Law Commons^™

Smart Home Forensics: Identifying Ddos Attack Patterns On Iot Devices, Samuel Ho, Hope Greeson, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

Smart homes are becoming more common as more people integrate IoT devices into their home environment. As such, these devices have access to personal data on their homeowners’ networks. One of the advantages of IoT devices is that they are compact. However, this limits the incorporation of security measures in their hardware. Misconfigured IoT devices are commonly the target of malicious attacks. Additionally, distributed denial-of-service attacks are becoming more common due to applications and software that provides users with easy-to-use user interfaces. Since one vulnerable device is all an attacker needs to launch an attack on a network, in regards …

A Lightweight Reliably Quantified Deepfake Detection Approach, Tianyi Wang, Kam Pui Chow

Annual ADFSL Conference on Digital Forensics, Security and Law

Deepfake has brought huge threats to society such that everyone can become a potential victim. Current Deepfake detection approaches have unsatisfactory performance in either accuracy or efficiency. Meanwhile, most models are only evaluated on different benchmark test datasets with different accuracies, which could not imitate the real-life Deepfake unknown population. As Deepfake cases have already been raised and brought challenges at the court, it is disappointed that no existing work has studied the model reliability and attempted to make the detection model act as the evidence at the court. We propose a lightweight Deepfake detection deep learning approach using the …

Detection Of Overlapping Passive Manipulation Techniques In Image Forensics, Gianna S. Lint, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

With a growing number of images uploaded daily to social media sites, it is essential to understand if an image can be used to trace its origin. Forensic investigations are focusing on analyzing images that are uploaded to social media sites resulting in an emphasis on building and validating tools. There has been a strong focus on understanding active manipulation or tampering techniques and building tools for analysis. However, research on manipulation is often studied in a vacuum, involving only one technique at a time. Additionally, less focus has been placed on passive manipulation, which can occur by simply uploading …

Anatomy Of An Internet Hijack And Interception Attack: A Global And Educational Perspective, Ben A. Scott, Michael N. Johnstone, Patryk Szewczyk

Annual ADFSL Conference on Digital Forensics, Security and Law

The Internet’s underlying vulnerable protocol infrastructure is a rich target for cyber crime, cyber espionage and cyber warfare operations. The stability and security of the Internet infrastructure are important to the function of global matters of state, critical infrastructure, global e-commerce and election systems. There are global approaches to tackle Internet security challenges that include governance, law, educational and technical perspectives. This paper reviews a number of approaches to these challenges, the increasingly surgical attacks that target the underlying vulnerable protocol infrastructure of the Internet, and the extant cyber security education curricula; we find the majority of predominant cyber security …

A Low-Cost Machine Learning Based Network Intrusion Detection System With Data Privacy Preservation, Jyoti Fakirah, Lauhim Mahfuz Zishan, Roshni Mooruth, Michael L. Johnstone, Wencheng Yang

Annual ADFSL Conference on Digital Forensics, Security and Law

Network intrusion is a well-studied area of cyber security. Current machine learning-based network intrusion detection systems (NIDSs) monitor network data and the patterns within those data but at the cost of presenting significant issues in terms of privacy violations which may threaten end-user privacy. Therefore, to mitigate risk and preserve a balance between security and privacy, it is imperative to protect user privacy with respect to intrusion data. Moreover, cost is a driver of a machine learning-based NIDS because such systems are increasingly being deployed on resource-limited edge devices. To solve these issues, in this paper we propose a NIDS …

Evaluating The Progress Of The Liberalization Of International Aviation Toward Open Skies, Tyler B. Spence, Daniel Friedenzohn, Steven M. Leib

Publications

The United States has engaged in well over 100 Open Skies Agreements with other ICAO member state partners reaching all parts of the globe. These Open Skies Agreements have established a practice of liberalization for airlines to have the most freedom to choose when, where, how often, and for how much they fly to locations. Despite a majority of ICAO member state partners engaging in Open Skies, there has been a reluctance of the member states to engage in the same practices with other aviation partners for similar access. A similar pattern is also evident for liberalization through the Freedoms …

Performance Assessment Of Some Phishing Predictive Models Based On Minimal Feature Corpus, Orunsolu Abdul Abiodun, Sodiya A.S, Kareem S.O, Oladimeji G. B Mr.

