Open Access. Powered by Scholars. Published by Universities.®
- Institution
-
- Embry-Riddle Aeronautical University (53)
- University of New Haven (10)
- Edith Cowan University (4)
- Kennesaw State University (3)
- Singapore Management University (3)
-
- Air Force Institute of Technology (2)
- University of Nebraska - Lincoln (2)
- James Madison University (1)
- La Salle University (1)
- Nova Southeastern University (1)
- University of Arkansas, Fayetteville (1)
- University of Kentucky (1)
- University of Massachusetts Amherst (1)
- University of Tennessee, Knoxville (1)
- Keyword
-
- Digital forensics (10)
- Computer forensics (6)
- Cyber forensics (4)
- Security (4)
- Survey (4)
-
- Fuzzy hashing (3)
- Android (2)
- Approximate matching (2)
- Bytewise (2)
- Computer Science (2)
- Computer crime (2)
- Cyber-harassment (2)
- Cybersecurity (2)
- Digital Forensics (2)
- Digital evidence (2)
- Forensic imaging (2)
- Machine Learning (2)
- Mrsh-v2 (2)
- Privacy (2)
- Research (2)
- Review (2)
- Sdhash (2)
- Similarity hashing (2)
- Ssdeep (2)
- #antcenter (1)
- Addresses (1)
- Air gap (1)
- Amazon kindle (1)
- Amcache.hve (1)
- Android forensics (1)
- Publication
-
- Journal of Digital Forensics, Security and Law (31)
- Annual ADFSL Conference on Digital Forensics, Security and Law (21)
- Electrical & Computer Engineering and Computer Science Faculty Publications (10)
- Research Collection School Of Computing and Information Systems (3)
- Australian Digital Forensics Conference (2)
-
- Department of Computer Science and Engineering: Dissertations, Theses, and Student Research (2)
- Theses and Dissertations (2)
- CCE Theses and Dissertations (1)
- Chancellor’s Honors Program Projects (1)
- Doctoral Dissertations (1)
- Graduate Theses and Dissertations (1)
- HON499 projects (1)
- Journal of Cybersecurity Education, Research and Practice (1)
- KSU Journey Honors College Capstones and Theses (1)
- KSU Proceedings on Cybersecurity Education, Research and Practice (1)
- Publications (1)
- Research outputs 2014 to 2021 (1)
- Showcase of Graduate Student Scholarship and Creative Activities (1)
- Theses and Dissertations--Electrical and Computer Engineering (1)
- Theses: Doctorates and Masters (1)
- Publication Type
Articles 1 - 30 of 84
Full-Text Articles in Information Security
Bloom Filters Optimized Wu-Manber For Intrusion Detection, Monther Aldwairi, Koloud Al-Khamaiseh, Fatima Alharbi, Babar Shah
Bloom Filters Optimized Wu-Manber For Intrusion Detection, Monther Aldwairi, Koloud Al-Khamaiseh, Fatima Alharbi, Babar Shah
Journal of Digital Forensics, Security and Law
With increasing number and severity of attacks, monitoring ingress and egress network traffic is becoming essential everyday task. Intrusion detection systems are the main tools for capturing and searching network traffic for potential harm. Signature-based intrusion detection systems are the most widely used, and they simply use a pattern matching algorithms to locate attack signatures in intercepted network traffic. Pattern matching algorithms are very expensive in terms of running time and memory usage, leaving intrusion detection systems unable to detect attacks in real-time. We propose a Bloom filters optimized Wu-Manber pattern matching algorithm to speed up intrusion detection. The Bloom …
The Impact Of Md5 File Hash Collisions On Digital Forensic Imaging, Gary C. Kessler
The Impact Of Md5 File Hash Collisions On Digital Forensic Imaging, Gary C. Kessler
Journal of Digital Forensics, Security and Law
The Message Digest 5 (MD5) hash is commonly used as for integrity verification in the forensic imaging process. The ability to force MD5 hash collisions has been a reality for more than a decade, although there is a general consensus that hash collisions are of minimal impact to the practice of computer forensics. This paper describes an experiment to determine the results of imaging two disks that are identical except for one file, the two versions of which have different content but otherwise occupy the same byte positions on the disk, are the same size, and have the same hash …
Leveraging The Windows Amcache.Hve File In Forensic Investigations, Bhupendra Singh, Upasna Singh
Leveraging The Windows Amcache.Hve File In Forensic Investigations, Bhupendra Singh, Upasna Singh
