Law Commons^™

An Ml Based Digital Forensics Software For Triage Analysis Through Face Recognition, Gaurav Gogia, Parag H. Rughani

Journal of Digital Forensics, Security and Law

Since the past few years, the complexity and heterogeneity of digital crimes has increased exponentially, which has made the digital evidence & digital forensics paramount for both criminal investigation and civil litigation cases. Some of the routine digital forensic analysis tasks are cumbersome and can increase the number of pending cases especially when there is a shortage of domain experts. While the work is not very complex, the sheer scale can be taxing. With the current scenarios and future predictions, crimes are only going to become more complex and the precedent of collecting and examining digital evidence is only going …

The Exigency And How To Improve And Implement International Humanitarian Legislations More Advantageously In Times Of Both Cyber-Warfare And Cyberspace, Shawn J. Lalman

Doctoral Dissertations and Master's Theses

This study provides a synopsis of the following topics: the prospective limiters levied on cyber-warfare by present–day international legislation; significant complexities and contentions brought up in the rendering & utilization of International Humanitarian Legislation against cyber-warfare; feasible repercussions of cyber-warfare on humanitarian causes. It is also to be contended and outlined in this research study that non–state actors can be held accountable for breaches of international humanitarian legislation committed using cyber–ordnance if sufficient resources and skill are made available. It details the factors that prosecutors and investigators must take into account when organizing investigations into major breaches of humanitarian legislation …

Drones Across The World: Laws And Policies, Sarah Nilsson

OER Main

Navigating the world’s drone and advanced air mobility laws is a daunting but critical task if you are in the aviation industry. Hence the need to formalize the relevant material and create this eTextbook (webbook). While still copyrighted content, it is freely distributed worldwide under a Creative Commons, non-commercial, and non-derivative license. This webbook is structured the way the United Nations views the globe, in 6 main areas, Northern America, Latin America and the Caribbean, Oceania, Europe, Asia, and Africa. It is easily searchable by country if used as a reference guide. This webbook has an interactive design with hyperlinks, …

Creating An Urban Airspace Design: The Future Regulatory Landscape, Jason T. Lorenzon

National Training Aircraft Symposium (NTAS)

Urban Air Mobility (UAM) and Advanced Air Mobility (AAM) are transformative technologies that will revolutionize the manner that cargo and passengers are transported in the local environment. This disruptive technology will transform transportation domain. For instance, imagine a transportation infrastructure without physical roads, where persons, property and cargo are being moved by Autonomously operated Uncrewed Aerial Vehicles (UAS). This presentation/paper will examine the current state of the regulatory and legal environment and the efforts that are being made to facilitate a future that a few short years ago was only imagined in works of science fiction.

This presentation will focus …

Mental Health In Pilots Ages 19-26: What Are The New Pilots Telling Us?, Jason T. Lorenzon, Diana Semilia

National Training Aircraft Symposium (NTAS)

Mental Health is stigma that reaches all professional pilots. After spending a considerable amount of money, a pilot is always afraid of losing his/her medical certification. This leads many pilots to not be honest and forthcoming about his/her own health situation or if he/she is forthcoming with any medical deficiency, the regulatory framework at the Federal Aviation Administration may put a further burden on the pilot to provide additional medical documentation, or the FAA may even amend, revoke, or suspend a pilot's medical certificate.

The Federal Aviation Administration (FAA) regulations,14 CFR Parts 61 and 67 and internal protocols creates a …

Ground Risk Model For Uavs, Andrew V. Shelley

International Journal of Aviation, Aeronautics, and Aerospace

This paper develops an alternative to the ground risk model provided by JARUS SORA. Key inconsistencies in the SORA ground risk model are identified, specifically ground risk continuing to increase when there is no further increase in fatality probability.

Population density is a critical component of UAS ground risk. Definitions of population density adopted by various regulatory jurisdictions are reviewed. A categorisation of population density is developed based on official statistics categories for New Zealand. This categorisation is more granular than that provided by SORA, enabling a more nuanced assessment of risk.

