Computer Law Commons^™

Contents, Adfsl

Annual ADFSL Conference on Digital Forensics, Security and Law

No abstract provided.

Front Matter, Adfsl

Annual ADFSL Conference on Digital Forensics, Security and Law

No abstract provided.

A Survey Of Lawyers’ Cyber Security Practises In Western Australia, Craig Valli, Mike Johnstone, Rochelle Fleming

Annual ADFSL Conference on Digital Forensics, Security and Law

This paper reports on the results of a survey that is the initial phase of an action research project being conducted with the Law Society of Western Australia. The online survey forms a baseline for the expression of a targeted training regime aimed at improving the cyber security awareness and posture of the membership of the Society. The full complement of over 3000 members were given the opportunity to participate in the survey, with 122 members responding in this initial round. The survey was designed to elicit responses about information technology use and the awareness of good practices with respect …

Analysis Of Data Erasure Capability On Sshd Drives For Data Recovery, Andrew Blyth

Annual ADFSL Conference on Digital Forensics, Security and Law

Data Protection and Computer Forensics/Anti-Forensics has now become a critical area of concern for organizations. A key element to this is how data is sanitized at end of life. In this paper we explore Hybrid Solid State Hybrid Drives (SSHD) and the impact that various Computer Forensics and Data Recovery techniques have when performing data erasure upon a SSHD.

Knowledge Expiration In Security Awareness Training, Tianjian Zhang

Annual ADFSL Conference on Digital Forensics, Security and Law

No abstract provided.

Positive Identification Of Lsb Image Steganography Using Cover Image Comparisons, Michael Pelosi, Nimesh Poudel, Pratap Lamichhane, Devon Lam, Gary Kessler, Joshua Macmonagle

Annual ADFSL Conference on Digital Forensics, Security and Law

In this paper we introduce a new software concept specifically designed to allow the digital forensics professional to clearly identify and attribute instances of LSB image steganography by using the original cover image in side-by-side comparison with a suspected steganographic payload image. The “CounterSteg” software allows detailed analysis and comparison of both the original cover image and any modified image, using sophisticated bit- and color-channel visual depiction graphics. In certain cases, the steganographic software used for message transmission can be identified by the forensic analysis of LSB and other changes in the payload image. The paper demonstrates usage and typical …

Exploring The Use Of Graph Databases To Catalog Artifacts For Client Forensics, Rose Shumba

Annual ADFSL Conference on Digital Forensics, Security and Law

Cloud computing has revolutionized the methods by which digital data is stored, processed, and transmitted. It is providing users with data storage and processing services, enabling access to resources through multiple devices. Although organizations continue to embrace the advantages of flexibility and scalability offered by cloud computing, insider threats are becoming a serious concern as cited by security researchers. Insiders can use authorized access to steal sensitive information, calling for the need for an investigation. This concept paper describes research in progress towards developing a Neo4j graph database tool to enhance client forensics. The tool, with a Python interface, allows …

Non-Use Of A Mobile Phone During Conducting Crime Can Also Be Evidential, Vinod Polpaya Bhattathiripad Ph D

Annual ADFSL Conference on Digital Forensics, Security and Law

Cyber-clever criminals who are aware of the consequence of using mobile phones during conducting crimes often stay away from their phones while involved in crimes. Some of them even change their handset and SIM card, subsequently. This article looks into how, intentional disassociation (and even unintentional non-use) of mobile phone in (non-cyber) crimes, can become evidential clues of the perpetrators’ involvement in criminal acts. With the help of a recent judicial episode, this article reveals how extremely careful and masterful handling of extensive and voluminous Call Details Records and tower dumps by a cyber-savvy investigating official can unearth evidential clues …

Forensic Analysis Of The Exfat Artifacts, Yves Vandermeer, An Lekhac, Tahar Kechadi, Joe Carthy

Annual ADFSL Conference on Digital Forensics, Security and Law

Although keeping some basic concepts inherited from FAT32, the exFAT file system introduces many differences, such as the new mapping scheme of directory entries. The combination of exFAT mapping scheme with the allocation of bitmap files and the use of FAT leads to new forensic possibilities. The recovery of deleted files, including fragmented ones and carving becomes more accurate compared with former forensic processes. Nowadays, the accurate and sound forensic analysis is more than ever needed, as there is a high risk of erroneous interpretation. Indeed, most of the related work in the literature on exFAT structure and forensics, is …

Live Gpu Forensics: The Process Of Recovering Video Frames From Nvidia Gpu, Yazeed M. Albabtain, Baijian Yang

Annual ADFSL Conference on Digital Forensics, Security and Law

The purpose of this research is to apply a graphics processing unit (GPU) forensics method to recover video artifacts from NVIDIA GPU. The tested video specs are 512 x 512 in resolution for video 1 and 800 x 600 in resolution for video 2. Both videos are mpeg4 video codec. A VLC player was used in the experiment. A special program has been developed using OpenCL to recover 1) patterns that are frames consist of pixel values and 2) dump data from the GPU global memory. The dump data that represent the video frame were located using simple steps. The …

Unmanned Aerial Vehicle Forensic Investigation Process: Dji Phantom 3 Drone As A Case Study, Alan Roder, Kim-Kwang Raymond Choo, Nhien-A Le-Khac