Journal of Digital Forensics, Security and Law
The Amcache.hve is a registry hive file that is created by Microsoft® Windows® to store the information related to execution of programs. This paper highlights the evidential potential of Amcache.hve file and its application in the area of user activity analysis. The study uncovers numerous artifacts retained in Amcache.hve file when a user performs certain actions such as running host-based applications, installation of new applications, or running portable applications from external devices. The results of experiments demonstrate that Amcache.hve file stores intriguing artifacts related to applications such as timestamps of creation and last modification of any application; name, description, publisher …
The 2016 Analysis Of Information Remaining On Computer Hard Disks Offered For Sale On The Second Hand Market In The Uae, Thomas Martin, Andy Jones, Mohammed Alzaabi
The 2016 Analysis Of Information Remaining On Computer Hard Disks Offered For Sale On The Second Hand Market In The Uae, Thomas Martin, Andy Jones, Mohammed Alzaabi
Journal of Digital Forensics, Security and Law
This research describes our survey of data remaining on computer hard disks sold on the second hand market in the United Arab Emirates (UAE). This is a repetition of the first survey conducted in 2012 (Jones, Martin, & Alzaabi, 2012). Similar studies have been carried over the last ten years in the United Kingdom, Australia, USA, Germany and France: (Jones, Mee, Meyler, & Gooch, 2005), (Jones, Valli, Sutherland, & Thomas, 2006), (Jones, Valli, Dardick, & Sutherland, 2008), (Jones, Valli, Dardick, & Sutherland, 2009). This research was undertaken to gain insight into the volumes of data found on second-hand disks purchased …
A New Distributed Chinese Wall Security Policy Model, Saad Fehis, Omar Nouali, Mohand-Tahar Kechadi
A New Distributed Chinese Wall Security Policy Model, Saad Fehis, Omar Nouali, Mohand-Tahar Kechadi
Journal of Digital Forensics, Security and Law
The application of the Chinese wall security policy model (CWSPM) to control the information flows between two or more competing and/or conflicting companies in cloud computing (Multi-tenancy) or in the social network, is a very interesting solution. The main goal of the Chinese Wall Security Policy is to build a wall between the datasets of competing companies, and among the system subjects. This is done by the applying to the subjects mandatory rules, in order to control the information flow caused between them. This problem is one of the hottest topics in the area of cloud computing (as a distributed …
The Impact Of Sha-1 File Hash Collisions On Digital Forensic Imaging: A Follow-Up Experiment, Gary C. Kessler
The Impact Of Sha-1 File Hash Collisions On Digital Forensic Imaging: A Follow-Up Experiment, Gary C. Kessler
Journal of Digital Forensics, Security and Law
A previous paper described an experiment showing that Message Digest 5 (MD5) hash collisions of files have no impact on integrity verification in the forensic imaging process. This paper describes a similar experiment applied when two files have a Secure Hash Algorithm (SHA-1) collision.
A Survey Of Social Network Forensics, Umit Karabiyik, Muhammed Abdullah Canbaz, Ahmet Aksoy, Tayfun Tuna, Esra Akbas, Bilal Gonen, Ramazan S. Aygun
A Survey Of Social Network Forensics, Umit Karabiyik, Muhammed Abdullah Canbaz, Ahmet Aksoy, Tayfun Tuna, Esra Akbas, Bilal Gonen, Ramazan S. Aygun
Journal of Digital Forensics, Security and Law
Social networks in any form, specifically online social networks (OSNs), are becoming a part of our everyday life in this new millennium especially with the advanced and simple communication technologies through easily accessible devices such as smartphones and tablets. The data generated through the use of these technologies need to be analyzed for forensic purposes when criminal and terrorist activities are involved. In order to deal with the forensic implications of social networks, current research on both digital forensics and social networks need to be incorporated and understood. This will help digital forensics investigators to predict, detect and even prevent …
Table Of Contents
Journal of Digital Forensics, Security and Law
No abstract provided.
