Open Access. Powered by Scholars. Published by Universities.®

Law Commons

Open Access. Powered by Scholars. Published by Universities.®

Articles 1 - 30 of 292

Full-Text Articles in Law

A Bit Like Cash: Understanding Cash-For-Bitcoin Transactions Through Individual Vendors, Stephanie J. Robberson, Mark R. Mccoy Oct 2018

A Bit Like Cash: Understanding Cash-For-Bitcoin Transactions Through Individual Vendors, Stephanie J. Robberson, Mark R. Mccoy

Journal of Digital Forensics, Security and Law

As technology improves and economies become more globalized, the concept of currency has evolved. Bitcoin, a cryptographic digital currency, has been embraced as a secure and convenient type of money. Due to its security and privacy for the user, Bitcoin is a good tool for conducting criminal trades. The Financial Crimes Enforcement Network (FinCEN) has regulations in place to make identification information of Bitcoin purchasers accessible to law enforcement, but enforcing these rules with cash-for-Bitcoin traders is difficult. This study surveyed cash-for-Bitcoin vendors in Oklahoma, Texas, Arkansas, Missouri, Kansas, Colorado, and New Mexico to determine personal demographic information, knowledge of ...


Digital Forensic Readiness In Organizations: Issues And Challenges, Nickson Menza Karie 275404, Simon Maina Karume Dr. Dec 2017

Digital Forensic Readiness In Organizations: Issues And Challenges, Nickson Menza Karie 275404, Simon Maina Karume Dr.

Journal of Digital Forensics, Security and Law

With the evolution in digital technologies, organizations have been forced to change the way they plan, develop, and enact their information technology strategies. This is because modern digital technologies do not only present new opportunities to business organizations but also a different set of issues and challenges that need to be resolved. With the rising threats of cybercrimes, for example, which have been accelerated by the emergence of new digital technologies, many organizations as well as law enforcement agencies globally are now erecting proactive measures as a way to increase their ability to respond to security incidents as well as ...


Legislative Requirements For Cyber Peacekeeping, Nikolay Akatyev, Joshua I. James Sep 2017

Legislative Requirements For Cyber Peacekeeping, Nikolay Akatyev, Joshua I. James

Journal of Digital Forensics, Security and Law

Cyber Peacekeeping strives for the prevention, mitigation and cessation of cyber and physical conflicts. The creation of a Cyber Peacekeeping organization, however, has major legal and political implications. In this work we review current international legislation applicable for functions of Cyber Peacekeeping. Specifically, we analyze prominent works which contribute to definitions, law and ethics regulating cyber conflicts from the perspective of the creation of a CPK organization. Legislative and terminological foundations are analyzed and adopted from current practice. Further, this work analyzes guiding principles of global organizations such as ITU IMPACT, INTERPOL and regional organizations such as NATO and the ...


Table Of Contents Mar 2017

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.


Front Matter Mar 2017

Front Matter

Journal of Digital Forensics, Security and Law

No abstract provided.


Compression Of Virtual-Machine Memory In Dynamic Malware Analysis, James E. Fowler Ph.D. Mar 2017

Compression Of Virtual-Machine Memory In Dynamic Malware Analysis, James E. Fowler Ph.D.

Journal of Digital Forensics, Security and Law

Lossless compression of memory dumps from virtual machines that run malware samples is considered with the goal of significantly reducing archival costs in dynamic-malware-analysis applications. Given that, in such dynamic-analysis scenarios, malware samples are typically run in virtual machines just long enough to activate any self-decryption or other detection- avoidance maneuvers, the virtual-machine memory typically changes little from that of the baseline state, with the difference being attributable in large degree to the loading of additional executables and libraries. Consequently, delta coding is proposed to compress the current virtual-machine memory dump by coding its differences with respect to a predicted ...


Special Issue Of Best Papers From The 11th International Conference On Systematic Approaches To Digital Forensic Engineering (Sadfe 2016) Mar 2017

Special Issue Of Best Papers From The 11th International Conference On Systematic Approaches To Digital Forensic Engineering (Sadfe 2016)

Journal of Digital Forensics, Security and Law

The SADFE series feature the different editions of the International Conference on Systematic Approaches to Digital Forensics Engineering. Now in its eleventh edition, SADFE has established itself as the premier conference for researchers and practitioners working in Systematic Approaches to Digital Forensics Engineering.