A ground risk model is then developed using …

Pre-Check Security Processes In Selected Brazil Airports- Changes And Gains, Camila Miliani, Fabio Sanches, Jonatta Haniere, Rodrigo Cortes, Tais Gargano, Vanessa Reis

Student Works

The recommendation of this Research Project is to implement the precheck program at 10 Airports in Brazil with more than 5 million passengers a year. The passengers’ satisfaction, security improvement and OPEX savings would be a reality.

The expectation of OPEX savings at these 10 Airports are R$ 3.360.000,00 per year, (US$ 634.000,00) due to the possibility of using the current infrastructure and yet, reduce one Protection Agent per inspection module, per airport.

The research topic was to understand the feasibility of implementing the precheck security process in Brazil Airports. Using the U.S. benchmark, and the current Brazilian legislation, GYN …

Certification Basis For A Fully Autonomous Uncrewed Passenger Carrying Urban Air Mobility Aircraft, Steve Price

Student Works

The Urban Air Mobility campaign has set a goal to efficiently transport passengers and cargo in urban areas of operation with autonomous aircraft. This concept of operations will require aircraft to utilize technology that currently does not have clear regulatory requirements. This report contains a comprehensive analysis and creation of a certification basis for a fully autonomous uncrewed passenger carrying rotorcraft for use in Urban Air Mobility certified under Title 14 Code of Federal Regulations Part 27. Part 27 was first analyzed to determine the applicability of current regulations. The fully electric propulsion system and fully autonomous flight control system …

An Evaluation Framework For Digital Image Forensics Tools, Zainab Khalid, Sana Qadir

Journal of Digital Forensics, Security and Law

The boom of digital cameras, photography, and social media has drastically changed how humans live their day-to-day, but this normalization is accompanied by malicious agents finding new ways to forge and tamper with images for unlawful monetary (or other) gains. Disinformation in the photographic media realm is an urgent threat. The availability of a myriad of image editing tools renders it almost impossible to differentiate between photo-realistic and original images. The tools available for image forensics require a standard framework against which they can be evaluated. Such a standard framework can aid in evaluating the suitability of an image forensics …

A Study Of The Data Remaining On Second-Hand Mobile Devices In The Uk, Olga Angelopoulou, Andy Jones, Graeme Horsman, Seyedali Pourmoafi

Journal of Digital Forensics, Security and Law

This study was carried out intending to identify the level and type of information that remained on portable devices that were purchased from the second-hand market in the UK over the last few years. The sample for this study consisted of 100 second hand mobile phones and tablets. The aim of the study was to determine the proportion of devices that still contained data and the type of data that they contained. Where data was identified, the study attempted to determine the level of personal identifiable information that is associated with the previous owner. The research showed that when sensitive …

Public Acceptance Of Medical Screening Recommendations, Safety Risks, And Implied Liabilities Requirements For Space Flight Participation, Cory J. Trunkhill

Doctoral Dissertations and Master's Theses

The space tourism industry is preparing to send space flight participants on orbital and suborbital flights. Space flight participants are not professional astronauts and are not subject to the rules and guidelines covering space flight crewmembers. This research addresses public acceptance of current Federal Aviation Administration guidance and regulations as designated for civil participation in human space flight.

The research utilized an ordinal linear regression analysis of survey data to explore the public acceptance of the current medical screening recommended guidance and the regulations for safety risk and implied liability for space flight participation. Independent variables constituted participant demographic representations …

To License Or Not To License Reexamined: An Updated Report On Licensing Of Digital Examiners Under State Private Investigator Statutes, Thomas Lonardo, Alan Rea, Doug White

Journal of Digital Forensics, Security and Law

In this update to the 2015 study, the authors examine US state statutes and regulations relating to licensing and enforcement of Digital Examiner functions under each state’s private investigator/detective statute. As with the prior studies, the authors find that very few state statutes explicitly distinguish between Private Investigators (PI) and Digital Examiners (DE), and when they do, they either explicitly require a license or exempt them from the licensing statute. As noted in the previous 2015 study there is a minor trend in which some states are moving to exempt DE from PI licensing requirements. We examine this trend as …

