Open Access. Powered by Scholars. Published by Universities.®

Law Commons

Open Access. Powered by Scholars. Published by Universities.®

Legal Studies

PDF

Annual ADFSL Conference on Digital Forensics, Security and Law

2018

Articles 1 - 14 of 14

Full-Text Articles in Law

Contents, Adfsl May 2018

Contents, Adfsl

Annual ADFSL Conference on Digital Forensics, Security and Law

No abstract provided.


Front Matter, Adfsl May 2018

Front Matter, Adfsl

Annual ADFSL Conference on Digital Forensics, Security and Law

No abstract provided.


Analysis Of Data Erasure Capability On Sshd Drives For Data Recovery, Andrew Blyth May 2018

Analysis Of Data Erasure Capability On Sshd Drives For Data Recovery, Andrew Blyth

Annual ADFSL Conference on Digital Forensics, Security and Law

Data Protection and Computer Forensics/Anti-Forensics has now become a critical area of concern for organizations. A key element to this is how data is sanitized at end of life. In this paper we explore Hybrid Solid State Hybrid Drives (SSHD) and the impact that various Computer Forensics and Data Recovery techniques have when performing data erasure upon a SSHD.


Knowledge Expiration In Security Awareness Training, Tianjian Zhang May 2018

Knowledge Expiration In Security Awareness Training, Tianjian Zhang

Annual ADFSL Conference on Digital Forensics, Security and Law

No abstract provided.


Positive Identification Of Lsb Image Steganography Using Cover Image Comparisons, Michael Pelosi, Nimesh Poudel, Pratap Lamichhane, Devon Lam, Gary Kessler, Joshua Macmonagle May 2018

Positive Identification Of Lsb Image Steganography Using Cover Image Comparisons, Michael Pelosi, Nimesh Poudel, Pratap Lamichhane, Devon Lam, Gary Kessler, Joshua Macmonagle

Annual ADFSL Conference on Digital Forensics, Security and Law

In this paper we introduce a new software concept specifically designed to allow the digital forensics professional to clearly identify and attribute instances of LSB image steganography by using the original cover image in side-by-side comparison with a suspected steganographic payload image. The “CounterSteg” software allows detailed analysis and comparison of both the original cover image and any modified image, using sophisticated bit- and color-channel visual depiction graphics. In certain cases, the steganographic software used for message transmission can be identified by the forensic analysis of LSB and other changes in the payload image. The paper demonstrates usage and typical ...


Exploring The Use Of Graph Databases To Catalog Artifacts For Client Forensics, Rose Shumba May 2018

Exploring The Use Of Graph Databases To Catalog Artifacts For Client Forensics, Rose Shumba

Annual ADFSL Conference on Digital Forensics, Security and Law

Cloud computing has revolutionized the methods by which digital data is stored, processed, and transmitted. It is providing users with data storage and processing services, enabling access to resources through multiple devices. Although organizations continue to embrace the advantages of flexibility and scalability offered by cloud computing, insider threats are becoming a serious concern as cited by security researchers. Insiders can use authorized access to steal sensitive information, calling for the need for an investigation. This concept paper describes research in progress towards developing a Neo4j graph database tool to enhance client forensics. The tool, with a Python interface, allows ...


Non-Use Of A Mobile Phone During Conducting Crime Can Also Be Evidential, Vinod Polpaya Bhattathiripad Ph D May 2018

Non-Use Of A Mobile Phone During Conducting Crime Can Also Be Evidential, Vinod Polpaya Bhattathiripad Ph D

Annual ADFSL Conference on Digital Forensics, Security and Law

Cyber-clever criminals who are aware of the consequence of using mobile phones during conducting crimes often stay away from their phones while involved in crimes. Some of them even change their handset and SIM card, subsequently. This article looks into how, intentional disassociation (and even unintentional non-use) of mobile phone in (non-cyber) crimes, can become evidential clues of the perpetrators’ involvement in criminal acts. With the help of a recent judicial episode, this article reveals how extremely careful and masterful handling of extensive and voluminous Call Details Records and tower dumps by a cyber-savvy investigating official can unearth evidential clues ...