Journal of Digital Forensics, Security and Law

Phishing is currently one of the severest cybersecurity challenges facing the emerging online community. With damages running into millions of dollars in financial and brand losses, the sad tale of phishing activities continues unabated. This led to an arms race between the con artists and online security community which demand a constant investigation to win the cyberwar. In this paper, a new approach to phishing is investigated based on the concept of minimal feature set on some selected remarkable machine learning algorithms. The goal of this is to select and determine the most efficient machine learning methodology without undue high …

Community-Based Rehabilitation's Effectiveness In Reducing Singapore Juvenile Recidivism, Denzil Neo, June Hyuk Lee, Mervin Xin Hong Chew, Munisraj Sarfoji, Timothy Prakash

Introduction to Research Methods RSCH 202

Singapore's juvenile recidivism rate has climbed by around 5% since 2013, putting the country at risk of increased youth crime. With several mandatory rehabilitative programmes classified into two categories, Community-Based Rehabilitation (CBR) and Institutional-Based Rehabilitation (IBR), it is unclear whether the mandatory individual rehabilitative programmes for offenders were actually effective in achieving their corrective goals. This proposal would undertake a regression analysis to compare the effectiveness of CBR and IBR programmes utilizing secondary data gathered by the Ministry of Social and Family Development (MSF) and primary data from a survey. The survey will provide previously unstudied insights into the offender's …

Don't Bite The Bait: Phishing Attack For Internet Banking (E-Banking), Ilker Kara

Journal of Digital Forensics, Security and Law

Phishing attacks are based on obtaining desired information from users quickly and easily with the help of misdirecting, panicking, curiosity, or excitement. Most of the phishing web sites are designed on internet banking(e-banking) and the attackers can acquire financial information of misled users with the tactics and discourses they develop. Despite the increase of prevention techniques against phishing attacks day by day, an effective solution could not be found for this issue due to the human factor. Because of this reason, real phishing attack studies are essential to study and analyze the attackers’ attack techniques and strategies. This study focused …

The Potential Impact Of A Voluntary Non-Punitive Self Report Program Under The Scope Of The Brazilian Civil Aviation Authority, Audrey Gonzalez, Bráullio Amaral, Felipe Piton, Laércio De Araujo, Marcelo Marcusso

Student Works

The key recommendation from this study is to purpose the Brazilian National Civil Aviation Authority evaluation over the implementation of a new voluntary and non-punitive safety reporting program, with a different scope from the current one. The voluntary self-reporting programs in place in the USA, Europe and Australia should be used as a regulatory reference and the program development and implementation should be executed in close coordination with the different industry stakeholders.

To access if the current Brazilian State Safety reporting system meets ICAO requirements, the researchers accessed pertinent aviation safety regulatory legislation. Additionally, to access if the current Brazilian …

Internet Of Things Software And Hardware Architectures And Their Impacts On Forensic Investigations: Current Approaches And Challenges, Abel Alex Boozer, Arun John, Tathagata Mukherjee

Journal of Digital Forensics, Security and Law

The never-before-seen proliferation of interconnected low-power computing devices, patently dubbed the Internet of Things (IoT), is revolutionizing how people, organizations, and malicious actors interact with one another and the Internet. Many of these devices collect data in different forms, be it audio, location data, or user commands. In civil or criminal nature investigations, the data collected can act as evidence for the prosecution or the defense. This data can also be used as a component of cybersecurity efforts. When data is extracted from these devices, investigators are expected to do so using proven methods. Still, unfortunately, given the heterogeneity in …

The Survey On Cross-Border Collection Of Digital Evidence By Representatives From Polish Prosecutors’ Offices And Judicial Authorities, Paweł Olber Dr

