Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 30 of 174
Full-Text Articles in Physical Sciences and Mathematics
Anatomy Of An Internet Hijack And Interception Attack: A Global And Educational Perspective, Ben A. Scott, Michael N. Johnstone, Patryk Szewczyk
Anatomy Of An Internet Hijack And Interception Attack: A Global And Educational Perspective, Ben A. Scott, Michael N. Johnstone, Patryk Szewczyk
Annual ADFSL Conference on Digital Forensics, Security and Law
The Internet’s underlying vulnerable protocol infrastructure is a rich target for cyber crime, cyber espionage and cyber warfare operations. The stability and security of the Internet infrastructure are important to the function of global matters of state, critical infrastructure, global e-commerce and election systems. There are global approaches to tackle Internet security challenges that include governance, law, educational and technical perspectives. This paper reviews a number of approaches to these challenges, the increasingly surgical attacks that target the underlying vulnerable protocol infrastructure of the Internet, and the extant cyber security education curricula; we find the majority of predominant cyber security …
A Low-Cost Machine Learning Based Network Intrusion Detection System With Data Privacy Preservation, Jyoti Fakirah, Lauhim Mahfuz Zishan, Roshni Mooruth, Michael L. Johnstone, Wencheng Yang
A Low-Cost Machine Learning Based Network Intrusion Detection System With Data Privacy Preservation, Jyoti Fakirah, Lauhim Mahfuz Zishan, Roshni Mooruth, Michael L. Johnstone, Wencheng Yang
Annual ADFSL Conference on Digital Forensics, Security and Law
Network intrusion is a well-studied area of cyber security. Current machine learning-based network intrusion detection systems (NIDSs) monitor network data and the patterns within those data but at the cost of presenting significant issues in terms of privacy violations which may threaten end-user privacy. Therefore, to mitigate risk and preserve a balance between security and privacy, it is imperative to protect user privacy with respect to intrusion data. Moreover, cost is a driver of a machine learning-based NIDS because such systems are increasingly being deployed on resource-limited edge devices. To solve these issues, in this paper we propose a NIDS …
Detection Of Overlapping Passive Manipulation Techniques In Image Forensics, Gianna S. Lint, Umit Karabiyik
Detection Of Overlapping Passive Manipulation Techniques In Image Forensics, Gianna S. Lint, Umit Karabiyik
Annual ADFSL Conference on Digital Forensics, Security and Law
With a growing number of images uploaded daily to social media sites, it is essential to understand if an image can be used to trace its origin. Forensic investigations are focusing on analyzing images that are uploaded to social media sites resulting in an emphasis on building and validating tools. There has been a strong focus on understanding active manipulation or tampering techniques and building tools for analysis. However, research on manipulation is often studied in a vacuum, involving only one technique at a time. Additionally, less focus has been placed on passive manipulation, which can occur by simply uploading …
Human-Controlled Fuzzing With Afl, Maxim Grishin, Igor Korkin, Phd
Human-Controlled Fuzzing With Afl, Maxim Grishin, Igor Korkin, Phd
Annual ADFSL Conference on Digital Forensics, Security and Law
Fuzzing techniques are applied to reveal different types of bugs and vulnerabilities. American Fuzzy Lop (AFL) is a free most popular software fuzzer used by many other fuzzing frameworks. AFL supports autonomous mode of operation that uses the previous step output into the next step, as a result fuzzer spends a lot of time analyzing minor code sections. By making fuzzing process more focused and human controlled security expert can save time and find more bugs in less time. We designed a new module that can fuzz only the specified functions. As a result, the chosen ones will be inspected …
The Amorphous Nature Of Hackers: An Exploratory Study, Kento Yasuhara, Daniel Walnycky, Ibrahim Baggili, Ahmed Alhishwan
The Amorphous Nature Of Hackers: An Exploratory Study, Kento Yasuhara, Daniel Walnycky, Ibrahim Baggili, Ahmed Alhishwan
Annual ADFSL Conference on Digital Forensics, Security and Law
In this work, we aim to better understand outsider perspectives of the hacker community through a series of situation based survey questions. By doing this, we hope to gain insight into the overall reputation of hackers from participants in a wide range of technical and non-technical backgrounds. This is important to digital forensics since convicted hackers will be tried by people, each with their own perception of who hackers are. Do cyber crimes and national security issues negatively affect people’s perceptions of hackers? Does hacktivism and information warfare positively affect people’s perception of hackers? Do individual personality factors affect one’s …
Smart Home Forensics: Identifying Ddos Attack Patterns On Iot Devices, Samuel Ho, Hope Greeson, Umit Karabiyik
Smart Home Forensics: Identifying Ddos Attack Patterns On Iot Devices, Samuel Ho, Hope Greeson, Umit Karabiyik
Annual ADFSL Conference on Digital Forensics, Security and Law