SADFE 2016, the eleventh international conference on Systematic Approaches to Digital Forensic Engineering was held in Kyoto, Japan, September 20 - 22, 2016.

Digital forensics engineering and the curation of digital collections in cultural institutions face pressing and overlapping challenges related to provenance, chain of custody, authenticity, integrity, and identity. The generation, analysis and sustainability of digital evidence ...


A Forensic Email Analysis Tool Using Dynamic Visualization, Johannes Stadlinger, Andreas Dewald Mar 2017

A Forensic Email Analysis Tool Using Dynamic Visualization, Johannes Stadlinger, Andreas Dewald

Journal of Digital Forensics, Security and Law

Communication between people counts to the most important information of today’s business. As a result, in case of forensic investigations in big companies, analysis of communication data in general and especially email, as the still most widely used business communication platform with an immense and still growing volume, is a typical task in digital forensics. One of the challenges is to identify the relevant communication partners and structures in the suspects surrounding as quickly as possible in order to react appropriately and identify further targets of evaluation. Due to the amount of emails in typical inboxes, reading through all ...


Find Me If You Can: Mobile Gps Mapping Applications Forensic Analysis & Snavp The Open Source, Modular, Extensible Parser, Jason Moore, Ibrahim Baggili, Frank Breitinger Mar 2017

Find Me If You Can: Mobile Gps Mapping Applications Forensic Analysis & Snavp The Open Source, Modular, Extensible Parser, Jason Moore, Ibrahim Baggili, Frank Breitinger

Journal of Digital Forensics, Security and Law

The use of smartphones as navigation devices has become more prevalent. The ubiquity of hand-held navigation devices such as Garmins or Toms Toms has been falling whereas the ownership of smartphones and their adoption as GPS devices is growing. This work provides a comprehensive study of the most popular smartphone mapping applications, namely Google Maps, Apple Maps, Waze, MapQuest, Bing, and Scout, on both Android and iOS. It details what data was found, where it was found, and how it was acquired for each application. Based on the findings, the work allowed for the construction of a tool capable of ...


The Impact Of Md5 File Hash Collisions On Digital Forensic Imaging, Gary C. Kessler Dec 2016

The Impact Of Md5 File Hash Collisions On Digital Forensic Imaging, Gary C. Kessler

Journal of Digital Forensics, Security and Law

The Message Digest 5 (MD5) hash is commonly used as for integrity verification in the forensic imaging process. The ability to force MD5 hash collisions has been a reality for more than a decade, although there is a general consensus that hash collisions are of minimal impact to the practice of computer forensics. This paper describes an experiment to determine the results of imaging two disks that are identical except for one file, the two versions of which have different content but otherwise occupy the same byte positions on the disk, are the same size, and have the same hash ...


A Survey Of Social Network Forensics, Umit Karabiyik, Muhammed Abdullah Canbaz, Ahmet Aksoy, Tayfun Tuna, Esra Akbas, Bilal Gonen, Ramazan S. Aygun Dec 2016

A Survey Of Social Network Forensics, Umit Karabiyik, Muhammed Abdullah Canbaz, Ahmet Aksoy, Tayfun Tuna, Esra Akbas, Bilal Gonen, Ramazan S. Aygun

Journal of Digital Forensics, Security and Law

Social networks in any form, specifically online social networks (OSNs), are becoming a part of our everyday life in this new millennium especially with the advanced and simple communication technologies through easily accessible devices such as smartphones and tablets. The data generated through the use of these technologies need to be analyzed for forensic purposes when criminal and terrorist activities are involved. In order to deal with the forensic implications of social networks, current research on both digital forensics and social networks need to be incorporated and understood. This will help digital forensics investigators to predict, detect and even prevent ...


A New Distributed Chinese Wall Security Policy Model, Saad Fehis, Omar Nouali, Mohand-Tahar Kechadi Dec 2016

A New Distributed Chinese Wall Security Policy Model, Saad Fehis, Omar Nouali, Mohand-Tahar Kechadi

Journal of Digital Forensics, Security and Law

The application of the Chinese wall security policy model (CWSPM) to control the information flows between two or more competing and/or conflicting companies in cloud computing (Multi-tenancy) or in the social network, is a very interesting solution. The main goal of the Chinese Wall Security Policy is to build a wall between the datasets of competing companies, and among the system subjects. This is done by the applying to the subjects mandatory rules, in order to control the information flow caused between them. This problem is one of the hottest topics in the area of cloud computing (as a ...