Annual ADFSL Conference on Digital Forensics, Security and Law

Drones (also known as Unmanned Aerial Vehicles – UAVs) are a potential source of evidence in a digital investigation, partly due to their increasing popularity in our society. However, existing UAV/drone forensics generally rely on conventional digital forensic investigation guidelines such as those of ACPO and NIST, which may not be entirely fit-for-purpose. In this paper, we identify the challenges associated with UAV/drone forensics. We then explore and evaluate existing forensic guidelines, in terms of their effectiveness for UAV/drone forensic investigations. Next, we present our set of guidelines for UAV/drone investigations. Finally, we demonstrate how the proposed guidelines can be …

Detection And Recovery Of Anti-Forensic (Vault) Applications On Android Devices, Michaila Duncan, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

Significant number of mobile device users currently employ anti-forensics applications, also known as vault or locker applications, on their mobile devices in order to hide files such as photos. Because of this, investigators are required to spend a large portion of their time manually looking at the applications installed on the device. Currently, there is no automated method of detecting these anti-forensics applications on an Android device. This work presents the creation and testing of a vault application detection system to be used on Android devices. The main goal of this work is twofold: (i) Detecting and reporting the presence …

Cybersecurity And The Rights Of The Internet User In France, Jennifer Cross

Georgia Journal of International & Comparative Law

No abstract provided.

Crashed Software: Assessing Product Liability For Software Defects In Automated Vehicles, Sunghyo Kim

Duke Law & Technology Review

Automated vehicles will not only redefine the role of drivers, but also present new challenges in assessing product liability. In light of the increased risks of software defects in automated vehicles, this Note will review the current legal and regulatory framework related to product liability and assess the challenges in addressing on-board software defects and cybersecurity breaches from both the consumer and manufacturer perspective. While manufacturers are expected to assume more responsibility for accidents as vehicles become fully automated, it can be difficult to determine the scope of liability regarding unexpected software defects. On the other hand, consumers face new …

Symbols, Systems, And Software As Intellectual Property: Time For Contu, Part Ii?, Timothy K. Armstrong

Michigan Telecommunications & Technology Law Review

The functional nature of computer software underlies two propositions that were, until recently, fairly well settled in intellectual property law: first, that software, like other utilitarian articles, may qualify for patent protection; and second, that the scope of copyright protection for software is comparatively limited. Both propositions have become considerably shakier as a result of recent court decisions. Following Alice Corp. v. CLS Bank Int’l, 134 S. Ct. 2347 (2014), the lower courts have invalidated many software patents as unprotectable subject matter. Meanwhile, Oracle America v. Google Inc., 750 F.3d 1339 (Fed. Cir. 2014) extended far more expansive copyright protection …

The Pragmatic Disappointment Of State Preemption: The 2016 Defend Trade Secrets Act And Its Failure To Protect Employee Whistleblowers From Federal Computer Crime Law, Kristine Craig

Journal of Legislation

No abstract provided.

The Court Must Play Its Interpretative Role: Defending The Defend Trade Secrets Act’S Extraterritorial Reach, Jada M. Colon

The University of Cincinnati Intellectual Property and Computer Law Journal

The exact reach of the Defend Trade Secrets Act’s extraterritoriality provision has yet to be interpreted by the courts. If United States securities, trademark, and antitrust law serves as any indication of what is to be expected, the Defend Trade Secrets Act may be subject to an inconsistent array of interpretation. When faced with interpreting the extraterritorial scope of the Defend Trade Secrets Act for the first time, the court must set a strong precedent by enacting a single, uniform effects test that will not falter when applied in different circumstances and by different circuits. Courts interpreting United States securities, …

“Private” Cybersecurity Standards? Cyberspace Governance, Multistakeholderism, And The (Ir)Relevance Of The Tbt Regime, Shin-Yi Peng

Cornell International Law Journal

We are now living in a hyper-connected world, with a myriad of devices continuously linked to the Internet. Our growing dependence on such devices exposes us to a variety of cybersecurity threats. This ever-increasing connectivity means that vulnerabilities can be introduced at any phase of the software development cycle. Cybersecurity risk management, therefore, is more important than ever to governments at all developmental stages as well as to companies of all sizes and across all sectors. The awareness of cybersecurity threats affects the importance placed on the use of standards and certification as an approach.

How Machines Learn: Where Do Companies Get Data For Machine Learning And What Licenses Do They Need?, Rachel Wilka, Rachel Landy, Scott A. Mckinney

Washington Journal of Law, Technology & Arts

Machine learning services ingest customer data in order to provide refined, customized services. Machine learning algorithms are increasingly prominent in multiple sectors within the software-as-a-service industry including online advertising, health diagnostics, and travel. However, very little has been written on the rights a company utilizing machine learning needs to obtain in order to use customer data to improve its own products or services. Machine learning encompasses multiple types of data use and analysis, including (a) supervised machine learning algorithms, which take specific data provided in a tagged and classified format to deliver specific predictable output; and (b) unsupervised machine learning …

Accessible Reliable Tax Advice, Emily Cauble

University of Michigan Journal of Law Reform

Unsophisticated taxpayers who lack financial resources are disadvantaged by a shortage of adequate tax advice. The IRS does not have the resources to answer all questions asked, and the IRS’s informal advice comes with no guarantee as to its accuracy and offers the taxpayer no protection when it is mistaken. Furthermore, non-IRS sources of advice have not sufficiently filled the void left by a lack of satisfactory IRS guidance. These biases against unsophisticated taxpayers have been noted by existing literature. This Article contributes to existing literature by proposing several novel reform measures to assist unsophisticated taxpayers.

First, with respect to …