Smart homes are becoming more common as more people integrate IoT devices into their home environment. As such, these devices have access to personal data on their homeowners’ networks. One of the advantages of IoT devices is that they are compact. However, this limits the incorporation of security measures in their hardware. Misconfigured IoT devices are commonly the target of malicious attacks. Additionally, distributed denial-of-service attacks are becoming more common due to applications and software that provides users with easy-to-use user interfaces. Since one vulnerable device is all an attacker needs to launch an attack on a network, in regards …
Digital Forensics For Mobility As A Service Platform: Analysis Of Uber Application On Iphone And Cloud, Nina Matulis, Umit Karabiyik
Digital Forensics For Mobility As A Service Platform: Analysis Of Uber Application On Iphone And Cloud, Nina Matulis, Umit Karabiyik
Annual ADFSL Conference on Digital Forensics, Security and Law
Uber is a ride-hailing smartphone application (app) that allows users to order a ride in a highly efficient manner. The Uber app provides Mobility as a Service and allows users to easily order a ride in a private car with just a few clicks. Uber stores large amounts of data on both the mobile device the app is being used on, and in the cloud. Examples of this data include geolocation data, date/time, origin/destination addresses, departure/arrival times, and distance. Uber geolocation data has been previously researched to investigate the privacy of the Uber app; however, there is minimal research relating …
Microsoft Defender Will Be Defended: Memoryranger Prevents Blinding Windows Av, Denis Pogonin, Igor Korkin, Phd
Microsoft Defender Will Be Defended: Memoryranger Prevents Blinding Windows Av, Denis Pogonin, Igor Korkin, Phd
Annual ADFSL Conference on Digital Forensics, Security and Law
Windows OS is facing a huge rise in kernel attacks. An overview of popular techniques that result in loading kernel drivers will be presented. One of the key targets of modern threats is disabling and blinding Microsoft Defender, a default Windows AV. The analysis of recent driver-based attacks will be given, the challenge is to block them. The survey of user- and kernel-level attacks on Microsoft Defender will be given. One of the recently published attackers’ techniques abuses Mandatory Integrity Control (MIC) and Security Reference Monitor (SRM) by modifying Integrity Level and Debug Privileges for the Microsoft Defender via syscalls. …
A Lightweight Reliably Quantified Deepfake Detection Approach, Tianyi Wang, Kam Pui Chow
A Lightweight Reliably Quantified Deepfake Detection Approach, Tianyi Wang, Kam Pui Chow
Annual ADFSL Conference on Digital Forensics, Security and Law
Deepfake has brought huge threats to society such that everyone can become a potential victim. Current Deepfake detection approaches have unsatisfactory performance in either accuracy or efficiency. Meanwhile, most models are only evaluated on different benchmark test datasets with different accuracies, which could not imitate the real-life Deepfake unknown population. As Deepfake cases have already been raised and brought challenges at the court, it is disappointed that no existing work has studied the model reliability and attempted to make the detection model act as the evidence at the court. We propose a lightweight Deepfake detection deep learning approach using the …
Timestamp Estimation From Outdoor Scenes, Tawfiq Salem, Jisoo Hwang, Rafael Padilha
Timestamp Estimation From Outdoor Scenes, Tawfiq Salem, Jisoo Hwang, Rafael Padilha
Annual ADFSL Conference on Digital Forensics, Security and Law
The increasing availability of smartphones allowed people to easily capture and share images on the internet. These images are often associated with metadata, including the image capture time (timestamp) and the location where the image was captured (geolocation). The metadata associated with images provides valuable information to better understand scenes and events presented in these images. The timestamp can be manipulated intentionally to provide false information to convey a twisted version of reality. Images with manipulated timestamps are often used as a cover-up for wrongdoing or broadcasting false claims and competing views on the internet. Estimating the time of capture …
Forensic Analysis Of Spy Applications In Android Devices, Shinelle Hutchinson, Umit Karabiyik
Forensic Analysis Of Spy Applications In Android Devices, Shinelle Hutchinson, Umit Karabiyik
Annual ADFSL Conference on Digital Forensics, Security and Law
Smartphones with Google's Android operating system are becoming more and more popular each year, and with this increased user base, comes increased opportunities to collect more of these users' private data. There have been several instances of malware being made available via the Google Play Store, which is one of the predominant means for users to download applications. One effective way of collecting users' private data is by using Android Spyware. In this paper, we conduct a forensic analysis of a malicious Android spyware application and present our findings. We also highlight what information the application accesses and what it …
Contents, Adfsl
Contents, Adfsl
Annual ADFSL Conference on Digital Forensics, Security and Law
No abstract provided.