Journal of Digital Forensics, Security and Law

Dynamic development of IT technology poses new challenges related to the cross-border collection of electronic evidence from the cloud. Many times investigators need to secure data stored on foreign servers directly and then look for solutions on how to turn the data into a legitimate source of evidence. To study the situation and propose solutions, I conducted a survey among Polish representatives of public prosecutors' offices and courts. This paper presents information from digital evidence collection practices across multiple jurisdictions. I stated that representatives from the prosecution and the judiciary in Poland are aware of the issues associated with cross-border …

An Economical Method For Securely Disintegrating Solid-State Drives Using Blenders, Brandon J. Hopkins Phd, Kevin A. Riggle

Journal of Digital Forensics, Security and Law

Pulverizing solid-state drives (SSDs) down to particles no larger than 2 mm is required by the United States National Security Agency (NSA) to ensure the highest level of data security, but commercial disintegrators that achieve this standard are large, heavy, costly, and often difficult to access globally. Here, we present a portable, inexpensive, and accessible method of pulverizing SSDs using a household blender and other readily available materials. We verify this approach by pulverizing SSDs with a variety of household blenders for fixed periods of time and sieve the resulting powder to ensure appropriate particle size. Among the 6 household …

Age’S Influence On Workplace Safety, Kelly Muhammad, Cheryl Marcham

Publications

According to the National Safety Council (NSC, n.d.), the total cost of work injuries in 2019 was an estimated $171 billion. This estimate includes wage and productivity losses, medical expenses, administrative expenses and employers’ uninsured costs. In that same year, an estimated 105 million workdays were lost due to injuries (NSC, n.d.). This report does not provide any specific details or any characteristics about the injured. However, knowledge of certain characteristics of the injured such as age can be critical information. This type of information could be useful in the development of workplace hazard prevention and mitigation programs.

Viability Of Consumer Grade Hardware For Learning Computer Forensics Principles, Lazaro A. Herrera

Journal of Digital Forensics, Security and Law

We propose utilizing budget consumer hardware and software to teach computer forensics principles and for non-case work, research and developing new techniques. Consumer grade hardware and free / open source software is more easily accessible in most developing markets and can be used as a first purchase for education, technique development and even when developing new techniques. These techniques should allow for small forensics laboratories or classroom settings to have the tooling and framework for trying existing forensics techniques or creating new forensics techniques on consumer grade hardware. We'll be testing how viable each individual piece of hardware is as …

Identification Of Lsb Image Steganography Using Cover Image Comparisons, Michael Pelosi, Chuck Easttom

Journal of Digital Forensics, Security and Law

Steganography has long been used to counter forensic investigation. This use of steganography as an anti-forensics technique is becoming more widespread. This requires forensic examiners to have additional tools to more effectively detect steganography. In this paper we introduce a new software concept specifically designed to allow the digital forensics professional to clearly identify and attribute instances of LSB image steganography by using the original cover image in side-by-side comparison with a suspected steganographic payload image. This technique is embodied in a software implementation named CounterSteg. The CounterSteg software allows detailed analysis and comparison of both the original cover …

Backup And Recovery Mechanisms Of Cassandra Database: A Review, Karina Bohora, Amol Bothe, Damini Sheth, Rupali Chopade, V. K. Pachghare

Journal of Digital Forensics, Security and Law

Cassandra is a NoSQL database having a peer-to-peer, ring-type architecture. Cassandra offers fault-tolerance, data replication for higher availability as well as ensures no single point of failure. Given that Cassandra is a NoSQL database, it is evident that it lacks the amount of research that has gone into comparatively older and more widely and broadly used SQL databases. Cassandra’s growing popularity in recent times gives rise to the need of addressing any security-related or recovery-related concerns associated with its usage. This review paper discusses the existing deletion mechanism in Cassandra and presents some identified issues related to backup and recovery …

Social Media User Relationship Framework (Smurf), Anne David, Sarah Morris, Gareth Appleby-Thomas

Journal of Digital Forensics, Security and Law

The use of social media has spread through many aspects of society, allowing millions of individuals, corporate as well as government entities to leverage the opportunities it affords. These opportunities often end up being exploited by a small percentage of the user community who use it for objectionable or unlawful activities; for example, trolling, cyber bullying, grooming, luring. In some cases, these unlawful activities result in investigations where swift retrieval of critical evidence required in order to save a life.

