Open Access. Powered by Scholars. Published by Universities.®
- Institution
- Keyword
-
- Digital Forensics (5)
- Cybersecurity (3)
- Computer Forensics (2)
- Data (2)
- Digital forensics (2)
-
- Privacy (2)
- Standards (2)
- Air gaps (1)
- Alternative Web (1)
- Android forensics (1)
- Attackers (1)
- Attribution (1)
- Audio forensics (1)
- BYOD (1)
- Bandwidth (1)
- Behavior analysis (1)
- BitTorrent (1)
- BlackBag (1)
- Blue Pill (1)
- Botnet (1)
- Botnet detection (1)
- Browser Forensics (1)
- Camcorder identification (1)
- Causation (1)
- China (1)
- Cloud computing (1)
- Communications & computer law (1)
- Computer Law (1)
- Computer hacking (1)
- Congestion management (1)
- Publication
- Publication Type
Articles 1 - 30 of 53
Full-Text Articles in Computer Law
Establishing Russia's Responsibility For Cyber-Crime Based On Its Hacker Culture, Trevor Mcdougal
Establishing Russia's Responsibility For Cyber-Crime Based On Its Hacker Culture, Trevor Mcdougal
Brigham Young University International Law & Management Review
No abstract provided.
Games Are Not Coffee Mugs: Games And The Right Of Publicity, 29 Santa Clara Computer & High Tech. L.J. 1 (2012), William K. Ford, Raizel Liebler
Games Are Not Coffee Mugs: Games And The Right Of Publicity, 29 Santa Clara Computer & High Tech. L.J. 1 (2012), William K. Ford, Raizel Liebler
William K. Ford
Are games more like coffee mugs, posters, and T-shirts, or are they more like books, magazines, and films? For purposes of the right of publicity, the answer matters. The critical question is whether games should be treated as merchandise or as expression. Three classic judicial decisions, decided in 1967, 1970, and 1973, held that the defendants needed permission to use the plaintiffs' names in their board games. These decisions judicially confirmed that games are merchandise, not something equivalent to more traditional media of expression. As merchandise, games are not like books; instead, they are akin to celebrity-embossed coffee mugs. To …
Tracking Criminals On Facebook: A Case Study From A Digital Forensics Reu Program, Daniel Weiss, Gary Warner
Tracking Criminals On Facebook: A Case Study From A Digital Forensics Reu Program, Daniel Weiss, Gary Warner
Annual ADFSL Conference on Digital Forensics, Security and Law
The 2014 Digital Forensics Research Experience for Undergraduates (REU) Program at the University of Alabama at Birmingham (UAB) focused its summer efforts on tracking criminal forums and Facebook groups. The UAB-REU Facebook team was provided with a list of about 60 known criminal groups on Facebook, with a goal to track illegal information posted in these groups and ultimately store the information in a searchable database for use by digital forensic analysts. Over the course of about eight weeks, the UAB-REU Facebook team created a database with over 400 Facebook groups conducting criminal activity along with over 100,000 unique users …
Towards A Digital Forensics Competency-Based Program: Making Assessment Count, Rose Shumba
Towards A Digital Forensics Competency-Based Program: Making Assessment Count, Rose Shumba
Annual ADFSL Conference on Digital Forensics, Security and Law
This paper describes an approach that UMUC has initiated to revise its graduate programs to a Competency-Based Education (CBE) curriculum. The approach, which is Learning Demonstration (LD) centric, includes the identification of learning goals and competences, identification and description of the LDs, mapping of the LDs to the competences, scripting the LDs, placing the LDs into the respective courses, validating the developed materials, and the development of the open learning resources. Programs in the Cybersecurity and Information Assurance Department, including the Digital Forensics and Cyber Investigations program, are being revised. An LD centric approach to curriculum development helps align programs …
Phishing Intelligence Using The Simple Set Comparison Tool, Jason Britt, Alan Sprague, Gary Warner
Phishing Intelligence Using The Simple Set Comparison Tool, Jason Britt, Alan Sprague, Gary Warner
Annual ADFSL Conference on Digital Forensics, Security and Law
Phishing websites, phish, attempt to deceive users into exposing their passwords, user IDs, and other sensitive information by imitating legitimate websites, such as banks, product vendors, and service providers. Phishing investigators need fast automated tools to analyze the volume of phishing attacks seen today. In this paper, we present the Simple Set Comparison tool. The Simple Set Comparison tool is a fast automated tool that groups phish by imitated brand allowing phishing investigators to quickly identify and focus on phish targeting a particular brand. The Simple Set Comparison tool is evaluated against a traditional clustering algorithm over a month's worth …