Proposed L-Shape Pattern On Ufs Acm For Risk Analysis, Abhishek Asthana, Padma Lochan Pradhan Dr

Journal of Digital Forensics, Security and Law

At this cloud age, there is tremendous growth in business, services, resources, and cloud technology. This growth comes with a risk of unsafe, unordered, and uncertainty due to unauthorized access and theft of confidential propriety data. Our objective is to model around Read, Write and Execute to resolve these unordered, unsafe, and uncertain issues. We will develop a L-Shape pattern model matching UFS ACM to minimize the accessibilities based on RIGHT & ROLE of the resources and maximize the quality of services for safety and high availability. The preventive, detective, corrective (PDC) services are the major roles for all levels …

Fault Lines In The Application Of International Humanitarian Law To Cyberwarfare, Humna Sohail

Journal of Digital Forensics, Security and Law

The dynamics of warfare have changed from the conventional wars fought on the battlefield to virtual warfare as states have been involved in the cyber arms race. From simple distributed denial-of-service (DDoS) attacks to the potent Stuxnet and Flame the cyber weapons vary in their potential human cost. The Law of Armed Conflict (LOAC) is drafted flexibly to adapt to changing circumstances. This paper is primarily based upon the assumption that existing treaty law is sufficient in many aspects yet in some areas treaty-making is also needed. What is the foreseeable solution is the comprehensive state practice for interpreting the …

A Critical Comparison Of Brave Browser And Google Chrome Forensic Artefacts, Stuart Berham, Sarah Morris

Journal of Digital Forensics, Security and Law

Digital forensic practitioners are tasked with the identification, recovery and analysis of Internet browser artefacts which may have been used in the pursuit of committing a civil or criminal offence. This research paper critically compares the most downloaded browser, Google Chrome, against an increasingly popular Chromium browser known as Brave, said to offer privacy-by-default. With increasing forensic caseloads, data complexity, and requirements for method validation to satisfy ISO 17025 accreditation, recognising the similarities and differences between the browsers, developed on the same underlying technology is essential. The paper describes a series of conducted experiments and subsequent analysis to identify artefacts …

Digital Evidence In Appeals Of Criminal Cases Before The U.S. Courts Of Appeal: A Review Of Decisions And Examination Of The Legal Landscape From 2016 – 2020, Martin Novak

Journal of Digital Forensics, Security and Law

This study is a follow-up to Digital Evidence in Criminal Cases before the U.S. Courts of Appeal: Trends and Issues for Consideration – 2010 to 2015. The current study examines appeals of criminal cases before the United States Courts of Appeal from January 2016 through August 2020, where one or more appeal claims were related to digital evidence. The purpose of this research was to determine if the legal landscape has changed since 2015; examine the most relevant legal issues related to digital evidence; and analyze how precedential cases may have affected digital forensics as evidence.

Technical Behaviours Of Child Sexual Exploitation Material Offenders, Chad Steel, Emily Newman, Suzanne O'Rourke, Ethel Quayle

Journal of Digital Forensics, Security and Law

An exploration of the technological behaviours of previously convicted child sexual exploitation material (CSEM) offenders provides a foundation for future applied research into deterrence, investigation, and treatment efforts. This study evaluates the technology choices and transitions of individuals previously convicted of CSEM offenses. Based on their inclusion in two sex offender registries, anonymous survey results (n=78) were collected from English-speaking adults within the United States. CSEM offenders chose technologies based on both utility and perceived risk; peer-to-peer and web-browsers were the most common gateway technologies and showed substantial sustained usage; a substantial minority of users never stored CSEM and only …

Forensic Discoverability Of Ios Vault Applications, Alissa Gilbert, Kathryn C. Seigfried-Spellar

Journal of Digital Forensics, Security and Law

Vault Applications are used to store potentially sensitive information on a smartphone; and are available on Android and iOS. The purpose of using these applications could be used to hide potential evidence or illicit photos. After comparing five different iOS photo vaults, each vault left evidence and photos behind. However, of the three forensic toolkits used, each produced different results in their scans of the phone. The media left behind was due to the photo vaults not protecting their information as claimed, and using basic obfuscation techniques in place of security controls. Future research will look at how newer security …