This paper presents a proof of concept (PoC) framework for social media user attribution. The framework aims to provide digital …

Can The Timeframe Of Reported Uas Sightings Help Regulators?, Spencer Erik Pitcher, Kelly A. Whealan-George

Beyond: Undergraduate Research Journal

Remotely controlled small aircraft, otherwise known as Unmanned Aircraft Systems (UAS) or drones have started to impact the United States National Airspace System by interfering with the safe flight of aircraft. As the UAS industry continues its expected growth into the future, lawmakers, as well as regulators at the Federal Aviation Administration (FAA) and the aviation community must be able to predict when there will be more UAS craft in the air that could cause an interruption to air traffic so that more resources can be allocated optimally to counter the threat of UAS craft. The purpose of this study …

Digital Disruption Solution For Airlines In Brazil, Camila Bisinoto Borges, Cristiane Lunardi Das Neves Rodrigues, Daniel Dias Landroni, Tatiane Mendonça, Leila Halawi

Publications

Since March 2017, the cost of denied boarding began to draw all Brazilian airlines' attention because of the Resolution 400 of the Brazilian National Civil Aviation Agency. This Resolution covers several items, but we will focus on the penalty that the airlines need to pay for each passenger who had his boarding denied involuntarily in domestic flights. Our goal is to create a plugin that any airline could use in their self-service check-in channels and direct communication with the passenger. It could also become a way to offer proactive accommodation options and monetary compensations due to itinerary or ticket schedule …

In Flight Management - Committing To Destination, Aldo Bien, Daniel Ribas, Paulo Pacheco, Rodrigo Garcia, Leila Halawi

International Journal of Aviation, Aeronautics, and Aerospace

The present Brazilian regulation is not precise whether the alternate fuel could or could not be used to proceed to the original destination without compromising the emergency fuel, once exact specific requirements are met. As a result of unclear directrices, each major airline in Brazil comprehends and applies the ICAO recommendation in its way. Such a non-standardized interpretation of the current regulation certainly compromises both the airline industry's safety and efficiency in the country. Therefore, this research proposes a more comprehensive and clear text for the Brazilian rules, encouraging airlines to adhere to what the ICAO recommendation preconizes widely.

Air Traffic Safety Management: The Significance Of Voluntary Reporting And Data Distribution, Xavier M. Ashley

Beyond: Undergraduate Research Journal

This study primarily investigated inadequacies identified through the utilization of the Air Traffic Safety Action Program (ATSAP), a Voluntary Safety Reporting Program (VSRP) overseen by the U.S. Federal Aviation Administration (FAA). The primary objective of this research was to ascertain whether the FAA was properly managing the ATSAP and if the program was capable of effectively identifying safety hazards present in the national airspace. To assist in this determination, this study communicated the basic characteristics and significance of safety management and voluntary reporting in aviation. This served to clarify the intended function of the ATSAP and to articulate contributions that …

Surveying The Safety Culture Of Academic Laboratories, Emily Faulconer, Zachary Dixon, John C. Griffith, Hayden Frank

Publications

The university traditionally has been the foundation for young adults’ professional development, yet the proclivity toward safety culture has garnered less focus in higher education than in the workforce. A survey of faculty at a medium-sized, research-active, private institution revealed specific areas of policy noncompliance as well as specific safety attitudes that can be targeted for interventions. Albeit a snapshot view, the survey implies that safety needs better representation in the classroom, teaching laboratories, and research facilities at universities. Safety is not abandoned by any means, and there is a strong presence of safety-oriented individuals, but the data show barriers …

Towards Increasing Trust In Expert Evidence Derived From Malware Forensic Tools, Ian M. Kennedy, Blaine Price, Arosha Bandara

Journal of Digital Forensics, Security and Law

Following a series of high profile miscarriages of justice in the UK linked to questionable expert evidence, the post of the Forensic Science Regulator was created in 2008. The main objective of this role is to improve the standard of practitioner competences and forensic procedures. One of the key strategies deployed to achieve this is the push to incorporate a greater level of scientific conduct in the various fields of forensic practice. Currently there is no statutory requirement for practitioners to become accredited to continue working with the Criminal Justice System of England and Wales. However, the Forensic Science Regulator …

