Open Access. Powered by Scholars. Published by Universities.®

National Security Law Commons

Open Access. Powered by Scholars. Published by Universities.®

1719 Full-Text Articles 1486 Authors 677665 Downloads 106 Institutions

All Articles in National Security Law

Faceted Search

1719 full-text articles. Page 7 of 57.

Forensics Analysis Of Privacy Of Portable Web Browsers, Ahmad Ghafarian 2016 Department of Computer Science and Information Systems, Mike Cottrell College of Business

Forensics Analysis Of Privacy Of Portable Web Browsers, Ahmad Ghafarian

Annual ADFSL Conference on Digital Forensics, Security and Law

Web browser vendors offer a portable web browser option which is considered as one of the features that provides user privacy. Portable web browser is a browser that can be launched from a USB flash drive without the need for its installation on the host machine. Most popular web browsers have portable versions of their browsers as well. Portable web browsing poses a great challenge to computer forensic investigators who try to reconstruct the past browsing history, in case of any computer incidence. This research examines various sources in the host machine such as physical memory, temporary, recent, event files ...


Reverse Engineering A Nit That Unmasks Tor Users, Matthew Miller, Joshua Stroschein, Ashley Podhradsky 2016 University of Nebraska at Kearney

Reverse Engineering A Nit That Unmasks Tor Users, Matthew Miller, Joshua Stroschein, Ashley Podhradsky

Annual ADFSL Conference on Digital Forensics, Security and Law

This paper is a case study of a forensic investigation of a Network Investigative Technique (NIT) used by the FBI to deanonymize users of a The Onion Router (Tor) Hidden Service. The forensic investigators were hired by the defense to determine how the NIT worked. The defendant was ac- cused of using a browser to access illegal information. The authors analyzed the source code, binary files and logs that were used by the NIT. The analysis was used to validate that the NIT collected only necessary and legally authorized information. This paper outlines the publicly available case details, how the ...


Malware In The Mobile Device Android Environment, Diana Hintea, Robert Bird, Andrew Walker 2016 Coventry University, School of Computing, Electronics and Maths

Malware In The Mobile Device Android Environment, Diana Hintea, Robert Bird, Andrew Walker

Annual ADFSL Conference on Digital Forensics, Security and Law

exploit smartphone operating systems has exponentially expanded. Android has become the main target to exploit due to having the largest install base amongst the smartphone operating systems and owing to the open access nature in which application installations are permitted. Many Android users are unaware of the risks associated with a malware infection and to what level current malware scanners protect them. This paper tests how efficient the currently available malware scanners are. To achieve this, ten representative Android security products were selected and tested against a set of 5,560 known and categorized Android malware samples. The tests were ...


Forensic Analysis Of Smartphone Applications For Privacy Leakage, Diana Hintea, Chrysanthi Taramonli, Robert Bird, Rezhna Yusuf 2016 Coventry University, School of Computing, Electronics and Maths

Forensic Analysis Of Smartphone Applications For Privacy Leakage, Diana Hintea, Chrysanthi Taramonli, Robert Bird, Rezhna Yusuf

Annual ADFSL Conference on Digital Forensics, Security and Law

Smartphone and tablets are personal devices that have diffused to near universal ubiquity in recent years. As Smartphone users become more privacy-aware and -conscious, research is needed to understand how “leakage” of private information (personally identifiable information – PII) occurs. This study explores how leakage studies in Droid devices should be adapted to Apple iOS devices. The OWASP Zed Attack Proxy (ZAP) is examined for 50 apps in various categories. This study confirms that: (1) most apps transmit unencrypted sensitive PII, (2) SSL is used by some recipient websites, but without corresponding app compliance with SSL, and (3) most apps in ...


Inferring Previously Uninstalled Applications From Residual Partial Artifacts, Jim Jones, Tahir Khan, Kathryn Laskey, Alex Nelson, Mary Laamanen, Douglas White 2016 George Mason University, Fairfax, Virginia, United States

Inferring Previously Uninstalled Applications From Residual Partial Artifacts, Jim Jones, Tahir Khan, Kathryn Laskey, Alex Nelson, Mary Laamanen, Douglas White

Annual ADFSL Conference on Digital Forensics, Security and Law

In this paper, we present an approach and experimental results to suggest the past presence of an application after the application has been uninstalled and the system has remained in use. Current techniques rely on the recovery of intact artifacts and traces, e.g., whole files, Windows Registry entries, or log file entries, while our approach requires no intact artifact recovery and leverages trace evidence in the form of residual partial files. In the case of recently uninstalled applications or an instrumented infrastructure, artifacts and traces may be intact and complete. In most cases, however, digital artifacts and traces are ...


