Open Access. Powered by Scholars. Published by Universities.®
Social and Behavioral Sciences Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- Digital forensics (36)
- Computer forensics (17)
- Digital Forensics (15)
- Digital evidence (14)
- Forensics (12)
-
- Computer Forensics (9)
- Privacy (7)
- Data recovery (6)
- Information security (6)
- Cyber crime (5)
- Cyber forensics (5)
- Cyber security (5)
- Data disposal (5)
- Disk analysis (5)
- Visualization (5)
- Cybercrime (4)
- Digital Examiner (4)
- Evidence (4)
- Investigation (4)
- Mobile device forensics (4)
- Private Investigator (4)
- State Statutes (4)
- VoIP (4)
- Approximate matching (3)
- Child pornography (3)
- Clustering (3)
- Computer crime (3)
- Computer security (3)
- Data (3)
- Digital investigation (3)
- Publication Year
- Publication
- Publication Type
Articles 1 - 30 of 491
Full-Text Articles in Social and Behavioral Sciences
Technical Behaviours Of Child Sexual Exploitation Material Offenders, Chad Steel, Emily Newman, Suzanne O'Rourke, Ethel Quayle
Technical Behaviours Of Child Sexual Exploitation Material Offenders, Chad Steel, Emily Newman, Suzanne O'Rourke, Ethel Quayle
Journal of Digital Forensics, Security and Law
An exploration of the technological behaviours of previously convicted child sexual exploitation material (CSEM) offenders provides a foundation for future applied research into deterrence, investigation, and treatment efforts. This study evaluates the technology choices and transitions of individuals previously convicted of CSEM offenses. Based on their inclusion in two sex offender registries, anonymous survey results (n=78) were collected from English-speaking adults within the United States. CSEM offenders chose technologies based on both utility and perceived risk; peer-to-peer and web-browsers were the most common gateway technologies and showed substantial sustained usage; a substantial minority of users never stored CSEM and only …
Microsoft Defender Will Be Defended: Memoryranger Prevents Blinding Windows Av, Denis Pogonin, Igor Korkin, Phd
Microsoft Defender Will Be Defended: Memoryranger Prevents Blinding Windows Av, Denis Pogonin, Igor Korkin, Phd
Annual ADFSL Conference on Digital Forensics, Security and Law
Windows OS is facing a huge rise in kernel attacks. An overview of popular techniques that result in loading kernel drivers will be presented. One of the key targets of modern threats is disabling and blinding Microsoft Defender, a default Windows AV. The analysis of recent driver-based attacks will be given, the challenge is to block them. The survey of user- and kernel-level attacks on Microsoft Defender will be given. One of the recently published attackers’ techniques abuses Mandatory Integrity Control (MIC) and Security Reference Monitor (SRM) by modifying Integrity Level and Debug Privileges for the Microsoft Defender via syscalls. …
Digital Forensics For Mobility As A Service Platform: Analysis Of Uber Application On Iphone And Cloud, Nina Matulis, Umit Karabiyik
Digital Forensics For Mobility As A Service Platform: Analysis Of Uber Application On Iphone And Cloud, Nina Matulis, Umit Karabiyik
Annual ADFSL Conference on Digital Forensics, Security and Law
Uber is a ride-hailing smartphone application (app) that allows users to order a ride in a highly efficient manner. The Uber app provides Mobility as a Service and allows users to easily order a ride in a private car with just a few clicks. Uber stores large amounts of data on both the mobile device the app is being used on, and in the cloud. Examples of this data include geolocation data, date/time, origin/destination addresses, departure/arrival times, and distance. Uber geolocation data has been previously researched to investigate the privacy of the Uber app; however, there is minimal research relating …
Timestamp Estimation From Outdoor Scenes, Tawfiq Salem, Jisoo Hwang, Rafael Padilha
Timestamp Estimation From Outdoor Scenes, Tawfiq Salem, Jisoo Hwang, Rafael Padilha
Annual ADFSL Conference on Digital Forensics, Security and Law