Identifying Common Characteristics Of Malicious Insiders, Nan Liang, David Biros
Identifying Common Characteristics Of Malicious Insiders, Nan Liang, David Biros
Annual ADFSL Conference on Digital Forensics, Security and Law
Malicious insiders account for large proportion of security breaches or other kinds of loss for organizations and have drawn attention of both academics and practitioners. Although methods and mechanism have been developed to monitor potential insider via electronic data monitoring, few studies focus on predicting potential malicious insiders. Based on the theory of planned behavior, certain cues should be observed or expressed when an individual performs as a malicious insider. Using text mining to analyze various media content of existing insider cases, we strive to develop a method to identify crucial and common indicators that an individual might be a …
Continuous Monitoring System Based On Systems' Environment, Eli Weintraub, Yuval Cohen
Continuous Monitoring System Based On Systems' Environment, Eli Weintraub, Yuval Cohen
Annual ADFSL Conference on Digital Forensics, Security and Law
We present a new framework (and its mechanisms) of a Continuous Monitoring System (CMS) having new improved capabilities, and discuss its requirements and implications. The CMS is based on the real-time actual configuration of the system and the environment rather than a theoretic or assumed configuration. Moreover, the CMS predicts organizational damages taking into account chains of impacts among systems' components generated by messaging among software components. In addition, the CMS takes into account all organizational effects of an attack. Its risk measurement takes into account the consequences of a threat, as defines in risk analysis standards. Loss prediction is …
Html5 Zero Configuration Covert Channels: Security Risks And Challenges, Jason Farina, Mark Scanlon, Stephen Kohlmann, Nhien-An Le-Khac, Tahar Kechadi
Html5 Zero Configuration Covert Channels: Security Risks And Challenges, Jason Farina, Mark Scanlon, Stephen Kohlmann, Nhien-An Le-Khac, Tahar Kechadi
Annual ADFSL Conference on Digital Forensics, Security and Law
In recent months there has been an increase in the popularity and public awareness of secure, cloudless file transfer systems. The aim of these services is to facilitate the secure transfer of files in a peer-to-peer (P2P) fashion over the Internet without the need for centralized authentication or storage. These services can take the form of client installed applications or entirely web browser based interfaces. Due to the P2P nature, there is generally no limit to the file sizes involved or to the volume of data transmitted - and where these limitations do exist they will be purely reliant on …
Measuring Hacking Ability Using A Conceptual Expertise Task, Justin S. Giboney, Jeffrey G. Proudfoot, Sanjay Goel, Joseph S. Valacich
Measuring Hacking Ability Using A Conceptual Expertise Task, Justin S. Giboney, Jeffrey G. Proudfoot, Sanjay Goel, Joseph S. Valacich
Annual ADFSL Conference on Digital Forensics, Security and Law
Hackers pose a continuous and unrelenting threat to organizations. Industry and academic researchers alike can benefit from a greater understanding of how hackers engage in criminal behavior. A limiting factor of hacker research is the inability to verify that self-proclaimed hackers participating in research actually possess their purported knowledge and skills. This paper presents current work in developing and validating a conceptual-expertise based tool that can be used to discriminate between novice and expert hackers. The implications of this work are promising since behavioral information systems researchers operating in the information security space will directly benefit from the validation of …
Invited Paper - A Profile Of Prolonged, Persistent Ssh Attack On A Kippo Based Honeynet, Craig Valli, Priya Rabadia, Andrew Woodard
Invited Paper - A Profile Of Prolonged, Persistent Ssh Attack On A Kippo Based Honeynet, Craig Valli, Priya Rabadia, Andrew Woodard
Annual ADFSL Conference on Digital Forensics, Security and Law
This paper is an investigation focusing on activities detected by SSH honeypots that utilised kippo honeypot software. The honeypots were located across a variety of geographical locations and operational platforms. The honeynet has suffered prolonged, persistent and attack from a /24 network which appears to be of Chinese geographical origin. In addition to these attacks, other attackers have been successful in compromising real hosts in a wide range of other countries that were subsequently involved in attacking the honeypot machines in the honeynet.