One-Time Pad Encryption Steganography System, Michael J. Pelosi, Gary Kessler, Michael Scott S. Brown 2016 Embry-Riddle Aeronautical University, Daytona Beach, FL

One-Time Pad Encryption Steganography System, Michael J. Pelosi, Gary Kessler, Michael Scott S. Brown

Annual ADFSL Conference on Digital Forensics, Security and Law

In this paper we introduce and describe a novel approach to adaptive image steganography which is combined with One-Time Pad encryption, and demonstrate the software which implements this methodology. Testing using the state-of-the-art steganalysis software tool StegExpose concludes the image hiding is reliably secure and undetectable using reasonably-sized message payloads (≤25% message bits per image pixel; bpp). Payload image file format outputs from the software include PNG, BMP, JP2, JXR, J2K, TIFF, and WEBP. A variety of file output formats is empirically important as most steganalysis programs will only accept PNG, BMP, and possibly JPG, as the file inputs.

Keywords ...


Covert6: A Tool To Corroborate The Existence Of Ipv6 Covert Channels, Raymond A. Hansen, Lourdes Gino, Dominic Savio 2016 Department of Computer and Information Technology, Purdue University

Covert6: A Tool To Corroborate The Existence Of Ipv6 Covert Channels, Raymond A. Hansen, Lourdes Gino, Dominic Savio

Annual ADFSL Conference on Digital Forensics, Security and Law

Covert channels are any communication channel that can be exploited to transfer information in a manner that violates the system’s security policy. Research in the field has shown that, like many communication channels, IPv4 and the TCP/IP protocol suite have been susceptible to covert channels, which could be exploited to leak data or be used for anonymous communications. With the introduction of IPv6, researchers are acutely aware that many vulnerabilities of IPv4 have been remediated in IPv6. However, a proof of concept covert channel system was demonstrated in 2006. A decade later, IPv6 and its related protocols have ...


Applying Grounded Theory Methods To Digital Forensics Research, Ahmed Almarzooqi, Andrew Jones, Richard Howley 2016 Faculty of Technology, De Montfort University

Applying Grounded Theory Methods To Digital Forensics Research, Ahmed Almarzooqi, Andrew Jones, Richard Howley

Annual ADFSL Conference on Digital Forensics, Security and Law

Deciding on a suitable research methodology is challenging for researchers. In this paper, grounded theory is presented as a systematic and comprehensive qualitative methodology in the emergent field of digital forensics research. This paper applies grounded theory in a digital forensics research project undertaken to study how organisations build and manage digital forensics capabilities. This paper gives a step-by-step guideline to explain the procedures and techniques of using grounded theory in digital forensics research. The paper gives a detailed explanation of how the three grounded theory coding methods (open, axial, and selective coding) can be used in digital forensics research ...


Using Computer Behavior Profiles To Differentiate Between Users In A Digital Investigation, Shruti Gupta, Marcus Rogers 2016 Indiana University Purdue University Indianapolis

Using Computer Behavior Profiles To Differentiate Between Users In A Digital Investigation, Shruti Gupta, Marcus Rogers

Annual ADFSL Conference on Digital Forensics, Security and Law

Most digital crimes involve finding evidence on the computer and then linking it to a suspect using login information, such as a username and a password. However, login information is often shared or compromised. In such a situation, there needs to be a way to identify the user without relying exclusively on login credentials. This paper introduces the concept that users may show behavioral traits which might provide more information about the user on the computer. This hypothesis was tested by conducting an experiment in which subjects were required to perform common tasks on a computer, over multiple sessions. The ...


Acceleration Of Statistical Detection Of Zero-Day Malware In The Memory Dump Using Cuda-Enabled Gpu Hardware, Igor Korkin, Iwan Nesterow 2016 Independent Researchers, Moscow, Russia

Acceleration Of Statistical Detection Of Zero-Day Malware In The Memory Dump Using Cuda-Enabled Gpu Hardware, Igor Korkin, Iwan Nesterow

Annual ADFSL Conference on Digital Forensics, Security and Law

This paper focuses on the anticipatory enhancement of methods of detecting stealth software. Cyber security detection tools are insufficiently powerful to reveal the most recent cyber-attacks which use malware. In this paper, we will present first an idea of the highest stealth malware, as this is the most complicated scenario for detection because it combines both existing anti-forensic techniques together with their potential improvements. Second, we will present new detection methods which are resilient to this hidden prototype. To help solve this detection challenge, we have analyzed Windows’ memory content using a new method of Shannon Entropy calculation; methods of ...


Current Challenges And Future Research Areas For Digital Forensic Investigation, David Lillis, Brett A. Becker, Tadhg O’Sullivan, Mark Scanlon 2016 School of Computer Science, University College Dublin, Ireland

Current Challenges And Future Research Areas For Digital Forensic Investigation, David Lillis, Brett A. Becker, Tadhg O’Sullivan, Mark Scanlon

Annual ADFSL Conference on Digital Forensics, Security and Law

Given the ever-increasing prevalence of technology in modern life, there is a corresponding increase in the likelihood of digital devices being pertinent to a criminal investigation or civil litigation. As a direct consequence, the number of investigations requiring digital forensic expertise is resulting in huge digital evidence backlogs being encountered by law enforcement agencies throughout the world. It can be anticipated that the number of cases requiring digital forensic analysis will greatly increase in the future. It is also likely that each case will require the analysis of an increasing number of devices including computers, smartphones, tablets, cloud-based services, Internet ...