The increasing availability of smartphones allowed people to easily capture and share images on the internet. These images are often associated with metadata, including the image capture time (timestamp) and the location where the image was captured (geolocation). The metadata associated with images provides valuable information to better understand scenes and events presented in these images. The timestamp can be manipulated intentionally to provide false information to convey a twisted version of reality. Images with manipulated timestamps are often used as a cover-up for wrongdoing or broadcasting false claims and competing views on the internet. Estimating the time of capture …
Anatomy Of An Internet Hijack And Interception Attack: A Global And Educational Perspective, Ben A. Scott, Michael N. Johnstone, Patryk Szewczyk
Anatomy Of An Internet Hijack And Interception Attack: A Global And Educational Perspective, Ben A. Scott, Michael N. Johnstone, Patryk Szewczyk
Annual ADFSL Conference on Digital Forensics, Security and Law
The Internet’s underlying vulnerable protocol infrastructure is a rich target for cyber crime, cyber espionage and cyber warfare operations. The stability and security of the Internet infrastructure are important to the function of global matters of state, critical infrastructure, global e-commerce and election systems. There are global approaches to tackle Internet security challenges that include governance, law, educational and technical perspectives. This paper reviews a number of approaches to these challenges, the increasingly surgical attacks that target the underlying vulnerable protocol infrastructure of the Internet, and the extant cyber security education curricula; we find the majority of predominant cyber security …
Smart Home Forensics: Identifying Ddos Attack Patterns On Iot Devices, Samuel Ho, Hope Greeson, Umit Karabiyik
Smart Home Forensics: Identifying Ddos Attack Patterns On Iot Devices, Samuel Ho, Hope Greeson, Umit Karabiyik
Annual ADFSL Conference on Digital Forensics, Security and Law
Smart homes are becoming more common as more people integrate IoT devices into their home environment. As such, these devices have access to personal data on their homeowners’ networks. One of the advantages of IoT devices is that they are compact. However, this limits the incorporation of security measures in their hardware. Misconfigured IoT devices are commonly the target of malicious attacks. Additionally, distributed denial-of-service attacks are becoming more common due to applications and software that provides users with easy-to-use user interfaces. Since one vulnerable device is all an attacker needs to launch an attack on a network, in regards …
The Amorphous Nature Of Hackers: An Exploratory Study, Kento Yasuhara, Daniel Walnycky, Ibrahim Baggili, Ahmed Alhishwan
The Amorphous Nature Of Hackers: An Exploratory Study, Kento Yasuhara, Daniel Walnycky, Ibrahim Baggili, Ahmed Alhishwan
Annual ADFSL Conference on Digital Forensics, Security and Law
In this work, we aim to better understand outsider perspectives of the hacker community through a series of situation based survey questions. By doing this, we hope to gain insight into the overall reputation of hackers from participants in a wide range of technical and non-technical backgrounds. This is important to digital forensics since convicted hackers will be tried by people, each with their own perception of who hackers are. Do cyber crimes and national security issues negatively affect people’s perceptions of hackers? Does hacktivism and information warfare positively affect people’s perception of hackers? Do individual personality factors affect one’s …
Human-Controlled Fuzzing With Afl, Maxim Grishin, Igor Korkin, Phd
Human-Controlled Fuzzing With Afl, Maxim Grishin, Igor Korkin, Phd
Annual ADFSL Conference on Digital Forensics, Security and Law
Fuzzing techniques are applied to reveal different types of bugs and vulnerabilities. American Fuzzy Lop (AFL) is a free most popular software fuzzer used by many other fuzzing frameworks. AFL supports autonomous mode of operation that uses the previous step output into the next step, as a result fuzzer spends a lot of time analyzing minor code sections. By making fuzzing process more focused and human controlled security expert can save time and find more bugs in less time. We designed a new module that can fuzz only the specified functions. As a result, the chosen ones will be inspected …
