Social and Behavioral Sciences Commons^™

Workshop | Body Worn Video Recorders: The Socio-Technical Implications Of Gathering Direct Evidence, Katina Michael, Alexander Hayes

Alexander Hayes Mr.

- From in-car video recording to body-worn video recording

- Exploring available technologies: how do they work, pros and cons

- Storing direct evidence in secure storage: factors to consider

- Citizens “shooting” back with POV tech – what are their rights?

- Crowdsourced sousveillance- harnessing public data for forensic profiling

- Police force policies and practices on the application of new media

What Do We Worry About When We Worry About Price Discrimination? The Law And Ethics Of Using Personal Information For Pricing, Akiva A. Miller

Akiva A Miller

New information technologies have dramatically increased sellers’ ability to engage in retail price discrimination. Debates over using personal information for price discrimination frequently treat it as a single problem, and are not sufficiently sensitive to the variety of price discrimination practices, the different kinds of information they require in order to succeed, and the different ethical concerns they raise. This paper explores the ethical and legal debate over regulating price discrimination facilitated by consumers’ personal information. Various kinds of “privacy remedies”—self-regulation, technological fixes, state regulation, and legislating private causes of legal action—each have their place. By drawing distinctions between various …

The Singapore Personal Data Protection Act And An Assessment Of Future Trends In Data Privacy, Warren B. Chik

Research Collection Yong Pung How School Of Law

In the first part of this paper, I will present and explain the Singapore Personal Data Protection Act (“PDPA”) in the context of legislative developments in the Asian region and against the well-established international baseline privacy standards. In the course of the above evaluation, reference will be made to the national laws and policy on data privacy prior to the enactment of the PDPA as well as current social and market practices in relation to personal data. In the second part of this paper, I will decipher and assess the future trends in data privacy reform and the future development …

Money Laundering Detection Framework To Link The Disparate And Evolving Schemes, Murad Mehmet, Duminda Wijesekera, Miguel F. Buchholtz

Journal of Digital Forensics, Security and Law

Money launderers hide traces of their transactions with the involvement of entities that participate in sophisticated schemes. Money laundering detection requires unraveling concealed connections among multiple but seemingly unrelated human money laundering networks, ties among actors of those schemes, and amounts of funds transferred among those entities. The link among small networks, either financial or social, is the primary factor that facilitates money laundering. Hence, the analysis of relations among money laundering networks is required to present the full structure of complex schemes. We propose a framework that uses sequence matching, case-based analysis, social network analysis, and complex event processing …

The Taxation Of Cloud Computing And Digital Content, David Shakow

All Faculty Scholarship

“Cloud computing” raises important and difficult questions in state tax law, and for Federal taxes, particularly in the foreign tax area. As cloud computing solutions are adopted by businesses, items we view as tangible are transformed into digital products. In this article, I will describe the problems cloud computing poses for tax systems. I will show how current law is applied to cloud computing and will identify the difficulties current approaches face as they are applied to this developing technology.

My primary interest is how Federal tax law applies to cloud computing, particularly as the new technology affects international transactions. …

A Forensic Study Of The Effectiveness Of Selected Anti-Virus Products Against Ssdt Hooking Rootkits, Sami Al-Shaheri, Dale Lindskog, Pavol Zavarsky, Ron Ruhl

Annual ADFSL Conference on Digital Forensics, Security and Law

For Microsoft Windows Operating Systems, both anti-virus products and kernel rootkits often hook the System Service Dispatch Table (SSDT). This research paper investigates the interaction between these two in terms of the SSDT. To investigate these matters, we extracted digital evidence from volatile memory, and studied that evidence using the Volatility framework. Due to the diversity in detection techniques used by the anti-virus products, and the diversity of infection techniques used by rootkits, our investigation produced diverse results, results that helped us to understand several SSDT hooking strategies, and the interaction between the selected anti-virus products and the rootkit samples. …

An Ontology-Based Forensic Analysis Tool, Mohammed Alzaabi, Andy Jones, Thomas A. Martin

Annual ADFSL Conference on Digital Forensics, Security and Law

The analysis of forensic investigation results has generally been identified as the most complex phase of a digital forensic investigation. This phase becomes more complicated and time consuming as the storage capacity of digital devices is increasing, while at the same time the prices of those devices are decreasing. Although there are some tools and techniques that assist the investigator in the analysis of digital evidence, they do not adequately address some of the serious challenges, particularly with the time and effort required to conduct such tasks. In this paper, we consider the use of semantic web technologies and in …

