Open Access. Powered by Scholars. Published by Universities.®

Information Security Commons

Open Access. Powered by Scholars. Published by Universities.®

1,897 Full-Text Articles 2,368 Authors 541,590 Downloads 102 Institutions

All Articles in Information Security

Faceted Search

1,897 full-text articles. Page 1 of 75.

Project Renew Worcester, Danni Yue, Amy Zhang, Jing Han, Omid Ashrafi, Yiming Xu 2018 Clark University

Project Renew Worcester, Danni Yue, Amy Zhang, Jing Han, Omid Ashrafi, Yiming Xu

School of Professional Studies

n The client for this capstone project is RENEW Worcester which is a fledgling solar power project whose main goals are to bring renewable energy in the form of solar power into local, primarily low-income communities and are committed to the mission of making the transition off of fossil fuels to clean, renewable power. Based in Worcester, Massachusetts, they are a local chapter of Co-op Power which is a consumer-owned sustainable energy cooperative (co-op) made up of numerous different local chapters all over the New England area as well as the state of New York. The problem that we will ...


Security And Privacy In Smart Health: Efficient Policy-Hiding Attribute-Based Access Control, Yinghui ZHANG, Dong ZHENG, Robert H. DENG 2018 Singapore Management University

Security And Privacy In Smart Health: Efficient Policy-Hiding Attribute-Based Access Control, Yinghui Zhang, Dong Zheng, Robert H. Deng

Research Collection School Of Information Systems

With the rapid development of the Internet of Things (IoT) and cloud computing technologies, smart health (s-health) is expected to significantly improve the quality of health care. However, data security and user privacy concerns in s-health have not been adequately addressed. As a well-received solution to realize fine-grained access control, ciphertext-policy attribute-based encryption (CP-ABE) has the potential to ensure data security in s-health. Nevertheless, direct adoption of the traditional CP-ABE in s-health suffers two flaws. For one thing, access policies are in cleartext form and reveal sensitive health-related information in the encrypted s-health records (SHRs). For another, it usually supports ...


Face Detection Using Deep Learning: An Improved Faster Rcnn Approach, Xudong SUN, Pengcheng WU, Steven C. H. HOI 2018 Singapore Management University

Face Detection Using Deep Learning: An Improved Faster Rcnn Approach, Xudong Sun, Pengcheng Wu, Steven C. H. Hoi

Research Collection School Of Information Systems

In this paper, we present a new face detection scheme using deep learning and achieve the state-of-the-art detection performance on the well-known FDDB face detection benchmark evaluation. In particular, we improve the state-of-the-art Faster RCNN framework by combining a number of strategies, including feature concatenation, hard negative mining, multi-scale training, model pre-training, and proper calibration of key parameters. As a consequence, the proposed scheme obtained the state-of-the-art face detection performance and was ranked as one of the best models in terms of ROC curves of the published methods on the FDDB benchmark


Modern Cryptography, Samuel Lopez 2018 California State University - San Bernardino

Modern Cryptography, Samuel Lopez

Electronic Theses, Projects, and Dissertations

We live in an age where we willingly provide our social security number, credit card information, home address and countless other sensitive information over the Internet. Whether you are buying a phone case from Amazon, sending in an on-line job application, or logging into your on-line bank account, you trust that the sensitive data you enter is secure. As our technology and computing power become more sophisticated, so do the tools used by potential hackers to our information. In this paper, the underlying mathematics within ciphers will be looked at to understand the security of modern ciphers.

An extremely important ...


Deaddrop: Message Passing Without Metadata Leakage, Davis Mike Arndt 2018 California Polytechnic State University, San Luis Obispo

Deaddrop: Message Passing Without Metadata Leakage, Davis Mike Arndt

Computer Science

Even when network data is encrypted, observers can make inferences about content based on collected metadata. DeadDrop is an exploratory API designed to protect the metadata of a conversation from both outside observers and the facilitating server. To do so, DeadDrop servers are passed no recipient address, instead relying upon the recipient to check for messages of their own volition. In addition, the recipient downloads a copy of every encrypted message on the server to prevent even the server from knowing to whom each message is intended. To these purposes, DeadDrop is mostly successful. However, it does not obscure all ...


Contents, ADFSL 2018 Embry-Riddle Aeronautical University

Contents, Adfsl

Annual ADFSL Conference on Digital Forensics, Security and Law

No abstract provided.


Front Matter, ADFSL 2018 Embry-Riddle Aeronautical University

Front Matter, Adfsl

Annual ADFSL Conference on Digital Forensics, Security and Law

No abstract provided.


A Survey Of Lawyers’ Cyber Security Practises In Western Australia, Craig Valli, Mike Johnstone, Rochelle Fleming 2018 Edith Cowan University

A Survey Of Lawyers’ Cyber Security Practises In Western Australia, Craig Valli, Mike Johnstone, Rochelle Fleming

Annual ADFSL Conference on Digital Forensics, Security and Law

This paper reports on the results of a survey that is the initial phase of an action research project being conducted with the Law Society of Western Australia. The online survey forms a baseline for the expression of a targeted training regime aimed at improving the cyber security awareness and posture of the membership of the Society. The full complement of over 3000 members were given the opportunity to participate in the survey, with 122 members responding in this initial round. The survey was designed to elicit responses about information technology use and the awareness of good practices with respect ...


