Information Security Commons^™

On The Development Of A Digital Forensics Curriculum, Manghui Tu, Dianxiang Xu, Samsuddin Wira, Cristian Balan, Kyle Cronin

Journal of Digital Forensics, Security and Law

Computer Crime and computer related incidents continue their prevalence and frequency, resulting in losses approaching billions of dollars. To fight against these crimes and frauds, it is urgent to develop digital forensics education programs to train a suitable workforce that can effectively investigate computer crimes and incidents. There is presently no standard to guide the design of digital forensics curriculum for an academic program. In this research, previous work on digital forensics curriculum design and existing education programs are thoroughly investigated. Both digital forensics educators and practitioners were surveyed and results were analyzed to determine the industry and law enforcement …

Automatic Crash Recovery: Internet Explorer's Black Box, John Moran, Douglas Orr

Journal of Digital Forensics, Security and Law

A good portion of today's investigations include, at least in part, an examination of the user's web history. Although it has lost ground over the past several years, Microsoft's Internet Explorer still accounts for a large portion of the web browser market share. Most users are now aware that Internet Explorer will save browsing history, user names, passwords and form history. Consequently some users seek to eliminate these artifacts, leaving behind less evidence for examiners to discover during investigations. However, most users, and probably a good portion of examiners are unaware Automatic Crash Recovery can leave a gold mine of …

To License Or Not To License Updated: An Examination Of State Statutes Regarding Private Investigators And Digital Examiners, Thomas Lonardo, Doug White, Alan Rea

Journal of Digital Forensics, Security and Law

In this update to the 2009 year's study, the authors examine statutes that regulate, license, and enforce investigative functions in each US state. After identification and review of Private Investigator licensing requirements, the authors find that very few state statutes explicitly differentiate between Private Investigators and Digital Examiners, but do see a trend of more states making some distinction. The authors contacted all state regulatory agencies where statutory language was not explicit, and as a result, set forth the various state approaches to professional Digital Examiner licensing. As was the case in the previous two iterations of this research, the …

Book Review: Dispute Resolution And E-Discovery, Milton Luoma

Journal of Digital Forensics, Security and Law

As is apparent from its title, this book tackles two very current and difficult legal issues – electronic discovery and dispute resolution. The authors tie the two legal concepts together in an effort to provide litigants and practitioners a less expensive and less time consuming alternative than is typically the case with traditional litigation and court proceedings. By including electronic discovery in the discussions, the authors recognize the importance and significance of electronic discovery in mediation and arbitration as it is in traditional litigation.

Extraction Of Electronic Evidence From Voip: Identification & Analysis Of Digital Speech, David Irwin, Arek Dadej, Jill Slay

Journal of Digital Forensics, Security and Law

The Voice over Internet Protocol (VoIP) is increasing in popularity as a cost effective and efficient means of making telephone calls via the Internet. However, VoIP may also be an attractive method of communication to criminals as their true identity may be hidden and voice and video communications are encrypted as they are deployed across the Internet. This produces a new set of challenges for forensic analysts compared with traditional wire-tapping of the Public Switched Telephone Network (PSTN) infrastructure, which is not applicable to VoIP. Therefore, other methods of recovering electronic evidence from VoIP are required. This research investigates the …

The Science Of Digital Forensics: Recovery Of Data From Overwritten Areas Of Magnetic Media, Fred Cohen

Journal of Digital Forensics, Security and Law

The first time I encountered data loss and recovery effects of magnetic memory was as a night and weekend computer operator for the computer science department of Carnegie-Mellon University in the 1973-1974 time frame. Part of my job involved dealing directly with outages and failures associated with magnetic memory components used in what, at the time, were large computer systems. On occasions, portions of magnetic core memory or disk drives would encounter various failure modes and the systems using these devices would have to be reconfigured to operate without the failed components until repair personnel could come in to repair …

An Australian Perspective On The Challenges For Computer And Network Security For Novice Endusers, Patryk Szewczyk

Journal of Digital Forensics, Security and Law

It is common for end-users to have difficulty in using computer or network security appropriately and thus have often been ridiculed when misinterpreting instructions or procedures. This discussion paper details the outcomes of research undertaken over the past six years on why security is overly complex for endusers. The results indicate that multiple issues may render end-users vulnerable to security threats and that there is no single solution to address these problems. Studies on a small group of senior citizens has shown that educational seminars can be beneficial in ensuring that simple security aspects are understood and used appropriately.

Implementing The Automated Phases Of The Partially-Automated Digital Triage Process Model, Gary Cantrell, David A. Dampier

Journal of Digital Forensics, Security and Law

Digital triage is a pre-digital-forensic phase that sometimes takes place as a way of gathering quick intelligence. Although effort has been undertaken to model the digital forensics process, little has been done to-date to model digital triage. This work discusses the further development of a model that attempts to address digital triage, the Partially-automated Crime Specific Digital Triage Process model. The model itself will be presented along with a description of how its automated functionality was implemented to facilitate model testing.