Front Matter, Adfsl
Front Matter, Adfsl
Annual ADFSL Conference on Digital Forensics, Security and Law
No abstract provided.
Analysis Of Data Erasure Capability On Sshd Drives For Data Recovery, Andrew Blyth
Analysis Of Data Erasure Capability On Sshd Drives For Data Recovery, Andrew Blyth
Annual ADFSL Conference on Digital Forensics, Security and Law
Data Protection and Computer Forensics/Anti-Forensics has now become a critical area of concern for organizations. A key element to this is how data is sanitized at end of life. In this paper we explore Hybrid Solid State Hybrid Drives (SSHD) and the impact that various Computer Forensics and Data Recovery techniques have when performing data erasure upon a SSHD.
Knowledge Expiration In Security Awareness Training, Tianjian Zhang
Knowledge Expiration In Security Awareness Training, Tianjian Zhang
Annual ADFSL Conference on Digital Forensics, Security and Law
No abstract provided.
Positive Identification Of Lsb Image Steganography Using Cover Image Comparisons, Michael Pelosi, Nimesh Poudel, Pratap Lamichhane, Devon Lam, Gary Kessler, Joshua Macmonagle
Positive Identification Of Lsb Image Steganography Using Cover Image Comparisons, Michael Pelosi, Nimesh Poudel, Pratap Lamichhane, Devon Lam, Gary Kessler, Joshua Macmonagle
Annual ADFSL Conference on Digital Forensics, Security and Law
In this paper we introduce a new software concept specifically designed to allow the digital forensics professional to clearly identify and attribute instances of LSB image steganography by using the original cover image in side-by-side comparison with a suspected steganographic payload image. The “CounterSteg” software allows detailed analysis and comparison of both the original cover image and any modified image, using sophisticated bit- and color-channel visual depiction graphics. In certain cases, the steganographic software used for message transmission can be identified by the forensic analysis of LSB and other changes in the payload image. The paper demonstrates usage and typical …
Exploring The Use Of Graph Databases To Catalog Artifacts For Client Forensics, Rose Shumba
Exploring The Use Of Graph Databases To Catalog Artifacts For Client Forensics, Rose Shumba
Annual ADFSL Conference on Digital Forensics, Security and Law
Cloud computing has revolutionized the methods by which digital data is stored, processed, and transmitted. It is providing users with data storage and processing services, enabling access to resources through multiple devices. Although organizations continue to embrace the advantages of flexibility and scalability offered by cloud computing, insider threats are becoming a serious concern as cited by security researchers. Insiders can use authorized access to steal sensitive information, calling for the need for an investigation. This concept paper describes research in progress towards developing a Neo4j graph database tool to enhance client forensics. The tool, with a Python interface, allows …
Precognition: Automated Digital Forensic Readiness System For Mobile Computing Devices In Enterprises, Jayaprakash Govindaraj, Robin Verma, Gaurav Gupta
Precognition: Automated Digital Forensic Readiness System For Mobile Computing Devices In Enterprises, Jayaprakash Govindaraj, Robin Verma, Gaurav Gupta
Annual ADFSL Conference on Digital Forensics, Security and Law
Enterprises are facing an unprecedented risk of security incidents due to the influx of emerging technologies, like smartphones and wearables. Most of the current Mobile security systems are not maturing in pace with technological advances. They lack the ability to learn and adapt from the past knowledge base. In the case of a security incident, enterprises find themselves underprepared for the lack of evidence and data. The systems are not designed to be forensic ready. There is a need for automated security analysis and forensically ready solution, which can learn and continuously adapt to new challenges, improve efficiency and productivity …
Unmanned Aerial Vehicle Forensic Investigation Process: Dji Phantom 3 Drone As A Case Study, Alan Roder, Kim-Kwang Raymond Choo, Nhien-A Le-Khac