The Impact Of Sha-1 File Hash Collisions On Digital Forensic Imaging: A Follow-Up Experiment, Gary C. Kessler Dec 2016

The Impact Of Sha-1 File Hash Collisions On Digital Forensic Imaging: A Follow-Up Experiment, Gary C. Kessler

Journal of Digital Forensics, Security and Law

A previous paper described an experiment showing that Message Digest 5 (MD5) hash collisions of files have no impact on integrity verification in the forensic imaging process. This paper describes a similar experiment applied when two files have a Secure Hash Algorithm (SHA-1) collision.


Table Of Contents Dec 2016

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.


Bloom Filters Optimized Wu-Manber For Intrusion Detection, Monther Aldwairi, Koloud Al-Khamaiseh, Fatima Alharbi, Babar Shah Dec 2016

Bloom Filters Optimized Wu-Manber For Intrusion Detection, Monther Aldwairi, Koloud Al-Khamaiseh, Fatima Alharbi, Babar Shah

Journal of Digital Forensics, Security and Law

With increasing number and severity of attacks, monitoring ingress and egress network traffic is becoming essential everyday task. Intrusion detection systems are the main tools for capturing and searching network traffic for potential harm. Signature-based intrusion detection systems are the most widely used, and they simply use a pattern matching algorithms to locate attack signatures in intercepted network traffic. Pattern matching algorithms are very expensive in terms of running time and memory usage, leaving intrusion detection systems unable to detect attacks in real-time. We propose a Bloom filters optimized Wu-Manber pattern matching algorithm to speed up intrusion detection. The Bloom ...


The 2016 Analysis Of Information Remaining On Computer Hard Disks Offered For Sale On The Second Hand Market In The Uae, Thomas Martin, Andy Jones, Mohammed Alzaabi Dec 2016

The 2016 Analysis Of Information Remaining On Computer Hard Disks Offered For Sale On The Second Hand Market In The Uae, Thomas Martin, Andy Jones, Mohammed Alzaabi

Journal of Digital Forensics, Security and Law

This research describes our survey of data remaining on computer hard disks sold on the second hand market in the United Arab Emirates (UAE). This is a repetition of the first survey conducted in 2012 (Jones, Martin, & Alzaabi, 2012). Similar studies have been carried over the last ten years in the United Kingdom, Australia, USA, Germany and France: (Jones, Mee, Meyler, & Gooch, 2005), (Jones, Valli, Sutherland, & Thomas, 2006), (Jones, Valli, Dardick, & Sutherland, 2008), (Jones, Valli, Dardick, & Sutherland, 2009). This research was undertaken to gain insight into the volumes of data found on second-hand disks purchased in the UAE, as well ...


Leveraging The Windows Amcache.Hve File In Forensic Investigations, Bhupendra Singh, Upasna Singh Dec 2016

Leveraging The Windows Amcache.Hve File In Forensic Investigations, Bhupendra Singh, Upasna Singh

Journal of Digital Forensics, Security and Law

The Amcache.hve is a registry hive file that is created by Microsoft® Windows® to store the information related to execution of programs. This paper highlights the evidential potential of Amcache.hve file and its application in the area of user activity analysis. The study uncovers numerous artifacts retained in Amcache.hve file when a user performs certain actions such as running host-based applications, installation of new applications, or running portable applications from external devices. The results of experiments demonstrate that Amcache.hve file stores intriguing artifacts related to applications such as timestamps of creation and last modification of any ...


Differentiating Cyberbullies And Internet Trolls By Personality Characteristics And Self-Esteem, Lauren A. Zezulka, Kathryn C. Seigfried-Spellar Sep 2016

Differentiating Cyberbullies And Internet Trolls By Personality Characteristics And Self-Esteem, Lauren A. Zezulka, Kathryn C. Seigfried-Spellar

Journal of Digital Forensics, Security and Law

Cyberbullying and internet trolling are both forms of online aggression or cyberharassment; however, research has yet to assess the prevalence of these behaviors in relationship to one another. In addition, the current study was the first to investigate whether individual differences and self-esteem discerned between self-reported cyberbullies and/or internet trolls (i.e., Never engaged in either, Cyberbully-only, Troll-only, Both Cyberbully and Troll). Of 308 respondents solicited from Mechanical Turk, 70 engaged in cyberbullying behaviors, 20 engaged in only trolling behaviors, 129 self-reported both behaviors, and 89 self-reported neither behavior. Results yielded low self-esteem, low conscientiousness, and low internal moral ...