“Preemptive Suppression” – Judges Claim The Right To Find Digital Evidence Inadmissible Before It Is Even Discovered, Bob Simpson

Journal of Digital Forensics, Security and Law

Vermont state prosecutors have asked the Vermont Supreme Court to end a state trial judge’s practice of attaching conditions to computer warrants. The Vermont judge’s conditions are drawn from five conditions established in the 2009 decision of the 9th Circuit Court of Appeals in the Comprehensive Drug Testing, Inc. case (CDT II). This is the first time the validity of the “CDT conditions” will be decided by a state court of final jurisdiction in the United States

Book Review: Mastering Windows Network Forensics And Investigation, 2/E, John C. Ebert

Journal of Digital Forensics, Security and Law

The book is available as a paperback and e-book. The e-book versions allow you to preview several chapters at any of a number of online vendors. The e-book prices vary from the same as the soft cover version ($59.99) to about $38.99. Some of the vendor's e-books retain the color illustrations found in the print version, but others produce them in grey scale, so you might want to look out for that. The book is divided into four parts (17 chapters) plus two appendices.

I am compelled to give the book illustrations a highly unfavorable assessment regarding their readability qualities. …

Technology Corner: A Regular Expression Training App, Nick V. Flor

Journal of Digital Forensics, Security and Law

Regular expressions enable digital forensic analysts to find information in files. The best way for an analyst to become proficient in writing regular expressions is to practice. This paper presents the code for an app that allows an analyst to practice writing regular expressions.

Back Matter

Journal of Digital Forensics, Security and Law

No abstract provided.

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.

An Iterative Association Rule Mining Framework To K-Anonymize A Dataset, Michael Hayes, Miriam A M Capretz, Jefferey Reed, Cheryl Forchuk

Electrical and Computer Engineering Publications

Preserving and maintaining client privacy and anonymity is of utmost importance in any domain and specially so in healthcare, as loss of either of these can result in legal and ethical implications. Further, it is sometimes important to extract meaningful and useful information from existing data for research or management purposes. In this case it is necessary for the organization who manages the dataset to be certain that no attributes can identify individuals or group of individuals. This paper proposes an extendable and generalized framework to anonymize a dataset using an iterative association rule mining approach. The proposed framework also …

An Hierarchical Asset Valuation Method For Information Security Risk Analysis, Bilge Karabacak, Unal Tatar

All Faculty and Staff Scholarship

The widespread use of information technology transforms businesses continuously and rapidly. Information technology introduces new threats to organizations as well. Risk analysis is an important tool in order to make correct decisions and to deal with cyber threats. Identification and valuation of assets is a crucial process that must be performed in risk analyses. Without properly identified and valued assets, the results of risk analyses lead to wrong decisions. Wrong decisions on information security may directly affect corresponding business processes. There are some finished and applied methods in literature for asset identification and valuation; however these methods are complicated and …

Privacy Protection Framework With Defined Policies For Service-Oriented Architecture, David Allison, Miriam A M Capretz, Hany Elyamany, Shuying Wang

Miriam A M Capretz

Service-Oriented Architecture (SOA) is a computer systems design concept which aims to achieve reusability and inte-gration in a distributed environment through the use of autonomous, loosely coupled, interoperable abstractions known as services. In order to interoperate, communication between services is very important due to their autonomous nature. This communication provides services with their functional strengths, but also creates the opportunity for the loss of privacy. In this paper, a Privacy Protection Framework for Service-Oriented Architecture (PPFSOA) is described. In this framework, a Privacy Service (PS) is used in combination with privacy policies to create privacy contracts that out-line what can …

Calm Before The Storm: The Challenges Of Cloud Computing In Digital Forensics, George Grispos, Tim Storer, William Bradley Glisson

Interdisciplinary Informatics Faculty Publications

Cloud computing is a rapidly evolving information technology (IT) phenomenon. Rather than procure, deploy and manage a physical IT infrastructure to host their software applications, organizations are increasingly deploying their infrastructure into remote, virtualized environments, often hosted and managed by third parties. This development has significant implications for digital forensic investigators, equipment vendors, law enforcement, as well as corporate compliance and audit departments (among others). Much of digital forensic practice assumes careful control and management of IT assets (particularly data storage) during the conduct of an investigation. This paper summarises the key aspects of cloud computing and analyses how established …

Privacy-Preserving Data Sharing In High Dimensional Regression And Classification Settings, Stephen E. Fienberg, Jiashun Jin

LARC Research Publications

We focus on the problem of multi-party data sharing in high dimensional data settings where the number of measured features (or the dimension) p is frequently much larger than the number of subjects (or the sample size) n, the so-called p>> n scenario that has been the focus of much recent statistical research. Here, we consider data sharing for two interconnected problems in high dimensional data analysis, namely the feature selection and classification. We characterize the notions of “cautious", “regular", and “generous" data sharing in terms of their privacy-preserving implications for the parties and their share of data, with focus …