A Forensic First Look At A Pos Device: Searching For Pci Dss Data Storage Violations, Stephen Larson, James Jones, Jim Swauger

Journal of Digital Forensics, Security and Law

According to the Verizon 2018 Data Breach Investigations Report, 321 POS terminals (user devices) were involved in about 14% of the 2,216 data breaches in 2017 (Verizon, 2018). These data breaches involved standalone POS terminals as well as associated controller systems. This paper examines a standalone Point-of-Sale (POS) system which is ubiquitous in smaller retail stores and restaurants. An attempt to extract unencrypted data and identify possible violations of the Payment Card Industry Data Security Standard (PCI DSS) requirement to protect stored cardholder data were be made. Persistent storage (flash memory chips) were removed from the devices and their contents …

Cryptography, Passwords, Privacy, And The Fifth Amendment, Gary C. Kessler, Ann M. Phillips

Journal of Digital Forensics, Security and Law

Military-grade cryptography has been widely available at no cost for personal and commercial use since the early 1990s. Since the introduction of Pretty Good Privacy (PGP), more and more people encrypt files and devices, and we are now at the point where our smartphones are encrypted by default. While this ostensibly provides users with a high degree of privacy, compelling a user to provide a password has been interpreted by some courts as a violation of our Fifth Amendment protections, becoming an often insurmountable hurdle to law enforcement lawfully executing a search warrant. This paper will explore some of the …

A Two-Stage Model For Social Network Investigations In Digital Forensics, Anne David, Sarah Morris, Gareth Appleby-Thomas

Journal of Digital Forensics, Security and Law

This paper proposes a two-stage model for identifying and contextualizing features from artefacts created as a result of social networking activity. This technique can be useful in digital investigations and is based on understanding and the deconstruction of the processes that take place prior to, during and after user activity; this includes corroborating artefacts. Digital Investigations are becoming more complex due to factors such as, the volume of data to be examined; different data formats; a wide range of sources for digital evidence; the volatility of data and the limitations of some of the standard digital forensic tools. This paper …

What’S In The Cloud? - An Examination Of The Impact Of Cloud Storage Usage On The Browser Cache., Graeme Horsman

Journal of Digital Forensics, Security and Law

Cloud storage is now a well established and popular service adopted by many individuals, often at limited or no cost. It provides users with the ability to store content on a cloud service provider’s infrastructure offering the benefit of redundancy, reliability, security, flexibility of access and the potential assumed liability of the provider for data loss within the contexts of a licensing agreement. Consequently, this form of remote storage provides a regulatory challenge as content which once resided upon a seized digital exhibit, available for scrutiny during a digital forensic investigatory, may no longer be present where attempting to acquire …

An Evaluation Of Data Erasing Tools, Andrew Jones, Isaac Afrifa

Journal of Digital Forensics, Security and Law

The permanent removal of data from media is a major area of concern mainly because of the misconception that once a file is deleted or storage media is formatted, it cannot be recovered. There has been the development of both commercial and freeware data erasing tools, which all claim complete file or disk erasure. This report analyzes the efficiency of a number of these tools in performing erasures on an electromechanical drive. It focuses on a selection of popular and modern erasing tools; taking into consideration their usability, claimed erasing standards and whether they perform complete data erasure with the …

Aircraft Rescue And Fire Fighting Capabilities: Are Today’S Standards Protecting Passenger’S Futures?, Kaetlyn Blocker

Student Works

Few studies have been conducted that have truly considered the relevance and inadequacies of applicable aircraft rescue and firefighting (ARFF) regulations. Fewer still have studied and explored accident cases that directly exemplify the deficiencies and inconsistencies of various regulatory standards and requirements. This study seeks to expose and explain those inadequacies by utilizing a historical, case-study type research method to examine accident cases during which time the governing regulations played a significant role in the ARFF operations. The findings discovered as a result of this multi-case analysis provide evidence that the current regulations governing United States ARFF operations are both …