Detection Of Overlapping Passive Manipulation Techniques In Image Forensics, Gianna S. Lint, Umit Karabiyik
Detection Of Overlapping Passive Manipulation Techniques In Image Forensics, Gianna S. Lint, Umit Karabiyik
Annual ADFSL Conference on Digital Forensics, Security and Law
With a growing number of images uploaded daily to social media sites, it is essential to understand if an image can be used to trace its origin. Forensic investigations are focusing on analyzing images that are uploaded to social media sites resulting in an emphasis on building and validating tools. There has been a strong focus on understanding active manipulation or tampering techniques and building tools for analysis. However, research on manipulation is often studied in a vacuum, involving only one technique at a time. Additionally, less focus has been placed on passive manipulation, which can occur by simply uploading …
A Lightweight Reliably Quantified Deepfake Detection Approach, Tianyi Wang, Kam Pui Chow
A Lightweight Reliably Quantified Deepfake Detection Approach, Tianyi Wang, Kam Pui Chow
Annual ADFSL Conference on Digital Forensics, Security and Law
Deepfake has brought huge threats to society such that everyone can become a potential victim. Current Deepfake detection approaches have unsatisfactory performance in either accuracy or efficiency. Meanwhile, most models are only evaluated on different benchmark test datasets with different accuracies, which could not imitate the real-life Deepfake unknown population. As Deepfake cases have already been raised and brought challenges at the court, it is disappointed that no existing work has studied the model reliability and attempted to make the detection model act as the evidence at the court. We propose a lightweight Deepfake detection deep learning approach using the …
A Low-Cost Machine Learning Based Network Intrusion Detection System With Data Privacy Preservation, Jyoti Fakirah, Lauhim Mahfuz Zishan, Roshni Mooruth, Michael L. Johnstone, Wencheng Yang
A Low-Cost Machine Learning Based Network Intrusion Detection System With Data Privacy Preservation, Jyoti Fakirah, Lauhim Mahfuz Zishan, Roshni Mooruth, Michael L. Johnstone, Wencheng Yang
Annual ADFSL Conference on Digital Forensics, Security and Law
Network intrusion is a well-studied area of cyber security. Current machine learning-based network intrusion detection systems (NIDSs) monitor network data and the patterns within those data but at the cost of presenting significant issues in terms of privacy violations which may threaten end-user privacy. Therefore, to mitigate risk and preserve a balance between security and privacy, it is imperative to protect user privacy with respect to intrusion data. Moreover, cost is a driver of a machine learning-based NIDS because such systems are increasingly being deployed on resource-limited edge devices. To solve these issues, in this paper we propose a NIDS …
Cross Domain Iw Threats To Sof Maritime Missions: Implications For U.S. Sof, Gary C. Kessler, Diane M. Zorri
Cross Domain Iw Threats To Sof Maritime Missions: Implications For U.S. Sof, Gary C. Kessler, Diane M. Zorri
Publications
As cyber vulnerabilities proliferate with the expansion of connected devices, wherein security is often forsaken for ease of use, Special Operations Forces (SOF) cannot escape the obvious, massive risk that they are assuming by incorporating emerging technologies into their toolkits. This is especially true in the maritime sector where SOF operates nearshore in littoral zones. As SOF—in support to the U.S. Navy— increasingly operate in these contested maritime environments, they will gradually encounter more hostile actors looking to exploit digital vulnerabilities. As such, this monograph comes at a perfect time as the world becomes more interconnected but also more vulnerable.