First Glance: An Introductory Analysis Of Network Forensics Of Tor, Raymond Hansen

Annual ADFSL Conference on Digital Forensics, Security and Law

The Tor network is a low-latency overlay network for TCP flows that is designed to provide privacy and anonymity to its users. It is currently in use by many as a means to avoid censorship of both information to be shared and information to be retrieved. This paper details the architecture of the Tor network as a platform for evaluating the current state of forensic analysis of the Tor network. Specific attempts to block access to the Tor network are examined to identify (a) the processes utilized to identify Tor nodes, and (b) the resulting exposure of potentially inculpatory evidence. …

A Thematic Review Of User Compliance With Information Security Policies Literature, David Sikolia

Annual ADFSL Conference on Digital Forensics, Security and Law

The adoption of computer and internet technology has greatly improved the way businesses operate. However the risk to the confidentiality, integrity and availability of organizational data and systems has greatly increased too. Information security is an ever present concern for all organizations. Financial estimates of the impact of security breaches to information and technology resources range from hundreds of billions to over one trillion dollars each year worldwide (D'Arcy et al., 2011b). Organizations have therefore developed a combination of technical, administrative, and physical controls to reduce this risk (D'Arcy et al., 2011a). Administrative measures include the development of information security …

Journey Into Windows 8 Recovery Artifacts, W. K. Johnson

Annual ADFSL Conference on Digital Forensics, Security and Law

One of the most difficult processes of digital forensics is to understand how new technology interacts with current technology and how digital forensic analysts can utilize current Digital Forensics technologies and processes to recover and find information hidden. Microsoft has released their new operating system Windows 8, with this new release Microsoft has added some features to the operating system that will present some interesting complications to digital forensics. Since the initial release of the Windows 8 Release Candidates there have been some research released that focus primarily on the new user created artifacts and a few artifacts that have …

An Image Forensic Scheme With Robust And Fragile Watermarking For Business Documents, Sai Ho Kwok

Annual ADFSL Conference on Digital Forensics, Security and Law

This paper proposes an image forensic scheme with both robust and fragile watermarking techniques for business documents. Through a dual watermarking approach, the proposed scheme can achieve image forensics objectives of (a) identification of source; (b) authentication of documents; and (c) locating the tempered areas of documents due to attacks. An example is presented to prove the concepts of the proposed scheme.

Keywords: Image Forensics, Fragile and Robust Watermarking, Business Document.

Significance Of Semantic Reconciliation In Digital Forensics, Nickson M. Karie, H. S. Venter

Annual ADFSL Conference on Digital Forensics, Security and Law

Digital forensics (DF) is a growing field that is gaining popularity among many computer professionals, law enforcement agencies and other stakeholders who must always cooperate in this profession. Unfortunately, this has created an environment replete with semantic disparities within the domain that needs to be resolved and/or eliminated. For the purpose of this study, semantic disparity refers to disagreements about the meaning, interpretation, descriptions and the intended use of the same or related data and terminologies. If semantic disparity is not detected and resolved, it may lead to misunderstandings. Even worse, since the people involved may not be from the …

System-Generated Digital Forensic Evidence In Graphic Design Applications, Enos Mabuto, Hein Venter

Annual ADFSL Conference on Digital Forensics, Security and Law

Graphic design applications are often used for the editing and design of digital art. The same applications can be used for creating counterfeit documents such as identity documents (IDs), driver’s licences, passports, etc. However, the use of any graphic design application leaves behind traces of digital information that can be used during a digital forensic investigation. Current digital forensic tools examine a system to find digital evidence, but they do not examine a system specifically for the creating of counterfeit documents created through the use of graphic design applications. The paper in hand reviews the system-generated digital forensic evidence gathered …

Money Laundering Detection Framework To Link The Disparate And Evolving Schemes, Murad Mehmet, Duminda Wijesekera, Miguel F. Buchholtz

Annual ADFSL Conference on Digital Forensics, Security and Law

Money launderers hide traces of their transactions with the involvement of entities that participate in sophisticated schemes. Money laundering detection requires unraveling concealed connections among multiple but seemingly unrelated human money laundering networks, ties among actors of those schemes, and amounts of funds transferred among those entities. The link among small networks, either financial or social, is the primary factor that facilitates money laundering. Hence, the analysis of relations among money laundering networks is required to present the full structure of complex schemes. We propose a framework that uses sequence matching, case-based analysis, social network analysis, and complex event processing …