Analysis Of Data Erasure Capability On Sshd Drives For Data Recovery, Andrew Blyth 2018 Technology Research Centre, DPG

Analysis Of Data Erasure Capability On Sshd Drives For Data Recovery, Andrew Blyth

Annual ADFSL Conference on Digital Forensics, Security and Law

Data Protection and Computer Forensics/Anti-Forensics has now become a critical area of concern for organizations. A key element to this is how data is sanitized at end of life. In this paper we explore Hybrid Solid State Hybrid Drives (SSHD) and the impact that various Computer Forensics and Data Recovery techniques have when performing data erasure upon a SSHD.


Knowledge Expiration In Security Awareness Training, Tianjian Zhang 2018 Embry-Riddle Aeronautical University

Knowledge Expiration In Security Awareness Training, Tianjian Zhang

Annual ADFSL Conference on Digital Forensics, Security and Law

No abstract provided.


Positive Identification Of Lsb Image Steganography Using Cover Image Comparisons, Michael Pelosi, Nimesh Poudel, Pratap Lamichhane, Devon Lam, Gary Kessler, Joshua MacMonagle 2018 East Central University, Ada Oklahoma

Positive Identification Of Lsb Image Steganography Using Cover Image Comparisons, Michael Pelosi, Nimesh Poudel, Pratap Lamichhane, Devon Lam, Gary Kessler, Joshua Macmonagle

Annual ADFSL Conference on Digital Forensics, Security and Law

In this paper we introduce a new software concept specifically designed to allow the digital forensics professional to clearly identify and attribute instances of LSB image steganography by using the original cover image in side-by-side comparison with a suspected steganographic payload image. The “CounterSteg” software allows detailed analysis and comparison of both the original cover image and any modified image, using sophisticated bit- and color-channel visual depiction graphics. In certain cases, the steganographic software used for message transmission can be identified by the forensic analysis of LSB and other changes in the payload image. The paper demonstrates usage and typical ...


Exploring The Use Of Graph Databases To Catalog Artifacts For Client Forensics, Rose Shumba 2018 Embry-Riddle Aeronautical University

Exploring The Use Of Graph Databases To Catalog Artifacts For Client Forensics, Rose Shumba

Annual ADFSL Conference on Digital Forensics, Security and Law

Cloud computing has revolutionized the methods by which digital data is stored, processed, and transmitted. It is providing users with data storage and processing services, enabling access to resources through multiple devices. Although organizations continue to embrace the advantages of flexibility and scalability offered by cloud computing, insider threats are becoming a serious concern as cited by security researchers. Insiders can use authorized access to steal sensitive information, calling for the need for an investigation. This concept paper describes research in progress towards developing a Neo4j graph database tool to enhance client forensics. The tool, with a Python interface, allows ...


Df 2.0: Designing An Automated, Privacy Preserving, And Efficient Digital Forensic Framework, Robin Verma, Jayaprakash Govindaraj, Gaurav Gupta 2018 Indraprastha Institute of Information Technology Delhi

Df 2.0: Designing An Automated, Privacy Preserving, And Efficient Digital Forensic Framework, Robin Verma, Jayaprakash Govindaraj, Gaurav Gupta

Annual ADFSL Conference on Digital Forensics, Security and Law

The current state of digital forensic investigation is continuously challenged by the rapid technological changes, the increase in the use of digital devices (both the heterogeneity and the count), and the sheer volume of data that these devices could contain. Although it is not directly related to the performance of Digital Forensic Investigation process, preventing data privacy violations during the process is also a big challenge. The investigator gets full access to the forensic image including suspect's private data which may be sensitive at times as well as entirely unrelated to the given case under investigation. With a notion ...


Precognition: Automated Digital Forensic Readiness System For Mobile Computing Devices In Enterprises, Jayaprakash Govindaraj, Robin Verma, Gaurav Gupta 2018 Indraprastha Institute of Information Technology, New Delhi, India

Precognition: Automated Digital Forensic Readiness System For Mobile Computing Devices In Enterprises, Jayaprakash Govindaraj, Robin Verma, Gaurav Gupta

Annual ADFSL Conference on Digital Forensics, Security and Law

Enterprises are facing an unprecedented risk of security incidents due to the influx of emerging technologies, like smartphones and wearables. Most of the current Mobile security systems are not maturing in pace with technological advances. They lack the ability to learn and adapt from the past knowledge base. In the case of a security incident, enterprises find themselves underprepared for the lack of evidence and data. The systems are not designed to be forensic ready. There is a need for automated security analysis and forensically ready solution, which can learn and continuously adapt to new challenges, improve efficiency and productivity ...