Cyber Supply Chain Risk Management: Implications For The Sof Future Operating Environment, J. Philip Craiger, Laurie Lindamood-Craiger, Diane M. Zorri
Cyber Supply Chain Risk Management: Implications For The Sof Future Operating Environment, J. Philip Craiger, Laurie Lindamood-Craiger, Diane M. Zorri
Publications
The emerging Cyber Supply Chain Risk Management (C-SCRM) concept assists at all levels of the supply chain in managing and mitigating risks, and the authors define C-SCRM as the process of identifying, assessing, and mitigating the risks associated with the distributed and interconnected nature of information and operational technology products and service supply chains. As Special Operations Forces increasingly rely on sophisticated hardware and software products, this quick, well-researched monograph provides a detailed accounting of C-SCRM associated laws, regulations, instructions, tools, and strategies meant to mitigate vulnerabilities and risks—and how we might best manage the evolving and ever-changing array of …
Social Media User Relationship Framework (Smurf), Anne David, Sarah Morris, Gareth Appleby-Thomas
Social Media User Relationship Framework (Smurf), Anne David, Sarah Morris, Gareth Appleby-Thomas
Journal of Digital Forensics, Security and Law
The use of social media has spread through many aspects of society, allowing millions of individuals, corporate as well as government entities to leverage the opportunities it affords. These opportunities often end up being exploited by a small percentage of the user community who use it for objectionable or unlawful activities; for example, trolling, cyber bullying, grooming, luring. In some cases, these unlawful activities result in investigations where swift retrieval of critical evidence required in order to save a life.
This paper presents a proof of concept (PoC) framework for social media user attribution. The framework aims to provide digital …
Towards Increasing Trust In Expert Evidence Derived From Malware Forensic Tools, Ian M. Kennedy, Blaine Price, Arosha Bandara
Towards Increasing Trust In Expert Evidence Derived From Malware Forensic Tools, Ian M. Kennedy, Blaine Price, Arosha Bandara
Journal of Digital Forensics, Security and Law
Following a series of high profile miscarriages of justice in the UK linked to questionable expert evidence, the post of the Forensic Science Regulator was created in 2008. The main objective of this role is to improve the standard of practitioner competences and forensic procedures. One of the key strategies deployed to achieve this is the push to incorporate a greater level of scientific conduct in the various fields of forensic practice. Currently there is no statutory requirement for practitioners to become accredited to continue working with the Criminal Justice System of England and Wales. However, the Forensic Science Regulator …
A Two-Stage Model For Social Network Investigations In Digital Forensics, Anne David, Sarah Morris, Gareth Appleby-Thomas
A Two-Stage Model For Social Network Investigations In Digital Forensics, Anne David, Sarah Morris, Gareth Appleby-Thomas
Journal of Digital Forensics, Security and Law
This paper proposes a two-stage model for identifying and contextualizing features from artefacts created as a result of social networking activity. This technique can be useful in digital investigations and is based on understanding and the deconstruction of the processes that take place prior to, during and after user activity; this includes corroborating artefacts. Digital Investigations are becoming more complex due to factors such as, the volume of data to be examined; different data formats; a wide range of sources for digital evidence; the volatility of data and the limitations of some of the standard digital forensic tools. This paper …
Blocks' Network: Redesign Architecture Based On Blockchain Technology, Moataz Hanif
Blocks' Network: Redesign Architecture Based On Blockchain Technology, Moataz Hanif
Doctoral Dissertations and Master's Theses
The Internet is a global network that uses communication protocols. It is considered the most important system reached by humanity, which no one can abandon. However, this technology has become a weapon that threatens the privacy of users, especially in the client-server model, where data is stored and managed privately. Additionally, users have no power over their data that store in a private server, which means users’ data may interrupt by government or might be sold via service provider for-profit purposes. Furthermore, blockchain is a technology that we can rely on to solve issues related to client-server model if appropriately …
Forensic Analysis Of Spy Applications In Android Devices, Shinelle Hutchinson, Umit Karabiyik