Identifying Peer-To-Peer Traffic On Shared Wireless Networks, Simon Piel, Ej Jung

Annual ADFSL Conference on Digital Forensics, Security and Law

Tracing contraband downloads leads investigators to an IP address, and in turn Internet Service Providers (ISP) can provide a physical location using this IP address. However, most homes and offices share this IP address among many computers using wireless networks. In other words, there needs to be another investigation to find out which computer was responsible for contraband downloads. To make matters worse, these shared wireless networks often have vulnerabilities in access control such as using WEP or using weak passwords. In such cases, any computer in range, not necessarily at the given physical address, could be responsible. We use …

On Resolving The Cloud Forensics Conundrum, John Bagby

Annual ADFSL Conference on Digital Forensics, Security and Law

The “cloud” is idiom for an ill-defined set of online services. The cloud simultaneously offers IT savings and promises advances in functionality (e.g., ubiquity). However, the cloud also imposes poorly understood burdens on security and it may provoke injustice. Thus, the cloud presents a durable and seemingly irreconcilable conundrum for the digital forensics communit(ies). First, cloud proponents make efficiency promises for cloud services (SaaS, IaaS, PaaS). These translate well into the digital forensics domain. Indeed, the cloud may enable crowd sourcing of investigatory data vastly lowering costs of dispute resolution. For example, cloud-based litigation war rooms may reduce electronic discovery …

Cybercrime And Punishment: An Analysis Of The Deontological And Utilitarian Functions Of Punishment In The Information Age, Karim Jetha

Annual ADFSL Conference on Digital Forensics, Security and Law

This conceptual piece analyzes the role of criminal punishment and the nature of cyber crime to investigate whether the current punishment schemes are appropriate given the deontological and utilitarian goals of punishment: retribution, deterrence, incapacitation, and rehabilitation. The research has implications for policymaking in cybercriminal law.

Keywords: cybercrime, criminal law, punishment, retribution, deterrence, information economics

The Development Of Computer Forensic Legal System In China, Yonghao Mai, K. P. Chow, Rongsheng Xu, Gang Zhou, Fei Xu, Jun Zhang

Annual ADFSL Conference on Digital Forensics, Security and Law

The computer forensic discipline was established around 2000 in China, which was further developed along with Chinese judicial appraisal system in 2005. The new criminal and civil procedure laws of the People’s Republic of China was enacted on 1 Jan 2013. The new laws specified electronic data is legal evidence and has great impact on the current practice on handling electronic evidence. This paper introduces the electronic data and electronic evidence examination procedure in mainland China, the general concept of computer forensic legal system, the management of computer judicial experts, the management of computer judicial expertise institutions.

Keywords: China legal …

Snopa And The Ppa: Do You Know What It Means For You? If Snopa (Social Networking Online Protection Act) Or Ppa (Password Protection Act) Do Not Pass, The Snooping Could Cause You Trouble, Angela Goodrum

Angela Goodrum

No abstract provided.

Copyright Freeconomics, John M. Newman

John M. Newman

Innovation has wreaked creative destruction on traditional content platforms. During the decade following Napster’s rise and fall, industry organizations launched litigation campaigns to combat the dramatic downward pricing pressure created by the advent of zero-price, copyright-infringing content. These campaigns attracted a torrent of debate, still ongoing, among scholars and stakeholders—but this debate has missed the forest for the trees. Industry organizations have abandoned litigation efforts, and many copyright owners now compete directly with infringing products by offering licit content at a price of $0.

This sea change has ushered in an era of “copyright freeconomics.” Drawing on an emerging body …

Wie Featured Person Of The Month Highlights (Katina Michael), Keyana Tenant, Katina Michael

Professor Katina Michael

The WIE Featured Person of the Month is Katina Michael, editor-in-chief of IEEE Technology and Society Magazine. After working at OTIS Elevator Company and Andersen Consulting, Katina was offered and exciting graduate engineering position at Nortel in 1996; and her career has been fast track from there. Read Katina’s story on Page 7.

Natural Disasters And Early Warning Systems In Australia, Emma Papaemanuel, Katina Michael, Peter Johnston

Professor Katina Michael

Australia's national emergency warning system alerts. Radio program in Greek.