Forensic Analysis Of The Exfat Artifacts, Yves Vandermeer, An Lekhac, Tahar Kechadi, Joe Carthy May 2018

Forensic Analysis Of The Exfat Artifacts, Yves Vandermeer, An Lekhac, Tahar Kechadi, Joe Carthy

Annual ADFSL Conference on Digital Forensics, Security and Law

Although keeping some basic concepts inherited from FAT32, the exFAT file system introduces many differences, such as the new mapping scheme of directory entries. The combination of exFAT mapping scheme with the allocation of bitmap files and the use of FAT leads to new forensic possibilities. The recovery of deleted files, including fragmented ones and carving becomes more accurate compared with former forensic processes. Nowadays, the accurate and sound forensic analysis is more than ever needed, as there is a high risk of erroneous interpretation. Indeed, most of the related work in the literature on exFAT structure and forensics, is ...


Live Gpu Forensics: The Process Of Recovering Video Frames From Nvidia Gpu, Yazeed M. Albabtain, Baijian Yang May 2018

Live Gpu Forensics: The Process Of Recovering Video Frames From Nvidia Gpu, Yazeed M. Albabtain, Baijian Yang

Annual ADFSL Conference on Digital Forensics, Security and Law

The purpose of this research is to apply a graphics processing unit (GPU) forensics method to recover video artifacts from NVIDIA GPU. The tested video specs are 512 x 512 in resolution for video 1 and 800 x 600 in resolution for video 2. Both videos are mpeg4 video codec. A VLC player was used in the experiment. A special program has been developed using OpenCL to recover 1) patterns that are frames consist of pixel values and 2) dump data from the GPU global memory. The dump data that represent the video frame were located using simple steps. The ...


Unmanned Aerial Vehicle Forensic Investigation Process: Dji Phantom 3 Drone As A Case Study, Alan Roder, Kim-Kwang Raymond Choo, Nhien-A Le-Khac May 2018

Unmanned Aerial Vehicle Forensic Investigation Process: Dji Phantom 3 Drone As A Case Study, Alan Roder, Kim-Kwang Raymond Choo, Nhien-A Le-Khac

Annual ADFSL Conference on Digital Forensics, Security and Law

Drones (also known as Unmanned Aerial Vehicles – UAVs) are a potential source of evidence in a digital investigation, partly due to their increasing popularity in our society. However, existing UAV/drone forensics generally rely on conventional digital forensic investigation guidelines such as those of ACPO and NIST, which may not be entirely fit-for-purpose. In this paper, we identify the challenges associated with UAV/drone forensics. We then explore and evaluate existing forensic guidelines, in terms of their effectiveness for UAV/drone forensic investigations. Next, we present our set of guidelines for UAV/drone investigations. Finally, we demonstrate how the proposed ...


Detection And Recovery Of Anti-Forensic (Vault) Applications On Android Devices, Michaila Duncan, Umit Karabiyik May 2018

Detection And Recovery Of Anti-Forensic (Vault) Applications On Android Devices, Michaila Duncan, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

Significant number of mobile device users currently employ anti-forensics applications, also known as vault or locker applications, on their mobile devices in order to hide files such as photos. Because of this, investigators are required to spend a large portion of their time manually looking at the applications installed on the device. Currently, there is no automated method of detecting these anti-forensics applications on an Android device. This work presents the creation and testing of a vault application detection system to be used on Android devices. The main goal of this work is twofold: (i) Detecting and reporting the presence ...


Back Matter, Adfsl Feb 2018

Back Matter, Adfsl

Annual ADFSL Conference on Digital Forensics, Security and Law

No abstract provided.


Front Matter, Adfsl Feb 2018

Front Matter, Adfsl

Annual ADFSL Conference on Digital Forensics, Security and Law

No abstract provided.


Contents, Adfsl Feb 2018

Contents, Adfsl

Annual ADFSL Conference on Digital Forensics, Security and Law

No abstract provided.