Table Of Contents Sep 2016

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.


Special Issue On Cyberharassment Investigation: Advances And Trends, Joanne Bryce, Virginia N. L. Franqueira, Andrew Marrington Sep 2016

Special Issue On Cyberharassment Investigation: Advances And Trends, Joanne Bryce, Virginia N. L. Franqueira, Andrew Marrington

Journal of Digital Forensics, Security and Law

Empirical and anecdotal evidence indicates that cyberharassment is more prevalent as the use of social media becomes increasingly widespread, making geography and physical proximity irrelevant. Cyberharassment can take different forms (e.g., cyberbullying, cyberstalking, cybertrolling), and be motivated by the objectives of inflicting distress, exercising control, impersonation, and defamation. Little is currently known about the modus operandi of offenders and their psychological characteristics. Investigation of these behaviours is particularly challenging because it involves digital evidence distributed across the devices of both alleged offenders and victims, as well as online service providers, sometimes over an extended period of time. This special ...


The Impact Of Low Self-Control On Online Harassment: Interaction With Opportunity., Hyunin Baek, Michael M. Losavio, George E. Higgins Sep 2016

The Impact Of Low Self-Control On Online Harassment: Interaction With Opportunity., Hyunin Baek, Michael M. Losavio, George E. Higgins

Journal of Digital Forensics, Security and Law

Developing Internet technology has increased the rates of youth online harassment. This study examines online harassment from adolescents with low self-control and the moderating effect of opportunity. The data used in this study were collected by the Korea Institute of Criminology in 2009. The total sample size was 1,091. The results indicated that low self-control, opportunity, and gender have a significant influence on online harassment. However, these results differed according to gender; for males, low self-control significantly impacted online harassment; for females, however, only low self-control significantly impacted online harassment. Furthermore, the interaction between low self-control and opportunity did ...


Toward Online Linguistic Surveillance Of Threatening Messages, Brian H. Spitzberg, Jean Mark Gawron Sep 2016

Toward Online Linguistic Surveillance Of Threatening Messages, Brian H. Spitzberg, Jean Mark Gawron

Journal of Digital Forensics, Security and Law

Threats are communicative acts, but it is not always obvious what they communicate or when they communicate imminent credible and serious risk. This paper proposes a research- and theory-based set of over 20 potential linguistic risk indicators that may discriminate credible from non-credible threats within online threat message corpora. Two prongs are proposed: (1) Using expert and layperson ratings to validate subjective scales in relation to annotated known risk messages, and (2) Using the resulting annotated corpora for automated machine learning with computational linguistic analyses to classify non-threats, false threats, and credible threats. Rating scales are proposed, existing threat corpora ...


A Legal Examination Of Revenge Pornography And Cyber-Harassment, Thomas Lonardo, Tricia Martland, Doug White Sep 2016

A Legal Examination Of Revenge Pornography And Cyber-Harassment, Thomas Lonardo, Tricia Martland, Doug White

Journal of Digital Forensics, Security and Law

This paper examines the current state of the statutes in the United States as they relate to cyber-harassment in the context of "revenge porn". Revenge porn refers to websites which cater to those wishing to exploit, harass, or otherwise antagonize their ex partners using pornographic images and videos which were obtained during their relationships. The paper provide examples and illustrations as well as a summary of current statute in the United States. The paper additionally explores some of the various legal remedies available to victims of revenge pornography.


Low Budget Forensic Drive Imaging Using Arm Based Single Board Computers, Eric Olson, Narasimha Shashidhar Jan 2016

Low Budget Forensic Drive Imaging Using Arm Based Single Board Computers, Eric Olson, Narasimha Shashidhar

Journal of Digital Forensics, Security and Law

Traditional forensic analysis of hard disks and external media typically involves a powered down machine and “dead analysis” of these devices. Forensic acquisition of hard drives and external media has traditionally been by one of several means: standalone forensic duplicator; using a hardware write-blocker or dock attached to a laptop, computer, workstation, etc., forensic operating systems that live boot from a USB, CD/DVD or virtual machines with preinstalled operating systems. Standalone forensics acquisition and imaging devices generally cost thousands of dollars. In this paper, we propose the use of single board computers as forensic imaging devices. Single board computers ...