Forensic Analysis Of Spy Applications In Android Devices, Shinelle Hutchinson, Umit Karabiyik
Annual ADFSL Conference on Digital Forensics, Security and Law
Smartphones with Google's Android operating system are becoming more and more popular each year, and with this increased user base, comes increased opportunities to collect more of these users' private data. There have been several instances of malware being made available via the Google Play Store, which is one of the predominant means for users to download applications. One effective way of collecting users' private data is by using Android Spyware. In this paper, we conduct a forensic analysis of a malicious Android spyware application and present our findings. We also highlight what information the application accesses and what it …
A Framework To Reveal Clandestine Organ Trafficking In The Dark Web And Beyond, Michael P. Heinl, Bo Yu, Duminda Wijesekera
A Framework To Reveal Clandestine Organ Trafficking In The Dark Web And Beyond, Michael P. Heinl, Bo Yu, Duminda Wijesekera
Journal of Digital Forensics, Security and Law
Due to the scarcity of transplantable organs, patients have to wait on long lists for many years to get a matching kidney. This scarcity has created an illicit market place for wealthy recipients to avoid long waiting times. Brokers arrange such organ transplants and collect most of the payment that is sometimes channeled to fund other illicit activities. In order to collect and disburse payments, they often resort to money laundering-like schemes of money transfers. As the low-cost Internet arrives in some of the affected countries, social media and the dark web are used to illegally trade human organs. This …
Russia Today, Cyberterrorists Tomorrow: U.S. Failure To Prepare Democracy For Cyberspace, Jonathan F. Lancelot
Russia Today, Cyberterrorists Tomorrow: U.S. Failure To Prepare Democracy For Cyberspace, Jonathan F. Lancelot
Journal of Digital Forensics, Security and Law
This paper is designed to expose vulnerabilities within the US electoral system, the use of cyberspace to exploit weaknesses within the information assurance strategies of the democratic and republican party organizations, and deficiencies within the social media communications and voting machine exploits. A brief history of discriminatory practices in voting rights and voting access will be set as the foundation for the argument that the system is vulnerable in the cyber age, and the need for reform at the local, state and national levels will be emphasized. The possibility of a foreign nation-state influencing the outcome of an election by …
A Bit Like Cash: Understanding Cash-For-Bitcoin Transactions Through Individual Vendors, Stephanie J. Robberson, Mark R. Mccoy
A Bit Like Cash: Understanding Cash-For-Bitcoin Transactions Through Individual Vendors, Stephanie J. Robberson, Mark R. Mccoy
Journal of Digital Forensics, Security and Law
As technology improves and economies become more globalized, the concept of currency has evolved. Bitcoin, a cryptographic digital currency, has been embraced as a secure and convenient type of money. Due to its security and privacy for the user, Bitcoin is a good tool for conducting criminal trades. The Financial Crimes Enforcement Network (FinCEN) has regulations in place to make identification information of Bitcoin purchasers accessible to law enforcement, but enforcing these rules with cash-for-Bitcoin traders is difficult. This study surveyed cash-for-Bitcoin vendors in Oklahoma, Texas, Arkansas, Missouri, Kansas, Colorado, and New Mexico to determine personal demographic information, knowledge of …
Contents, Adfsl
Contents, Adfsl
Annual ADFSL Conference on Digital Forensics, Security and Law
No abstract provided.
Front Matter, Adfsl
Front Matter, Adfsl
Annual ADFSL Conference on Digital Forensics, Security and Law
No abstract provided.
Analysis Of Data Erasure Capability On Sshd Drives For Data Recovery, Andrew Blyth
Analysis Of Data Erasure Capability On Sshd Drives For Data Recovery, Andrew Blyth
Annual ADFSL Conference on Digital Forensics, Security and Law
Data Protection and Computer Forensics/Anti-Forensics has now become a critical area of concern for organizations. A key element to this is how data is sanitized at end of life. In this paper we explore Hybrid Solid State Hybrid Drives (SSHD) and the impact that various Computer Forensics and Data Recovery techniques have when performing data erasure upon a SSHD.
Knowledge Expiration In Security Awareness Training, Tianjian Zhang
Knowledge Expiration In Security Awareness Training, Tianjian Zhang
Annual ADFSL Conference on Digital Forensics, Security and Law
No abstract provided.
