Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 5 of 5
Full-Text Articles in Engineering
Deleting Collected Digital Evidence By Exploiting A Widely Adopted Hardware Write Blocker, Christopher S. Meffert, Ibrahim Baggili, Frank Breitinger
Deleting Collected Digital Evidence By Exploiting A Widely Adopted Hardware Write Blocker, Christopher S. Meffert, Ibrahim Baggili, Frank Breitinger
Electrical & Computer Engineering and Computer Science Faculty Publications
In this primary work we call for the importance of integrating security testing into the process of testing digital forensic tools. We postulate that digital forensic tools are increasing in features (such as network imaging), becoming networkable, and are being proposed as forensic cloud services. This raises the need for testing the security of these tools, especially since digital evidence integrity is of paramount importance. At the time of conducting this work, little to no published anti-forensic research had focused on attacks against the forensic tools/process.We used the TD3, a popular, validated, touch screen disk duplicator and hardware write blocker …
Anti-Forensics: Furthering Digital Forensic Science Through A New Extended, Granular Taxonomy, Kevin Conlan, Ibrahim Baggili, Frank Breitinger
Anti-Forensics: Furthering Digital Forensic Science Through A New Extended, Granular Taxonomy, Kevin Conlan, Ibrahim Baggili, Frank Breitinger
Electrical & Computer Engineering and Computer Science Faculty Publications
Anti-forensic tools, techniques and methods are becoming a formidable obstacle for the digital forensic community. Thus, new research initiatives and strategies must be formulated to address this growing problem. In this work we first collect and categorize 308 antidigital forensic tools to survey the field. We then devise an extended anti-forensic taxonomy to the one proposed by Rogers (2006) in order to create a more comprehensive taxonomy and facilitate linguistic standardization. Our work also takes into consideration anti-forensic activity which utilizes tools that were not originally designed for antiforensic purposes, but can still be used with malicious intent. This category …
A Cyber Forensics Needs Analysis Survey: Revisiting The Domain's Needs A Decade Later, Vikram S. Harichandran, Frank Breitinger, Ibrahim Baggili, Andrew Marrington
A Cyber Forensics Needs Analysis Survey: Revisiting The Domain's Needs A Decade Later, Vikram S. Harichandran, Frank Breitinger, Ibrahim Baggili, Andrew Marrington
Electrical & Computer Engineering and Computer Science Faculty Publications
The number of successful cyber attacks continues to increase, threatening financial and personal security worldwide. Cyber/digital forensics is undergoing a paradigm shift in which evidence is frequently massive in size, demands live acquisition, and may be insufficient to convict a criminal residing in another legal jurisdiction. This paper presents the findings of the first broad needs analysis survey in cyber forensics in nearly a decade, aimed at obtaining an updated consensus of professional attitudes in order to optimize resource allocation and to prioritize problems and possible solutions more efficiently. Results from the 99 respondents gave compelling testimony that the following …
A Method And A Case Study For The Selection Of The Best Available Tool For Mobile Device Forensics Using Decision Analysis, Shahzad Saleem, Oliver Popov, Ibrahim Baggili
A Method And A Case Study For The Selection Of The Best Available Tool For Mobile Device Forensics Using Decision Analysis, Shahzad Saleem, Oliver Popov, Ibrahim Baggili
Electrical & Computer Engineering and Computer Science Faculty Publications
The omnipresence of mobile devices (or small scale digital devices - SSDD) and more importantly the utility of their associated applications for our daily activities, which range from financial transactions to learning, and from entertainment to distributed social presence, create an abundance of digital evidence for each individual. Some of the evidence may be a result of illegal activities that need to be identified, understood and eventually prevented in the future. There are numerous tools for acquiring and analyzing digital evidence extracted from mobile devices. The diversity of SSDDs, types of evidence generated and the number of tools used to …
Towards Syntactic Approximate Matching-A Pre-Processing Experiment, Doowon Jeong, Frank Breitinger, Hari Kang, Sangjin Lee
Towards Syntactic Approximate Matching-A Pre-Processing Experiment, Doowon Jeong, Frank Breitinger, Hari Kang, Sangjin Lee
Electrical & Computer Engineering and Computer Science Faculty Publications
Over the past few years, the popularity of approximate matching algorithms (a.k.a. fuzzy hashing) has increased. Especially within the area of bytewise approximate matching, several algorithms were published, tested, and improved. It has been shown that these algorithms are powerful, however they are sometimes too precise for real world investigations. That is, even very small commonalities (e.g., in the header of a file) can cause a match. While this is a desired property, it may also lead to unwanted results. In this paper, we show that by using simple pre-processing, we significantly can influence the outcome. Although our test set …