Keywords: Cyber Security, SSH, Secure Shell, Honeypots, Kippo
Inivited Paper - Potential Changes To Ediscovery Rules In Federal Court: A Discussion Of The Process, Substantive Changes And Their Applicability And Impact On Virginia Practice, Joseph J. Schwerha, Susan L. Mitchell, John W. Bagby
Inivited Paper - Potential Changes To Ediscovery Rules In Federal Court: A Discussion Of The Process, Substantive Changes And Their Applicability And Impact On Virginia Practice, Joseph J. Schwerha, Susan L. Mitchell, John W. Bagby
Annual ADFSL Conference on Digital Forensics, Security and Law
The Federal Rules of Civil Procedure (FRCP) are subject to a unique process also once used in revising the Federal Rules of Evidence (FRE). Today, this process is followed in revisions of the FRCP, the Federal Rules of Criminal Procedure and the Federal Bankruptcy Rules. This unique rulemaking process differs significantly from traditional notice and comment rulemaking required for a majority of federal regulatory agencies under the Administrative Procedure Act (APA).1 Most notably, rule-making for the federal courts’ procedural matters remain unaffected by the invalidation of legislative veto. It is still widely, but wrongly believed, that the legislative veto was …
On The Network Performance Of Digital Evidence Acquisition Of Small Scale Devices Over Public Networks, Irvin Homem, Spyridon Dosis
On The Network Performance Of Digital Evidence Acquisition Of Small Scale Devices Over Public Networks, Irvin Homem, Spyridon Dosis
Annual ADFSL Conference on Digital Forensics, Security and Law
While cybercrime proliferates – becoming more complex and surreptitious on the Internet – the tools and techniques used in performing digital investigations are still largely lagging behind, effectively slowing down law enforcement agencies at large. Real-time remote acquisition of digital evidence over the Internet is still an elusive ideal in the combat against cybercrime. In this paper we briefly describe the architecture of a comprehensive proactive digital investigation system that is termed as the Live Evidence Information Aggregator (LEIA). This system aims at collecting digital evidence from potentially any device in real time over the Internet. Particular focus is made …
A Review Of Recent Case Law Related To Digital Forensics: The Current Issues, Kelly A. Cole, Shruti Gupta, Dheeraj Gurugubelli, Marcus K. Rogers
A Review Of Recent Case Law Related To Digital Forensics: The Current Issues, Kelly A. Cole, Shruti Gupta, Dheeraj Gurugubelli, Marcus K. Rogers
Annual ADFSL Conference on Digital Forensics, Security and Law
Digital forensics is a new field without established models of investigation. This study uses thematic analysis to explore the different issues seen in the prosecution of digital forensic investigations. The study looks at 100 cases from different federal appellate courts to analyze the cause of the appeal. The issues are categorized into one of four categories, ‘search and seizure’, ‘data analysis’, ‘presentation’ and ‘legal issues’. The majority of the cases reviewed related to the search and seizure activity.