Forensic Analysis Of Ares Galaxy Peer-To-Peer Network, Frank Kolenbrander, Nhien-An Le-Khac, Tahar Kechadi 2016 Politieacademie, The Netherlands

Forensic Analysis Of Ares Galaxy Peer-To-Peer Network, Frank Kolenbrander, Nhien-An Le-Khac, Tahar Kechadi

Annual ADFSL Conference on Digital Forensics, Security and Law

Child Abuse Material (CAM) is widely available on P2P networks. Over the last decade several tools were made for 24/7 monitoring of peer-to-peer (P2P) networks to discover suspects that use these networks for downloading and distribution of CAM. For some countries the amount of cases generated by these tools is so great that Law Enforcement (LE) just cannot handle them all. This is not only leading to backlogs and prioritizing of cases but also leading to discussions about the possibility of disrupting these networks and sending warning messages to potential CAM offenders. Recently, investigators are reporting that they are ...


Keynote Speaker, Chuck Easttom 2016 Computer Security and Forensics Expert

Keynote Speaker, Chuck Easttom

Annual ADFSL Conference on Digital Forensics, Security and Law

Conference Keynote Speaker, Chuck Easttom


Decrypting Our Security: A Bipartisan Argument For A Rational Solution To The Encryption Challenge, Jamil N. Jaffer, Daniel J. Rosenthal 2016 George Mason University Law School

Decrypting Our Security: A Bipartisan Argument For A Rational Solution To The Encryption Challenge, Jamil N. Jaffer, Daniel J. Rosenthal

Catholic University Journal of Law and Technology

No abstract provided.


Time To Rethink Cybersecurity Reform: The Opm Data Breach And The Case For Centralized Cybersecurity Infrastructure, Zachary Figueroa 2016 Catholic University of America, Columbus School of Law

Time To Rethink Cybersecurity Reform: The Opm Data Breach And The Case For Centralized Cybersecurity Infrastructure, Zachary Figueroa

Catholic University Journal of Law and Technology

No abstract provided.


The Legal And Political Implications Of The Nypd's Counterterrorism Operations Overseas: The International Liaison Program, Jia Ma 2016 Dickinson College

The Legal And Political Implications Of The Nypd's Counterterrorism Operations Overseas: The International Liaison Program, Jia Ma

Honors Theses By Year

This paper analyzes one of the New York Police Department’s (“NYPD”) signature international endeavors: the International Liaison Program (“ILP”). It focuses on the political and legal bases for creating and maintaining the ILP. Specifically, the paper examines arguments that the ILP may represent a violation of the U.S. constitutional principles and New York law. The paper illustrates that the existence of the ILP reflects deficiencies of the current state of counterterrorism law in the U.S. and the need to build and perfect the legal institution in the area of domestic counterterrorism operations.


Defend And Protect: National Security Restrictions On Foreign Investments In The United States, Matthew Aglialoro 2016 Cornell Law School

Defend And Protect: National Security Restrictions On Foreign Investments In The United States, Matthew Aglialoro

University of Cincinnati Law Review

No abstract provided.


A Problem Of Standards?: Another Perspective On Secret Law, Jonathan Hafetz 2016 College of William & Mary Law School

A Problem Of Standards?: Another Perspective On Secret Law, Jonathan Hafetz

William & Mary Law Review

This Article provides a new perspective on the growth of secret law in the United States. It is widely assumed that the U.S. government’s exercise of national security powers suffers from excessive secrecy. Although secrecy presents significant challenges, it does not alone explain the lack of clarity surrounding the government’s legal justifications for using military force, conducting surveillance, or exercising other national security powers. The Article argues that what is often labeled “secret law” may also be understood as a consequence of how legal standards are used in this context.

The Article draws on the larger rules ...


International Law, Legal Diplomacy, And The Counter-Isil Campaign: Some Observations, Brian Egan 2016 U.S. Naval War College

International Law, Legal Diplomacy, And The Counter-Isil Campaign: Some Observations, Brian Egan

International Law Studies

Speech as prepared for delivery by Brian Egan, Legal Adviser, U.S. Department of State; 110th Annual Meeting of the American Society of International Law Washington, DC, April 1, 2016


A Proposed Enhancement To Un Treaty Enforcement: Regular Recommendations To Civil Society, Benjamin Bloomer 2016 DePaul University

A Proposed Enhancement To Un Treaty Enforcement: Regular Recommendations To Civil Society, Benjamin Bloomer

International Human Rights Law Journal

The UN treaty body system is an imperative component in the enforcement of international human rights law, but it currently does not have the mechanisms sufficient for the effective internalization of international human rights law standards. One of its current mechanisms, namely, concluding observations, are by their nature of being addressed to states insufficient to ensure enforcement in state parties not politically, economically, socially, or culturally inclined to obey the recommendations. This article proposes a new publication that will better foster communication between civil society organizations and treaty bodies, allowing for a more highly coordinated effort of civil society in ...


Digital Commons powered by bepress