Context-Sensitive Auto-Sanitization For Php, Jared M. Smith, Richard J. Connor, David P. Cunningham, Kyle G. Bashour, Walter T. Work
Context-Sensitive Auto-Sanitization For Php, Jared M. Smith, Richard J. Connor, David P. Cunningham, Kyle G. Bashour, Walter T. Work
Chancellor’s Honors Program Projects
No abstract provided.
Semeo: A Semantic Equivalence Analysis Framework For Obfuscated Android Applications, Zhen Hu
Semeo: A Semantic Equivalence Analysis Framework For Obfuscated Android Applications, Zhen Hu
Department of Computer Science and Engineering: Dissertations, Theses, and Student Research
Software repackaging is a common approach for creating malware. In this approach, malware authors inject malicious payloads into legitimate applications; then, to ren- der security analysis more difficult, they obfuscate most or all of the code. This forces analysts to spend a large amount of effort filtering out benign obfuscated methods in order to locate potentially malicious methods for further analysis. If an effective mechanism for filtering out benign obfuscated methods were available, the number of methods that must be analyzed could be reduced, allowing analysts to be more productive. In this thesis, we introduce SEMEO, a highly effective and …
Who's In And Who's Out?: What's Important In The Cyber World?, Tony M. Kelly
Who's In And Who's Out?: What's Important In The Cyber World?, Tony M. Kelly
HON499 projects
The aim of this paper is to offer an introduction to the exploding field of cybersecurity by asking what are the most important concepts or topics that a new member of the field of cybersecurity should know. This paper explores this question from three perspectives: from the realm of business and how the cyber world is intertwined with modern commerce, including common weaknesses and recommendations, from the academic arena examining how cybersecurity is taught and how it should be taught in a classroom or laboratory environment, and lastly, from the author’s personal experience with the cyber world. Included information includes …
Intrinsic Functions For Securing Cmos Computation: Variability, Modeling And Noise Sensitivity, Xiaolin Xu
Intrinsic Functions For Securing Cmos Computation: Variability, Modeling And Noise Sensitivity, Xiaolin Xu
Doctoral Dissertations
A basic premise behind modern secure computation is the demand for lightweight cryptographic primitives, like identifier or key generator. From a circuit perspective, the development of cryptographic modules has also been driven by the aggressive scalability of complementary metal-oxide-semiconductor (CMOS) technology. While advancing into nano-meter regime, one significant characteristic of today's CMOS design is the random nature of process variability, which limits the nominal circuit design. With the continuous scaling of CMOS technology, instead of mitigating the physical variability, leveraging such properties becomes a promising way. One of the famous products adhering to this double-edged sword philosophy is the Physically …
Designing Laboratories For Small Scale Digital Device Forensics, Richard P. Mislan, Tim Wedge
Designing Laboratories For Small Scale Digital Device Forensics, Richard P. Mislan, Tim Wedge
Annual ADFSL Conference on Digital Forensics, Security and Law
The ubiquity of small scale digital devices (SSDD), the public’s ever increasing societal dependence on SSDD, and the continual presence of SSDD at all types of crime scenes, including non-technical and violent crimes, demand a formalized curriculum for the education and training of future cyber forensic examiners. This paper presents the various SSDD forensics labs currently in use and under development for future use at the Purdue University Cyber Forensics Laboratory. The primary objective of each module is to provide specific real-world cases for the learning, comprehension, and understanding of hands-on investigative techniques and methodologies. The purpose of this paper …
Network Forensic Investigation Of Internal Misuse/Crime In Saudi Arabia: A Hacking Case, Abdulrazaq Al-Murjan, Konstantinos Xynos
Network Forensic Investigation Of Internal Misuse/Crime In Saudi Arabia: A Hacking Case, Abdulrazaq Al-Murjan, Konstantinos Xynos
Annual ADFSL Conference on Digital Forensics, Security and Law
There are ad-hoc guidelines and a limited policy on computer incident response that does not include computer forensic preparation procedures (e.g. logging incidents). In addition, these guidelines do not consider the requirement of Islamic law for admissible evidence at an organisational level in Saudi Arabia. Network forensic investigation might breach the Saudi law if they follow ad-hoc or international digital forensic standards such as Association of Chief Police Officers (ACPO) guidelines. This might put the organisation in a costly situation when a malicious employee sues an Islamic court. This is because the law of Saudi Arabia is complying with Islamic …