Non-Use Of A Mobile Phone During Conducting Crime Can Also Be Evidential, Vinod Polpaya Bhattathiripad Ph D 2018 GJ Software Forensics

Non-Use Of A Mobile Phone During Conducting Crime Can Also Be Evidential, Vinod Polpaya Bhattathiripad Ph D

Annual ADFSL Conference on Digital Forensics, Security and Law

Cyber-clever criminals who are aware of the consequence of using mobile phones during conducting crimes often stay away from their phones while involved in crimes. Some of them even change their handset and SIM card, subsequently. This article looks into how, intentional disassociation (and even unintentional non-use) of mobile phone in (non-cyber) crimes, can become evidential clues of the perpetrators’ involvement in criminal acts. With the help of a recent judicial episode, this article reveals how extremely careful and masterful handling of extensive and voluminous Call Details Records and tower dumps by a cyber-savvy investigating official can unearth evidential clues ...


Live Gpu Forensics: The Process Of Recovering Video Frames From Nvidia Gpu, Yazeed M. Albabtain, Baijian Yang 2018 Purdue University

Live Gpu Forensics: The Process Of Recovering Video Frames From Nvidia Gpu, Yazeed M. Albabtain, Baijian Yang

Annual ADFSL Conference on Digital Forensics, Security and Law

The purpose of this research is to apply a graphics processing unit (GPU) forensics method to recover video artifacts from NVIDIA GPU. The tested video specs are 512 x 512 in resolution for video 1 and 800 x 600 in resolution for video 2. Both videos are mpeg4 video codec. A VLC player was used in the experiment. A special program has been developed using OpenCL to recover 1) patterns that are frames consist of pixel values and 2) dump data from the GPU global memory. The dump data that represent the video frame were located using simple steps. The ...


Unmanned Aerial Vehicle Forensic Investigation Process: Dji Phantom 3 Drone As A Case Study, Alan Roder, Kim-Kwang Raymond Choo, Nhien-A Le-Khac 2018 University of Texas at San Antonio

Unmanned Aerial Vehicle Forensic Investigation Process: Dji Phantom 3 Drone As A Case Study, Alan Roder, Kim-Kwang Raymond Choo, Nhien-A Le-Khac

Annual ADFSL Conference on Digital Forensics, Security and Law

Drones (also known as Unmanned Aerial Vehicles – UAVs) are a potential source of evidence in a digital investigation, partly due to their increasing popularity in our society. However, existing UAV/drone forensics generally rely on conventional digital forensic investigation guidelines such as those of ACPO and NIST, which may not be entirely fit-for-purpose. In this paper, we identify the challenges associated with UAV/drone forensics. We then explore and evaluate existing forensic guidelines, in terms of their effectiveness for UAV/drone forensic investigations. Next, we present our set of guidelines for UAV/drone investigations. Finally, we demonstrate how the proposed ...


Detection And Recovery Of Anti-Forensic (Vault) Applications On Android Devices, Michaila Duncan, Umit Karabiyik 2018 Sam Houston State University

Detection And Recovery Of Anti-Forensic (Vault) Applications On Android Devices, Michaila Duncan, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

Significant number of mobile device users currently employ anti-forensics applications, also known as vault or locker applications, on their mobile devices in order to hide files such as photos. Because of this, investigators are required to spend a large portion of their time manually looking at the applications installed on the device. Currently, there is no automated method of detecting these anti-forensics applications on an Android device. This work presents the creation and testing of a vault application detection system to be used on Android devices. The main goal of this work is twofold: (i) Detecting and reporting the presence ...


Hypervisor-Based Active Data Protection For Integrity And Confidentiality Of Dynamically Allocated Memory In Windows Kernel, Igor Korkin 2018 Embry-Riddle Aeronautical University

Hypervisor-Based Active Data Protection For Integrity And Confidentiality Of Dynamically Allocated Memory In Windows Kernel, Igor Korkin

Annual ADFSL Conference on Digital Forensics, Security and Law

One of the main issues in the OS security is providing trusted code execution in an untrusted environment. During executing, kernel-mode drivers dynamically allocate memory to store and process their data: Windows core kernel structures, users’ private information, and sensitive data of third-party drivers. All this data can be tampered with by kernel-mode malware. Attacks on Windows-based computers can cause not just hiding a malware driver, process privilege escalation, and stealing private data but also failures of industrial CNC machines. Windows built-in security and existing approaches do not provide the integrity and confidentiality of the allocated memory of third-party drivers ...


Why Certified Iot Devices Remain Untrustworthy, Donald Privitera 2018 Kennesaw State University

Why Certified Iot Devices Remain Untrustworthy, Donald Privitera

Master of Science in Information Technology Theses

Digital networked devices also known as Internet of Things (IoT) are ubiquitous today and are now a fundamental part of the functioning of the US digital economy and comprise a significant part of people’s daily activities. These devices have been shown to be insecure in general especially at categories that include any of the following: low-cost, home use, small business, and factory automation. There are continuing research and news reports showing Internet connected devices contain backdoors of various origins whether they be placed intentionally or are discovered as vulnerabilities. These types of devices are of concern because they are ...


Digital Commons powered by bepress