Are Disaster Early Warnings Effective?, Kerri Worthington, Katina Michael, Peter Johnson, Paul Barnes

Professor Katina Michael

Australia's summer is traditionally a time of heightened preparation for natural disasters, with cyclones and floods menacing the north and bushfires a constant threat in the south. And the prospect of more frequent, and more intense, disasters thanks to climate change has brought the need for an effective early warning system to the forefront of policy-making. Technological advances and improved telecommunication systems have raised expectations that warning of disasters will come early enough to keep people safe. But are those expectations too high? Kerri Worthington reports. Increasingly, the world's governments -- and their citizens -- rely on technology-based early warning …

Concern People Without Latest Technology Will Miss Fire Warnings, Sally Sara, Ashley Hall, Peter Johnson, Katina Michael

Professor Katina Michael

But what if the website goes down in the way Victoria's Country Fire Authority website crashed as fires raged a few weeks ago? What about those people who don't own the latest technology? And what happens when the power goes out?

KATINA MICHAEL: Well there's no television, there isn't ability to access the internet potentially.

ASHLEY HALL: Professor Katina Michael is Associate Professor at the School of Information Systems and Technology at the University of Wollongong.

KATINA MICHAEL: I would suggest a long lasting powered radio because we don't want is we don't want when the lights go out, or …

Adequate Attribution: A Framework For Developing A National Policy For Private Sector Use Of Active Defense, Shane Mcgee, Randy V. Sabett, Anand Shah

Journal of Business & Technology Law

No abstract provided.

Book Review: Iphone And Ios Forensic: Investigation, Analysis And Mobile Security For Apple Iphone, Ipad And Ios Devices, Simson Garfinkel

Journal of Digital Forensics, Security and Law

In April 2011 news outlets around the world revealed shocking news about Apple’s iPhone: for reasons that were not apparently clear, every iPhone contained a small SQLite database that logged where and when the user had been whenever the phone was turned on, and those records went back for pretty much as long as the user had owned their phone. Apple eventually declared that the data cache was the result of a bug and issued a software update to prune the database (it had previously grown without limit). Privacy activists rejoiced that their beloved iPhones were once again trustworthy. But …

Book Review: Professional Penetration Testing: Creating And Learning In A Hacking Lab 2e, Joshua Bartolomie

Journal of Digital Forensics, Security and Law

Organizations often strive for proactive information security programs in an effort to limit occurrence and impact of security breaches. However, traditional security programs run the risk of being unable to provide adequate insight and proactive awareness into real attack vectors that may exist within their organizations. With attack methods and efforts becoming increasingly aggressive, and effective, organizations must take equally assertive measures to protect their critical information and assets. Penetration testing is one of those tools that is often misunderstood, overlooked, and undervalued. A true adversary would not hesitate to exploit every potential to gain entry or cause a disruption …

The Internet, Anonymous, And Our Public Identities Recreating Democracy, Leslie Anne Hutchinson

Theses Digitization Project

This study discusses the pursuit of understanding how the discursive construction of the internet affects individuals, identities, and democracy. it also discusses the internet within theoretical positions on its history, the public sphere, and revolutionary politics. Western governments have created legislation regulating the internet for democratic purposes, and this study examines how different and often contrasting views of democracy have shaped the way those of us connected to the internet can speak about it. The Anonymous identity, articulates one such contrast. Anonymous constructs an alternative, Internet identity-one stemming from the identity of the hacker. Policies targeted at stopping hackers and …

Is There A Role For Common Carriage In An Internet-Based World?, Christopher S. Yoo

All Faculty Scholarship

During the course of the network neutrality debate, advocates have proposed extending common carriage regulation to broadband Internet access services. Others have endorsed extending common carriage to a wide range of other Internet-based services, including search engines, cloud computing, Apple devices, online maps, and social networks. All too often, however, those who focus exclusively on the Internet era pay too little attention to the lessons of the legacy of regulated industries, which has long struggled to develop a coherent rationale for determining which industries should be subject to common carriage. Of the four rationales for determining the scope of common …

Measuring Inconsistency Methods For Evidentiary Value, Fred Cohen

Journal of Digital Forensics, Security and Law

Many inconsistency analysis methods may be used to detect altered records or statements. But for admission as evidence, the reliability of the method has to be determined and measured. For example, in China, for evidence to be admitted, it has to have 95% certainty of being correct,1 and that certainty must be shown to the court, while in the US, evidence is admitted if it is more probative than prejudicial (a >50% standard).2 In either case, it is necessary to provide a measurement of some sort in order to pass muster under challenges from the other side. And in most …