Positive Identification Of Lsb Image Steganography Using Cover Image Comparisons, Michael Pelosi, Nimesh Poudel, Pratap Lamichhane, Devon Lam, Gary Kessler, Joshua Macmonagle
Positive Identification Of Lsb Image Steganography Using Cover Image Comparisons, Michael Pelosi, Nimesh Poudel, Pratap Lamichhane, Devon Lam, Gary Kessler, Joshua Macmonagle
Annual ADFSL Conference on Digital Forensics, Security and Law
In this paper we introduce a new software concept specifically designed to allow the digital forensics professional to clearly identify and attribute instances of LSB image steganography by using the original cover image in side-by-side comparison with a suspected steganographic payload image. The “CounterSteg” software allows detailed analysis and comparison of both the original cover image and any modified image, using sophisticated bit- and color-channel visual depiction graphics. In certain cases, the steganographic software used for message transmission can be identified by the forensic analysis of LSB and other changes in the payload image. The paper demonstrates usage and typical …
Exploring The Use Of Graph Databases To Catalog Artifacts For Client Forensics, Rose Shumba
Exploring The Use Of Graph Databases To Catalog Artifacts For Client Forensics, Rose Shumba
Annual ADFSL Conference on Digital Forensics, Security and Law
Cloud computing has revolutionized the methods by which digital data is stored, processed, and transmitted. It is providing users with data storage and processing services, enabling access to resources through multiple devices. Although organizations continue to embrace the advantages of flexibility and scalability offered by cloud computing, insider threats are becoming a serious concern as cited by security researchers. Insiders can use authorized access to steal sensitive information, calling for the need for an investigation. This concept paper describes research in progress towards developing a Neo4j graph database tool to enhance client forensics. The tool, with a Python interface, allows …
Precognition: Automated Digital Forensic Readiness System For Mobile Computing Devices In Enterprises, Jayaprakash Govindaraj, Robin Verma, Gaurav Gupta
Precognition: Automated Digital Forensic Readiness System For Mobile Computing Devices In Enterprises, Jayaprakash Govindaraj, Robin Verma, Gaurav Gupta
Annual ADFSL Conference on Digital Forensics, Security and Law
Enterprises are facing an unprecedented risk of security incidents due to the influx of emerging technologies, like smartphones and wearables. Most of the current Mobile security systems are not maturing in pace with technological advances. They lack the ability to learn and adapt from the past knowledge base. In the case of a security incident, enterprises find themselves underprepared for the lack of evidence and data. The systems are not designed to be forensic ready. There is a need for automated security analysis and forensically ready solution, which can learn and continuously adapt to new challenges, improve efficiency and productivity …
Non-Use Of A Mobile Phone During Conducting Crime Can Also Be Evidential, Vinod Polpaya Bhattathiripad Ph D
Non-Use Of A Mobile Phone During Conducting Crime Can Also Be Evidential, Vinod Polpaya Bhattathiripad Ph D
Annual ADFSL Conference on Digital Forensics, Security and Law
Cyber-clever criminals who are aware of the consequence of using mobile phones during conducting crimes often stay away from their phones while involved in crimes. Some of them even change their handset and SIM card, subsequently. This article looks into how, intentional disassociation (and even unintentional non-use) of mobile phone in (non-cyber) crimes, can become evidential clues of the perpetrators’ involvement in criminal acts. With the help of a recent judicial episode, this article reveals how extremely careful and masterful handling of extensive and voluminous Call Details Records and tower dumps by a cyber-savvy investigating official can unearth evidential clues …
Live Gpu Forensics: The Process Of Recovering Video Frames From Nvidia Gpu, Yazeed M. Albabtain, Baijian Yang
Live Gpu Forensics: The Process Of Recovering Video Frames From Nvidia Gpu, Yazeed M. Albabtain, Baijian Yang
Annual ADFSL Conference on Digital Forensics, Security and Law
The purpose of this research is to apply a graphics processing unit (GPU) forensics method to recover video artifacts from NVIDIA GPU. The tested video specs are 512 x 512 in resolution for video 1 and 800 x 600 in resolution for video 2. Both videos are mpeg4 video codec. A VLC player was used in the experiment. A special program has been developed using OpenCL to recover 1) patterns that are frames consist of pixel values and 2) dump data from the GPU global memory. The dump data that represent the video frame were located using simple steps. The …