Keywords: Computer Investigation, Case Law, Digital Forensics, Legal Issues, and Courts
A New Cyber Forensic Philosophy For Digital Watermarks In The Context Of Copyright Laws, Vinod P. Bhattathiripad, Sneha Sudhakaran, Roshna K. Thalayaniyil
A New Cyber Forensic Philosophy For Digital Watermarks In The Context Of Copyright Laws, Vinod P. Bhattathiripad, Sneha Sudhakaran, Roshna K. Thalayaniyil
Annual ADFSL Conference on Digital Forensics, Security and Law
The objective of this paper is to propose a new cyber forensic philosophy for watermark in the context of copyright laws for the benefit of the forensic community and the judiciary worldwide. The paper first briefly introduces various types of watermarks, and then situates watermarks in the context of the ideaexpression dichotomy and the copyright laws. It then explains the forensic importance of watermarks and proposes a forensic philosophy for them in the context of copyright laws. Finally, the paper stresses the vital need to incorporate watermarks in the forensic tests to establish software copyright infringement and also urges the …
A Survey Of Software-Based String Matching Algorithms For Forensic Analysis, Yi-Ching Liao
A Survey Of Software-Based String Matching Algorithms For Forensic Analysis, Yi-Ching Liao
Annual ADFSL Conference on Digital Forensics, Security and Law
Employing a fast string matching algorithm is essential for minimizing the overhead of extracting structured files from a raw disk image. In this paper, we summarize the concept, implementation, and main features of ten software-based string matching algorithms, and evaluate their applicability for forensic analysis. We provide comparisons between the selected software-based string matching algorithms from the perspective of forensic analysis by conducting their performance evaluation for file carving. According to the experimental results, the Shift-Or algorithm (R. Baeza-Yates & Gonnet, 1992) and the Karp-Rabin algorithm (Karp & Rabin, 1987) have the minimized search time for identifying the locations of …
Investigating Forensics Values Of Windows Jump Lists Data, Ahmad Ghafarian
Investigating Forensics Values Of Windows Jump Lists Data, Ahmad Ghafarian
Annual ADFSL Conference on Digital Forensics, Security and Law
Starting with Windows 7, Microsoft introduced a new feature to the Windows Operating Systems called Jump Lists. Jump Lists stores information about user activities on the host machine. These activities may include links to the recently visited web pages, applications executed, or files processed. Computer forensics investigators may find traces of misuse in Jump Lists auto saved files. In this research, we investigate the forensics values of Jump Lists data. Specifically, we use several tools to view Jump Lists data on a virtual machine. We show that each tool reveal certain types of information about user’s activity on the host …
An Empirical Comparison Of Widely Adopted Hash Functions In Digital Forensics: Does The Programming Language And Operating System Make A Difference?, Satyendra Gurjar, Ibrahim Baggili, Frank Breitinger, Alice Fischer
An Empirical Comparison Of Widely Adopted Hash Functions In Digital Forensics: Does The Programming Language And Operating System Make A Difference?, Satyendra Gurjar, Ibrahim Baggili, Frank Breitinger, Alice Fischer
Annual ADFSL Conference on Digital Forensics, Security and Law
Hash functions are widespread in computer sciences and have a wide range of applications such as ensuring integrity in cryptographic protocols, structuring database entries (hash tables) or identifying known files in forensic investigations. Besides their cryptographic requirements, a fundamental property of hash functions is efficient and easy computation which is especially important in digital forensics due to the large amount of data that needs to be processed when working on cases. In this paper, we correlate the runtime efficiency of common hashing algorithms (MD5, SHA-family) and their implementation. Our empirical comparison focuses on C-OpenSSL, Python, Ruby, Java on Windows and …
Two Challenges Of Stealthy Hypervisors Detection: Time Cheating And Data Fluctuations, Igor Korkin
Two Challenges Of Stealthy Hypervisors Detection: Time Cheating And Data Fluctuations, Igor Korkin
Annual ADFSL Conference on Digital Forensics, Security and Law
Hardware virtualization technologies play a significant role in cyber security. On the one hand these technologies enhance security levels, by designing a trusted operating system. On the other hand these technologies can be taken up into modern malware which is rather hard to detect. None of the existing methods is able to efficiently detect a hypervisor in the face of countermeasures such as time cheating, temporary self-uninstalling, memory hiding etc. New hypervisor detection methods which will be described in this paper can detect a hypervisor under these countermeasures and even count several nested ones. These novel approaches rely on the …