Unmanned Aerial Vehicle Forensic Investigation Process: Dji Phantom 3 Drone As A Case Study, Alan Roder, Kim-Kwang Raymond Choo, Nhien-A Le-Khac
Annual ADFSL Conference on Digital Forensics, Security and Law
Drones (also known as Unmanned Aerial Vehicles – UAVs) are a potential source of evidence in a digital investigation, partly due to their increasing popularity in our society. However, existing UAV/drone forensics generally rely on conventional digital forensic investigation guidelines such as those of ACPO and NIST, which may not be entirely fit-for-purpose. In this paper, we identify the challenges associated with UAV/drone forensics. We then explore and evaluate existing forensic guidelines, in terms of their effectiveness for UAV/drone forensic investigations. Next, we present our set of guidelines for UAV/drone investigations. Finally, we demonstrate how the proposed guidelines can be …
Back Matter, Adfsl
Back Matter, Adfsl
Annual ADFSL Conference on Digital Forensics, Security and Law
No abstract provided.
Front Matter, Adfsl
Front Matter, Adfsl
Annual ADFSL Conference on Digital Forensics, Security and Law
No abstract provided.
Contents, Adfsl
Contents, Adfsl
Annual ADFSL Conference on Digital Forensics, Security and Law
No abstract provided.
Understanding Deleted File Decay On Removable Media Using Differential Analysis, James H. Jones Jr, Anurag Srivastava, Josh Mosier, Connor Anderson, Seth Buenafe
Understanding Deleted File Decay On Removable Media Using Differential Analysis, James H. Jones Jr, Anurag Srivastava, Josh Mosier, Connor Anderson, Seth Buenafe
Annual ADFSL Conference on Digital Forensics, Security and Law
Digital content created by picture recording devices is often stored internally on the source device, on either embedded or removable media. Such storage media is typically limited in capacity and meant primarily for interim storage of the most recent image files, and these devices are frequently configured to delete older files as necessary to make room for new files. When investigations involve such devices and media, it is sometimes these older deleted files that would be of interest. It is an established fact that deleted file content may persist in part or in its entirety after deletion, and identifying the …
Harnessing Predictive Models For Assisting Network Forensic Investigations Of Dns Tunnels, Irvin Homem, Panagiotis Papapetrou
Harnessing Predictive Models For Assisting Network Forensic Investigations Of Dns Tunnels, Irvin Homem, Panagiotis Papapetrou
Annual ADFSL Conference on Digital Forensics, Security and Law
In recent times, DNS tunneling techniques have been used for malicious purposes, however network security mechanisms struggle to detect them. Network forensic analysis has been proven effective, but is slow and effort intensive as Network Forensics Analysis Tools struggle to deal with undocumented or new network tunneling techniques. In this paper, we present a machine learning approach, based on feature subsets of network traffic evidence, to aid forensic analysis through automating the inference of protocols carried within DNS tunneling techniques. We explore four network protocols, namely, HTTP, HTTPS, FTP, and POP3. Three features are extracted from the DNS tunneled traffic: …
An Accidental Discovery Of Iot Botnets And A Method For Investigating Them With A Custom Lua Dissector, Max Gannon, Gary Warner, Arsh Arora
An Accidental Discovery Of Iot Botnets And A Method For Investigating Them With A Custom Lua Dissector, Max Gannon, Gary Warner, Arsh Arora
Annual ADFSL Conference on Digital Forensics, Security and Law
This paper presents a case study that occurred while observing peer-to-peer network communications on a botnet monitoring station and shares how tools were developed to discover what ultimately was identified as Mirai and many related IoT DDOS Botnets. The paper explains how researchers developed a customized protocol dissector in Wireshark using the Lua coding language, and how this enabled them to quickly identify new DDOS variants over a five month period of study.