Paper Session Ii: Computer Forensics Field Triage Process Model, Marcus K. Rogers, James Goldman, Rick Mislan, Timothy Wedge, Steve Debrota
Paper Session Ii: Computer Forensics Field Triage Process Model, Marcus K. Rogers, James Goldman, Rick Mislan, Timothy Wedge, Steve Debrota
Annual ADFSL Conference on Digital Forensics, Security and Law
With the proliferation of digital based evidence, the need for the timely identification, analysis and interpretation of digital evidence is becoming more crucial. In many investigations critical information is required while at the scene or within a short period of time - measured in hours as opposed to days. The traditional cyber forensics approach of seizing a system(s)/media, transporting it to the lab, making a forensic image(s), and then searching the entire system for potential evidence, is no longer appropriate in some circumstances. In cases such as child abductions, pedophiles, missing or exploited persons, time is of the essence. In …
Development Of A National Repository Of Digital Forensic Intelligence, Mark Weiser, David P. Biros, Greg Mosier
Development Of A National Repository Of Digital Forensic Intelligence, Mark Weiser, David P. Biros, Greg Mosier
Annual ADFSL Conference on Digital Forensics, Security and Law
Many people do all of their banking online, we and our children communicate with peers through computer systems, and there are many jobs that require near continuous interaction with computer systems. Criminals, however, are also “connected”, and our online interaction provides them a conduit into our information like never before. Our credit card numbers and other fiscal information are at risk, our children's personal information is exposed to the world, and our professional reputations are on the line.
The discipline of Digital Forensics in law enforcement agencies around the nation and world has grown to match the increased risk and …
Designing A Data Warehouse For Cyber Crimes, Il-Yeol Song, John D. Maguire, Ki Jung Lee, Namyoun Choi, Xiaohua Hu, Peter Chen
Designing A Data Warehouse For Cyber Crimes, Il-Yeol Song, John D. Maguire, Ki Jung Lee, Namyoun Choi, Xiaohua Hu, Peter Chen
Annual ADFSL Conference on Digital Forensics, Security and Law
One of the greatest challenges facing modern society is the rising tide of cyber crimes. These crimes, since they rarely fit the model of conventional crimes, are difficult to investigate, hard to analyze, and difficult to prosecute. Collecting data in a unified framework is a mandatory step that will assist the investigator in sorting through the mountains of data. In this paper, we explore designing a dimensional model for a data warehouse that can be used in analyzing cyber crime data. We also present some interesting queries and the types of cyber crime analyses that can be performed based on …
Towards A Development Of A Mobile Application Security Invasiveness Index, Sam Espana
Towards A Development Of A Mobile Application Security Invasiveness Index, Sam Espana
KSU Proceedings on Cybersecurity Education, Research and Practice
The economic impact of Mobile IP, the standard that allows IP sessions to be maintained even when switching between different cellular towers or networks, has been staggering in terms of both scale and acceleration (Doherty, 2016). As voice communications transition to all-digital, all-IP networks such as 4G, there will be an increase in risk due to vulnerabilities, malware, and hacks that exist for PC-based systems and applications (Harwood, 2011). According to Gostev (2006), in June, 2004, a well-known Spanish virus collector known as VirusBuster, emailed the first known mobile phone virus to Kaspersky Lab, Moscow. Targeting the Symbian OS, the …
A Legal Examination Of Revenge Pornography And Cyber-Harassment, Thomas Lonardo, Tricia Martland, Doug White
A Legal Examination Of Revenge Pornography And Cyber-Harassment, Thomas Lonardo, Tricia Martland, Doug White
Journal of Digital Forensics, Security and Law
This paper examines the current state of the statutes in the United States as they relate to cyber-harassment in the context of "revenge porn". Revenge porn refers to websites which cater to those wishing to exploit, harass, or otherwise antagonize their ex partners using pornographic images and videos which were obtained during their relationships. The paper provide examples and illustrations as well as a summary of current statute in the United States. The paper additionally explores some of the various legal remedies available to victims of revenge pornography.