The World’S Laboratory: China’S Patent Boom, It Standards And The Implications For The Global Knowledge, Christopher Mcelwain, Dennis Fernandez
The World’S Laboratory: China’S Patent Boom, It Standards And The Implications For The Global Knowledge, Christopher Mcelwain, Dennis Fernandez
Christopher McElwain
Just as China’s factories disrupted the economics of IT hardware, its research labs have the potential to disrupt the economics of the technology itself. In 2014, China’s patent office received nearly 2.4 million patent applications, 93% from domestic applicants. China has also climbed to third place in terms of international applications, with over 21,000 WIPO PCT applications. Meanwhile, China has taken an assertive role in setting technology standards, both at the national and international levels. In the past, this has included developing and promoting alternatives to important IT standards as a means of challenging perceived monopolies by certain (foreign-dominated) technologies. …
Cloud Computing, Contractibility, And Network Architecture, Christopher S. Yoo
Cloud Computing, Contractibility, And Network Architecture, Christopher S. Yoo
All Faculty Scholarship
The emergence of the cloud is heightening the demands on the network in terms of bandwidth, ubiquity, reliability, latency, and route control. Unfortunately, the current architecture was not designed to offer full support for all of these services or to permit money to flow through it. Instead of modifying or adding specific services, the architecture could redesigned to make Internet services contractible by making the relevant information associated with these services both observable and verifiable. Indeed, several on-going research programs are exploring such strategies, including the NSF’s NEBULA, eXpressive Internet Architecture (XIA), ChoiceNet, and the IEEE’s Intercloud projects.
Introduction: Cyber And The Changing Face Of War, Claire Oakes Finkelstein, Kevin H. Govern
Introduction: Cyber And The Changing Face Of War, Claire Oakes Finkelstein, Kevin H. Govern
All Faculty Scholarship
Cyberweapons and cyberwarfare are one of the most dangerous innovations of recent years, and a significant threat to national security. Cyberweapons can imperil economic, political, and military systems by a single act, or by multifaceted orders of effect, with wide-ranging potential consequences. Cyberwarfare occupies an ambiguous status in the conventions of the laws of war. This book addresses Ethical and legal issues surrounding cyberwarfare by considering whether the Laws of Armed Conflict apply to cyberspace and the ethical position of cyberwarfare against the background of our generally recognized moral traditions in armed conflict. The book explores these moral and legal …
From The Editor-In-Chief, Ibrahim Baggili
From The Editor-In-Chief, Ibrahim Baggili
Journal of Digital Forensics, Security and Law
Welcome to JDFSL’s first issue for 2015! First, I would like to thank our editorial board, reviewers, and the JDFSL team for bringing this issue to life. It has been a big year for JDFSL as the journal continues to progress. We are continuing our indexing efforts for the journal and we are getting closer with some of the major databases.
Data Loss Prevention Management And Control: Inside Activity Incident Monitoring, Identification, And Tracking In Healthcare Enterprise Environments, Manghui Tu, Kimberly Spoa-Harty, Liangliang Xiao
Data Loss Prevention Management And Control: Inside Activity Incident Monitoring, Identification, And Tracking In Healthcare Enterprise Environments, Manghui Tu, Kimberly Spoa-Harty, Liangliang Xiao
Journal of Digital Forensics, Security and Law
As healthcare data are pushed online, consumers have raised big concerns on the breach of their personal information. Law and regulations have placed businesses and public organizations under obligations to take actions to prevent data breach. Among various threats, insider threats have been identified to be a major threat on data loss. Thus, effective mechanisms to control insider threats on data loss are urgently needed. The objective of this research is to address data loss prevention challenges in healthcare enterprise environment. First, a novel approach is provided to model internal threat, specifically inside activities. With inside activities modeling, data …
On The Network Performance Of Digital Evidence Acquisition Of Small Scale Devices Over Public Networks, Irvin Homem, Spyridon Dosis
On The Network Performance Of Digital Evidence Acquisition Of Small Scale Devices Over Public Networks, Irvin Homem, Spyridon Dosis
Journal of Digital Forensics, Security and Law