Table Of Contents Jan 2016

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.


Making Sense Of Email Addresses On Drives, Neil C. Rowe, Riqui Schwamm, Michael R. Mccarrin, Ralucca Gera Jan 2016

Making Sense Of Email Addresses On Drives, Neil C. Rowe, Riqui Schwamm, Michael R. Mccarrin, Ralucca Gera

Journal of Digital Forensics, Security and Law

Drives found during investigations often have useful information in the form of email addresses which can be acquired by search in the raw drive data independent of the file system. Using this data we can build a picture of the social networks that a drive owner participated in, even perhaps better than investigating their online profiles maintained by social-networking services because drives contain much data that users have not approved for public display. However, many addresses found on drives are not forensically interesting, such as sales and support links. We developed a program to filter these out using a Naïve ...


In-The-Wild Residual Data Research And Privacy, William B. Glisson, Tim Storer, Andrew Blyth, George Grispos, Matt Campbell Jan 2016

In-The-Wild Residual Data Research And Privacy, William B. Glisson, Tim Storer, Andrew Blyth, George Grispos, Matt Campbell

Journal of Digital Forensics, Security and Law

As the world becomes increasingly dependent on technology, researchers in both industry and academia endeavor to understand how technology is used, the impact it has on everyday life, the artifact life-cycle and overall integrations of digital information. In doing so, researchers are increasingly gathering 'real-world' or 'in-the-wild' residual data, obtained from a variety of sources, without the explicit consent of the original owners. This data gathering raises significant concerns regarding privacy, ethics and legislation, as well as practical considerations concerning investigator training, data storage, overall security and data disposal. This research surveys recent studies of residual data gathered in-the-wild and ...


Bytewise Approximate Matching: The Good, The Bad, And The Unknown, Vikram S. Harichandran, Frank Breitinger, Ibrahim Baggili Jan 2016

Bytewise Approximate Matching: The Good, The Bad, And The Unknown, Vikram S. Harichandran, Frank Breitinger, Ibrahim Baggili

Journal of Digital Forensics, Security and Law

Hash functions are established and well-known in digital forensics, where they are commonly used for proving integrity and file identification (i.e., hash all files on a seized device and compare the fingerprints against a reference database). However, with respect to the latter operation, an active adversary can easily overcome this approach because traditional hashes are designed to be sensitive to altering an input; output will significantly change if a single bit is flipped. Therefore, researchers developed approximate matching, which is a rather new, less prominent area but was conceived as a more robust counterpart to traditional hashing. Since the ...


Electronic Voting Service Using Block-Chain, Kibin Lee, Joshua I. James, Tekachew G. Ejeta, Hyoung J. Kim Jan 2016

Electronic Voting Service Using Block-Chain, Kibin Lee, Joshua I. James, Tekachew G. Ejeta, Hyoung J. Kim

Journal of Digital Forensics, Security and Law

Cryptocurrency, and its underlying technologies, has been gaining popularity for transaction management beyond financial transactions. Transaction information is maintained in the block-chain, which can be used to audit the integrity of the transaction. The focus on this paper is the potential availability of block-chain technology of other transactional uses. Block-chain is one of the most stable open ledgers that preserves transaction information, and is difficult to forge. Since the information stored in block-chain is not related to personally identify information, it has the characteristics of anonymity. Also, the block-chain allows for transparent transaction verification since all information in the block-chain ...


Digital Forensics In Law Enforcement: A Needs Based Analysis Of Indiana Agencies, Teri A. Cummins Flory Jan 2016

Digital Forensics In Law Enforcement: A Needs Based Analysis Of Indiana Agencies, Teri A. Cummins Flory

Journal of Digital Forensics, Security and Law

Cyber crime is a growing problem, with the impact to society increasing exponentially, but the ability of local law enforcement agencies to investigate and successfully prosecute criminals for these crimes is unclear. Many national needs assessments have previously been conducted, and all indicated that state and local law enforcement did not have the training, tools, or staff to effectively conduct digital investigations, but very few have been completed recently. This study provided a current and localized assessment of the ability of Indiana law enforcement agencies to effectively investigate crimes involving digital evidence, the availability of training for both law enforcement ...