A Lightweight Reliably Quantified Deepfake Detection Approach, Tianyi Wang, Kam Pui Chow

Annual ADFSL Conference on Digital Forensics, Security and Law

Deepfake has brought huge threats to society such that everyone can become a potential victim. Current Deepfake detection approaches have unsatisfactory performance in either accuracy or efficiency. Meanwhile, most models are only evaluated on different benchmark test datasets with different accuracies, which could not imitate the real-life Deepfake unknown population. As Deepfake cases have already been raised and brought challenges at the court, it is disappointed that no existing work has studied the model reliability and attempted to make the detection model act as the evidence at the court. We propose a lightweight Deepfake detection deep learning approach using the …

Anatomy Of An Internet Hijack And Interception Attack: A Global And Educational Perspective, Ben A. Scott, Michael N. Johnstone, Patryk Szewczyk

Annual ADFSL Conference on Digital Forensics, Security and Law

The Internet’s underlying vulnerable protocol infrastructure is a rich target for cyber crime, cyber espionage and cyber warfare operations. The stability and security of the Internet infrastructure are important to the function of global matters of state, critical infrastructure, global e-commerce and election systems. There are global approaches to tackle Internet security challenges that include governance, law, educational and technical perspectives. This paper reviews a number of approaches to these challenges, the increasingly surgical attacks that target the underlying vulnerable protocol infrastructure of the Internet, and the extant cyber security education curricula; we find the majority of predominant cyber security …

A Low-Cost Machine Learning Based Network Intrusion Detection System With Data Privacy Preservation, Jyoti Fakirah, Lauhim Mahfuz Zishan, Roshni Mooruth, Michael L. Johnstone, Wencheng Yang

Annual ADFSL Conference on Digital Forensics, Security and Law

Network intrusion is a well-studied area of cyber security. Current machine learning-based network intrusion detection systems (NIDSs) monitor network data and the patterns within those data but at the cost of presenting significant issues in terms of privacy violations which may threaten end-user privacy. Therefore, to mitigate risk and preserve a balance between security and privacy, it is imperative to protect user privacy with respect to intrusion data. Moreover, cost is a driver of a machine learning-based NIDS because such systems are increasingly being deployed on resource-limited edge devices. To solve these issues, in this paper we propose a NIDS …

Microsoft Defender Will Be Defended: Memoryranger Prevents Blinding Windows Av, Denis Pogonin, Igor Korkin, Phd

Annual ADFSL Conference on Digital Forensics, Security and Law

Windows OS is facing a huge rise in kernel attacks. An overview of popular techniques that result in loading kernel drivers will be presented. One of the key targets of modern threats is disabling and blinding Microsoft Defender, a default Windows AV. The analysis of recent driver-based attacks will be given, the challenge is to block them. The survey of user- and kernel-level attacks on Microsoft Defender will be given. One of the recently published attackers’ techniques abuses Mandatory Integrity Control (MIC) and Security Reference Monitor (SRM) by modifying Integrity Level and Debug Privileges for the Microsoft Defender via syscalls. …

Detection Of Overlapping Passive Manipulation Techniques In Image Forensics, Gianna S. Lint, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

With a growing number of images uploaded daily to social media sites, it is essential to understand if an image can be used to trace its origin. Forensic investigations are focusing on analyzing images that are uploaded to social media sites resulting in an emphasis on building and validating tools. There has been a strong focus on understanding active manipulation or tampering techniques and building tools for analysis. However, research on manipulation is often studied in a vacuum, involving only one technique at a time. Additionally, less focus has been placed on passive manipulation, which can occur by simply uploading …

Human-Controlled Fuzzing With Afl, Maxim Grishin, Igor Korkin, Phd

Annual ADFSL Conference on Digital Forensics, Security and Law

Fuzzing techniques are applied to reveal different types of bugs and vulnerabilities. American Fuzzy Lop (AFL) is a free most popular software fuzzer used by many other fuzzing frameworks. AFL supports autonomous mode of operation that uses the previous step output into the next step, as a result fuzzer spends a lot of time analyzing minor code sections. By making fuzzing process more focused and human controlled security expert can save time and find more bugs in less time. We designed a new module that can fuzz only the specified functions. As a result, the chosen ones will be inspected …

