of writing this paper. In this work, we describe how we were able to decrypt the network traffic and obtain forensic artifacts that relate to this new calling feature which included the: a) WhatsApp phone numbers, b) WhatsApp server IPs, c) WhatsApp audio codec (Opus), d) WhatsApp call duration, and e) WhatsApp's call termination. We explain the methods and tools used …
Cyber Blackbox For Collecting Network Evidence, Jooyoung Lee, Sunoh Choi, Yangseo Choi, Jonghyun Kim, Ikkyun Kim, Youngseok Lee
Cyber Blackbox For Collecting Network Evidence, Jooyoung Lee, Sunoh Choi, Yangseo Choi, Jonghyun Kim, Ikkyun Kim, Youngseok Lee
Australian Digital Forensics Conference
In recent years, the hottest topics in the security field are related to the advanced and persistent attacks. As an approach to solve this problem, we propose a cyber blackbox which collects and preserves network traffic on a virtual volume based WORM device, called EvidenceLock to ensure data integrity for security and forensic analysis. As a strategy to retain traffic for long enough periods, we introduce a deduplication method. Also this paper includes a study on the network evidence which is collected and preserved for analyzing the cause of cyber incident. Then, a method is proposed to suggest a starting …
Network And Device Forensic Analysis Of Android Social-Messaging Applications, Daniel Walnycky, Ibrahim Baggili, Andrew Marrington, Jason Moore, Frank Breitinger
Network And Device Forensic Analysis Of Android Social-Messaging Applications, Daniel Walnycky, Ibrahim Baggili, Andrew Marrington, Jason Moore, Frank Breitinger
Electrical & Computer Engineering and Computer Science Faculty Publications
In this research we forensically acquire and analyze the device-stored data and network traffic of 20 popular instant messaging applications for Android. We were able to reconstruct some or the entire message content from 16 of the 20 applications tested, which reflects poorly on the security and privacy measures employed by these applications but may be construed positively for evidence collection purposes by digital forensic practitioners. This work shows which features of these instant messaging applications leave evidentiary traces allowing for suspect data to be reconstructed or partially reconstructed, and whether network forensics or device forensics permits the reconstruction of …
Preliminary Forensic Analysis Of The Xbox One, Jason Moore, Ibrahim Baggili, Andrew Marrington, Armindo Rodrigues
Preliminary Forensic Analysis Of The Xbox One, Jason Moore, Ibrahim Baggili, Andrew Marrington, Armindo Rodrigues
Electrical & Computer Engineering and Computer Science Faculty Publications
Video game consoles can no longer be viewed as just gaming consoles but rather as full multimedia machines, capable of desktop computer-like performance. The past has shown that game consoles have been used in criminal activities such as extortion, identity theft, and child pornography, but with their ever-increasing capabilities, the likelihood of the expansion of criminal activities conducted on or over the consoles increases. This research aimed to take the initial step of understanding the Xbox One, the most powerful Microsoft console to date. We report the outcome of conducting a forensic examination of the Xbox One, and we provide …
A User-Oriented Network Forensic Analyser: The Design Of A High-Level Protocol Analyser, D Joy, F Li, N L. Clarke, S M. Furnell
A User-Oriented Network Forensic Analyser: The Design Of A High-Level Protocol Analyser, D Joy, F Li, N L. Clarke, S M. Furnell
Australian Digital Forensics Conference
Network forensics is becoming an increasingly important tool in the investigation of cyber and computer-assisted crimes. Unfortunately, whilst much effort has been undertaken in developing computer forensic file system analysers (e.g. Encase and FTK), such focus has not been given to Network Forensic Analysis Tools (NFATs). The single biggest barrier to effective NFATs is the handling of large volumes of low-level traffic and being able to exact and interpret forensic artefacts and their context – for example, being able extract and render application-level objects (such as emails, web pages and documents) from the low-level TCP/IP traffic but also understand how …
Assessing The Legal Risks In Network Forensic Probing, Michael Losavio, Olfa Nasraoui, Vincent Thacker, Jeff Marean, Nick Miles, Roman Yampolskiy, Ibrahim Imam
Assessing The Legal Risks In Network Forensic Probing, Michael Losavio, Olfa Nasraoui, Vincent Thacker, Jeff Marean, Nick Miles, Roman Yampolskiy, Ibrahim Imam
Faculty Scholarship
This paper presents a framework for identifying the legal risks associated with performing network forensics on public networks. The framework is discussed in the context of the Gnutella P2P network protocol for which the legal issues related to authorized access have not yet been addressed.