Special Issue On Cyberharassment Investigation: Advances And Trends, Joanne Bryce, Virginia N. L. Franqueira, Andrew Marrington
Special Issue On Cyberharassment Investigation: Advances And Trends, Joanne Bryce, Virginia N. L. Franqueira, Andrew Marrington
Journal of Digital Forensics, Security and Law
Empirical and anecdotal evidence indicates that cyberharassment is more prevalent as the use of social media becomes increasingly widespread, making geography and physical proximity irrelevant. Cyberharassment can take different forms (e.g., cyberbullying, cyberstalking, cybertrolling), and be motivated by the objectives of inflicting distress, exercising control, impersonation, and defamation. Little is currently known about the modus operandi of offenders and their psychological characteristics. Investigation of these behaviours is particularly challenging because it involves digital evidence distributed across the devices of both alleged offenders and victims, as well as online service providers, sometimes over an extended period of time. This special issue …
Differentiating Cyberbullies And Internet Trolls By Personality Characteristics And Self-Esteem, Lauren A. Zezulka, Kathryn C. Seigfried-Spellar
Differentiating Cyberbullies And Internet Trolls By Personality Characteristics And Self-Esteem, Lauren A. Zezulka, Kathryn C. Seigfried-Spellar
Journal of Digital Forensics, Security and Law
Cyberbullying and internet trolling are both forms of online aggression or cyberharassment; however, research has yet to assess the prevalence of these behaviors in relationship to one another. In addition, the current study was the first to investigate whether individual differences and self-esteem discerned between self-reported cyberbullies and/or internet trolls (i.e., Never engaged in either, Cyberbully-only, Troll-only, Both Cyberbully and Troll). Of 308 respondents solicited from Mechanical Turk, 70 engaged in cyberbullying behaviors, 20 engaged in only trolling behaviors, 129 self-reported both behaviors, and 89 self-reported neither behavior. Results yielded low self-esteem, low conscientiousness, and low internal moral values for …
The Impact Of Low Self-Control On Online Harassment: Interaction With Opportunity., Hyunin Baek, Michael M. Losavio, George E. Higgins
The Impact Of Low Self-Control On Online Harassment: Interaction With Opportunity., Hyunin Baek, Michael M. Losavio, George E. Higgins
Journal of Digital Forensics, Security and Law
Developing Internet technology has increased the rates of youth online harassment. This study examines online harassment from adolescents with low self-control and the moderating effect of opportunity. The data used in this study were collected by the Korea Institute of Criminology in 2009. The total sample size was 1,091. The results indicated that low self-control, opportunity, and gender have a significant influence on online harassment. However, these results differed according to gender; for males, low self-control significantly impacted online harassment; for females, however, only low self-control significantly impacted online harassment. Furthermore, the interaction between low self-control and opportunity did not …
Toward Online Linguistic Surveillance Of Threatening Messages, Brian H. Spitzberg, Jean Mark Gawron
Toward Online Linguistic Surveillance Of Threatening Messages, Brian H. Spitzberg, Jean Mark Gawron
Journal of Digital Forensics, Security and Law
Threats are communicative acts, but it is not always obvious what they communicate or when they communicate imminent credible and serious risk. This paper proposes a research- and theory-based set of over 20 potential linguistic risk indicators that may discriminate credible from non-credible threats within online threat message corpora. Two prongs are proposed: (1) Using expert and layperson ratings to validate subjective scales in relation to annotated known risk messages, and (2) Using the resulting annotated corpora for automated machine learning with computational linguistic analyses to classify non-threats, false threats, and credible threats. Rating scales are proposed, existing threat corpora …
Table Of Contents
Journal of Digital Forensics, Security and Law
No abstract provided.
Physical Layer Defenses Against Primary User Emulation Attacks, Joan A. Betances
Physical Layer Defenses Against Primary User Emulation Attacks, Joan A. Betances
Theses and Dissertations
Cognitive Radio (CR) is a promising technology that works by detecting unused parts of the spectrum and automatically reconfiguring the communication system's parameters in order to operate in the available communication channels while minimizing interference. CR enables efficient use of the Radio Frequency (RF) spectrum by generating waveforms that can coexist with existing users in licensed spectrum bands. Spectrum sensing is one of the most important components of CR systems because it provides awareness of its operating environment, as well as detecting the presence of primary (licensed) users of the spectrum.