Digital Forensics For Mobility As A Service Platform: Analysis Of Uber Application On Iphone And Cloud, Nina Matulis, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

Uber is a ride-hailing smartphone application (app) that allows users to order a ride in a highly efficient manner. The Uber app provides Mobility as a Service and allows users to easily order a ride in a private car with just a few clicks. Uber stores large amounts of data on both the mobile device the app is being used on, and in the cloud. Examples of this data include geolocation data, date/time, origin/destination addresses, departure/arrival times, and distance. Uber geolocation data has been previously researched to investigate the privacy of the Uber app; however, there is minimal research relating …

The Amorphous Nature Of Hackers: An Exploratory Study, Kento Yasuhara, Daniel Walnycky, Ibrahim Baggili, Ahmed Alhishwan

Annual ADFSL Conference on Digital Forensics, Security and Law

In this work, we aim to better understand outsider perspectives of the hacker community through a series of situation based survey questions. By doing this, we hope to gain insight into the overall reputation of hackers from participants in a wide range of technical and non-technical backgrounds. This is important to digital forensics since convicted hackers will be tried by people, each with their own perception of who hackers are. Do cyber crimes and national security issues negatively affect people’s perceptions of hackers? Does hacktivism and information warfare positively affect people’s perception of hackers? Do individual personality factors affect one’s …

Smart Home Forensics: Identifying Ddos Attack Patterns On Iot Devices, Samuel Ho, Hope Greeson, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

Smart homes are becoming more common as more people integrate IoT devices into their home environment. As such, these devices have access to personal data on their homeowners’ networks. One of the advantages of IoT devices is that they are compact. However, this limits the incorporation of security measures in their hardware. Misconfigured IoT devices are commonly the target of malicious attacks. Additionally, distributed denial-of-service attacks are becoming more common due to applications and software that provides users with easy-to-use user interfaces. Since one vulnerable device is all an attacker needs to launch an attack on a network, in regards …

Timestamp Estimation From Outdoor Scenes, Tawfiq Salem, Jisoo Hwang, Rafael Padilha

Annual ADFSL Conference on Digital Forensics, Security and Law

The increasing availability of smartphones allowed people to easily capture and share images on the internet. These images are often associated with metadata, including the image capture time (timestamp) and the location where the image was captured (geolocation). The metadata associated with images provides valuable information to better understand scenes and events presented in these images. The timestamp can be manipulated intentionally to provide false information to convey a twisted version of reality. Images with manipulated timestamps are often used as a cover-up for wrongdoing or broadcasting false claims and competing views on the internet. Estimating the time of capture …

Establishing Commercial Aviation Safety Privilege: Court Precedent Versus Statute, Jason Powell

International Journal of Aviation, Aeronautics, and Aerospace

This concept paper evaluates the pros and cons of establishing commercial aviation safety privilege beyond the almost uniquely United States Department of Defense (DoD) legal protection built upon court precedence (stare decisis) as a statutory concept that can apply across all aviation investigations. The protection offered under Title 49 CFR 1114 only applies to the information provided that is not part of the safety investigation and allows full release of interviews that pertain to the investigation, which is further applied in the National Transportation Safety Board Aviation Investigation Manual (2002). The Supreme Court of the United States recognized different privileged …

Anthropometry Considerations In The Design And Evaluation Of Flight Deck Displays And Controls: Literature Review, Robert Joslin

International Journal of Aviation, Aeronautics, and Aerospace

The regulatory requirements and guidance for showing compliance with the Federal Aviation Administration anthropometric considerations in aircraft design are widely dispersed in an array of source documents. Consequently, they are difficult for aircraft manufacturers/applicants to identify, interpret, and address thereby extending the time to certify new/modified aircraft and aircraft systems. This literature review is intended to provide a compendium of the anthropometry considerations in the design certification of displays and controls in aircraft flight decks. This document is not a compliance document and the references herein are frequently updated, hence should be verified by the reader.