Designing Laboratories For Small Scale Digital Device Forensics, Richard P. Mislan, Tim Wedge
Designing Laboratories For Small Scale Digital Device Forensics, Richard P. Mislan, Tim Wedge
Annual ADFSL Conference on Digital Forensics, Security and Law
The ubiquity of small scale digital devices (SSDD), the public’s ever increasing societal dependence on SSDD, and the continual presence of SSDD at all types of crime scenes, including non-technical and violent crimes, demand a formalized curriculum for the education and training of future cyber forensic examiners. This paper presents the various SSDD forensics labs currently in use and under development for future use at the Purdue University Cyber Forensics Laboratory. The primary objective of each module is to provide specific real-world cases for the learning, comprehension, and understanding of hands-on investigative techniques and methodologies. The purpose of this paper …
Network Forensic Investigation Of Internal Misuse/Crime In Saudi Arabia: A Hacking Case, Abdulrazaq Al-Murjan, Konstantinos Xynos
Network Forensic Investigation Of Internal Misuse/Crime In Saudi Arabia: A Hacking Case, Abdulrazaq Al-Murjan, Konstantinos Xynos
Annual ADFSL Conference on Digital Forensics, Security and Law
There are ad-hoc guidelines and a limited policy on computer incident response that does not include computer forensic preparation procedures (e.g. logging incidents). In addition, these guidelines do not consider the requirement of Islamic law for admissible evidence at an organisational level in Saudi Arabia. Network forensic investigation might breach the Saudi law if they follow ad-hoc or international digital forensic standards such as Association of Chief Police Officers (ACPO) guidelines. This might put the organisation in a costly situation when a malicious employee sues an Islamic court. This is because the law of Saudi Arabia is complying with Islamic …
Paper Session Ii: Computer Forensics Field Triage Process Model, Marcus K. Rogers, James Goldman, Rick Mislan, Timothy Wedge, Steve Debrota
Paper Session Ii: Computer Forensics Field Triage Process Model, Marcus K. Rogers, James Goldman, Rick Mislan, Timothy Wedge, Steve Debrota
Annual ADFSL Conference on Digital Forensics, Security and Law
With the proliferation of digital based evidence, the need for the timely identification, analysis and interpretation of digital evidence is becoming more crucial. In many investigations critical information is required while at the scene or within a short period of time - measured in hours as opposed to days. The traditional cyber forensics approach of seizing a system(s)/media, transporting it to the lab, making a forensic image(s), and then searching the entire system for potential evidence, is no longer appropriate in some circumstances. In cases such as child abductions, pedophiles, missing or exploited persons, time is of the essence. In …
Development Of A National Repository Of Digital Forensic Intelligence, Mark Weiser, David P. Biros, Greg Mosier
Development Of A National Repository Of Digital Forensic Intelligence, Mark Weiser, David P. Biros, Greg Mosier
Annual ADFSL Conference on Digital Forensics, Security and Law
Many people do all of their banking online, we and our children communicate with peers through computer systems, and there are many jobs that require near continuous interaction with computer systems. Criminals, however, are also “connected”, and our online interaction provides them a conduit into our information like never before. Our credit card numbers and other fiscal information are at risk, our children's personal information is exposed to the world, and our professional reputations are on the line.
The discipline of Digital Forensics in law enforcement agencies around the nation and world has grown to match the increased risk and …
Designing A Data Warehouse For Cyber Crimes, Il-Yeol Song, John D. Maguire, Ki Jung Lee, Namyoun Choi, Xiaohua Hu, Peter Chen
Designing A Data Warehouse For Cyber Crimes, Il-Yeol Song, John D. Maguire, Ki Jung Lee, Namyoun Choi, Xiaohua Hu, Peter Chen
Annual ADFSL Conference on Digital Forensics, Security and Law
One of the greatest challenges facing modern society is the rising tide of cyber crimes. These crimes, since they rarely fit the model of conventional crimes, are difficult to investigate, hard to analyze, and difficult to prosecute. Collecting data in a unified framework is a mandatory step that will assist the investigator in sorting through the mountains of data. In this paper, we explore designing a dimensional model for a data warehouse that can be used in analyzing cyber crime data. We also present some interesting queries and the types of cyber crime analyses that can be performed based on …