Indoor Localization Via Multi-Modal Sensing On Smartphones, Han Xu, Zheng Yang, Zimu Zhou, Longfei Shangguan, Ke Yi, Yunhao Liu
Indoor Localization Via Multi-Modal Sensing On Smartphones, Han Xu, Zheng Yang, Zimu Zhou, Longfei Shangguan, Ke Yi, Yunhao Liu
Research Collection School Of Computing and Information Systems
Indoor localization is of great importance to a wide range ofapplications in shopping malls, office buildings and publicplaces. The maturity of computer vision (CV) techniques andthe ubiquity of smartphone cameras hold promise for offering sub-meter accuracy localization services. However, pureCV-based solutions usually involve hundreds of photos andpre-calibration to construct image database, a labor-intensiveoverhead for practical deployment. We present ClickLoc, anaccurate, easy-to-deploy, sensor-enriched, image-based indoor localization system. With core techniques rooted insemantic information extraction and optimization-based sensor data fusion, ClickLoc is able to bootstrap with few images. Leveraging sensor-enriched photos, ClickLoc also enables user localization with a single photo of the …
Cufa: A More Formal Definition For Digital Forensic Artifacts, Vikram S. Harichandran, Daniel Walnycky, Ibrahim Baggili, Frank Breitinger
Cufa: A More Formal Definition For Digital Forensic Artifacts, Vikram S. Harichandran, Daniel Walnycky, Ibrahim Baggili, Frank Breitinger
Electrical & Computer Engineering and Computer Science Faculty Publications
The term “artifact” currently does not have a formal definition within the domain of cyber/ digital forensics, resulting in a lack of standardized reporting, linguistic understanding between professionals, and efficiency. In this paper we propose a new definition based on a survey we conducted, literature usage, prior definitions of the word itself, and similarities with archival science. This definition includes required fields that all artifacts must have and encompasses the notion of curation. Thus, we propose using a new term e curated forensic artifact (CuFA) e to address items which have been cleared for entry into a CuFA database (one …
Deleting Collected Digital Evidence By Exploiting A Widely Adopted Hardware Write Blocker, Christopher S. Meffert, Ibrahim Baggili, Frank Breitinger
Deleting Collected Digital Evidence By Exploiting A Widely Adopted Hardware Write Blocker, Christopher S. Meffert, Ibrahim Baggili, Frank Breitinger
Electrical & Computer Engineering and Computer Science Faculty Publications
In this primary work we call for the importance of integrating security testing into the process of testing digital forensic tools. We postulate that digital forensic tools are increasing in features (such as network imaging), becoming networkable, and are being proposed as forensic cloud services. This raises the need for testing the security of these tools, especially since digital evidence integrity is of paramount importance. At the time of conducting this work, little to no published anti-forensic research had focused on attacks against the forensic tools/process.We used the TD3, a popular, validated, touch screen disk duplicator and hardware write blocker …
Anti-Forensics: Furthering Digital Forensic Science Through A New Extended, Granular Taxonomy, Kevin Conlan, Ibrahim Baggili, Frank Breitinger
Anti-Forensics: Furthering Digital Forensic Science Through A New Extended, Granular Taxonomy, Kevin Conlan, Ibrahim Baggili, Frank Breitinger
Electrical & Computer Engineering and Computer Science Faculty Publications
Anti-forensic tools, techniques and methods are becoming a formidable obstacle for the digital forensic community. Thus, new research initiatives and strategies must be formulated to address this growing problem. In this work we first collect and categorize 308 antidigital forensic tools to survey the field. We then devise an extended anti-forensic taxonomy to the one proposed by Rogers (2006) in order to create a more comprehensive taxonomy and facilitate linguistic standardization. Our work also takes into consideration anti-forensic activity which utilizes tools that were not originally designed for antiforensic purposes, but can still be used with malicious intent. This category …
Linear Encryption With Keyword Search, Shiwei Zhang, Guomin Yang, Yi Mu
Linear Encryption With Keyword Search, Shiwei Zhang, Guomin Yang, Yi Mu
Research Collection School Of Computing and Information Systems
Nowadays an increasing amount of data stored in the public cloud need to be searched remotely for fast accessing. For the sake of privacy, the remote files are usually encrypted, which makes them difficult to be searched by remote servers. It is also harder to efficiently share encrypted data in the cloud than those in plaintext. In this paper, we develop a searchable encryption framework called Linear Encryption with Keyword Search (LEKS) that can semi-generically convert some existing encryption schemes meeting our Linear Encryption Template (LET) to be searchable without re-encrypting all the data. For allowing easy data sharing, we …