While cybercrime proliferates – becoming more complex and surreptitious on the Internet – the tools and techniques used in performing digital investigations are still largely lagging behind, effectively slowing down law enforcement agencies at large. Real-time remote acquisition of digital evidence over the Internet is still an elusive ideal in the combat against cybercrime. In this paper we briefly describe the architecture of a comprehensive proactive digital investigation system that is termed as the Live Evidence Information Aggregator (LEIA). This system aims at collecting digital evidence from potentially any device in real time over the Internet. Particular focus is made …
Data Extraction On Mtk-Based Android Mobile Phone Forensics, Joe Kong
Data Extraction On Mtk-Based Android Mobile Phone Forensics, Joe Kong
Journal of Digital Forensics, Security and Law
In conducting criminal investigations it is quite common that forensic examiners need to recover evidentiary data from smartphones used by offenders. However, examiners encountered difficulties in acquiring complete memory dump from MTK Android phones, a popular brand of smartphones, due to a lack of technical knowledge on the phone architecture and that system manuals are not always available. This research will perform tests to capture data from MTK Android phone by applying selected forensic tools and compare their effectiveness by analyzing the extracted results. It is anticipated that a generic extraction tool, once identified, can be used on different brands …
Open Forensic Devices, Lee Tobin, Pavel Gladyshev
Open Forensic Devices, Lee Tobin, Pavel Gladyshev
Journal of Digital Forensics, Security and Law
Cybercrime has been a growing concern for the past two decades. What used to be the responsibility of specialist national police has become routine work for regional and district police. Unfortunately, funding for law enforcement agencies is not growing as fast as the amount of digital evidence. In this paper, we present a forensic platform that is tailored for cost effectiveness, extensibility, and ease of use. The software for this platform is open source and can be deployed on practically all commercially available hardware devices such as standard desktop motherboards or embedded systems such as Raspberry Pi and Gizmosphere’s Gizmo …
A 3-D Stability Analysis Of Lee Harvey Oswald In The Backyard Photo, Srivamshi Pittala, Emily Whiting, Hany Farid
A 3-D Stability Analysis Of Lee Harvey Oswald In The Backyard Photo, Srivamshi Pittala, Emily Whiting, Hany Farid
Journal of Digital Forensics, Security and Law
Fifty years have passed since the assassination of U.S. President Kennedy. Despite the long passage of time, it is still argued that the famous backyard photo of Oswald, holding the same type of rifle used to assassinate the President, is a fake. These claims include, among others, that Oswald’s pose in the photo is physically implausible. We describe a detailed 3-D stability analysis to determine if this claim is warranted.
Table Of Contents
Journal of Digital Forensics, Security and Law
No abstract provided.
Reasonable Expectations Of Privacy Settings: Social Media And The Stored Communications Act, David Thaw, Christopher Borchert, Fernando Pinguelo
Reasonable Expectations Of Privacy Settings: Social Media And The Stored Communications Act, David Thaw, Christopher Borchert, Fernando Pinguelo
Articles
In 1986, Congress passed the Stored Communications Act (“SCA”) to provide additional protections for individuals’ private communications content held in electronic storage by third parties. Acting out of direct concern for the implications of the Third-Party Records Doctrine — a judicially created doctrine that generally eliminates Fourth Amendment protections for information entrusted to third parties — Congress sought to tailor the SCA to electronic communications sent via and stored by third parties. Yet, because Congress crafted the SCA with language specific to the technology of 1986, courts today have struggled to apply the SCA consistently with regard to similar private …
Cyber Espionage Or Cyber War?: International Law, Domestic Law, And Self-Protective Measures, Christopher S. Yoo
Cyber Espionage Or Cyber War?: International Law, Domestic Law, And Self-Protective Measures, Christopher S. Yoo
All Faculty Scholarship
Scholars have spent considerable effort determining how the law of war (particularly jus ad bellum and jus in bello) applies to cyber conflicts, epitomized by the Tallinn Manual on the International Law Applicable to Cyber Warfare. Many prominent cyber operations fall outside the law of war, including the surveillance programs that Edward Snowden has alleged were conducted by the National Security Agency, the distributed denial of service attacks launched against Estonia and Georgia in 2007 and 2008, the 2008 Stuxnet virus designed to hinder the Iranian nuclear program, and the unrestricted cyber warfare described in the 1999 book by …