Physical Sciences and Mathematics Commons^™

More Amazon Than Mafia: Analysing A Ddos Stresser Service As Organised Cybercrime, Roberto Musotto, David S. Wall

Research outputs 2014 to 2021

© 2020, The Author(s). The internet mafia trope has shaped our knowledge about organised crime groups online, yet the evidence is largely speculative and the logic often flawed. This paper adds to current knowledge by exploring the development, operation and demise of an online criminal group as a case study. In this article we analyse a DDoS (Distributed Denial of Service) stresser (also known as booter) which sells its services online to enable offenders to launch attacks. Using Social Network Analysis to explore the service operations and payment systems, our findings show a central business model that is similar to …

Social Disorganisation Theory And Violent Crime: A Spatial-Econometric Analysis Of Chicago And Sydney, Anthony N. Greening

Theses: Doctorates and Masters

The spatialisation of violent crime is explored in two large case studies, Chicago and Sydney, using spatial econometric methods and macro-sociological variables derived from Social Disorganisation Theory.

Social Disorganisation Theory (SDT) is introduced in terms of its formulation in response to highly specific conditions arising in Chicago, as well as its adoption of methodological and theoretical developments from existing traditions. This specificity belies its breadth of application and enduring presence in criminology. With “Social Disorganisation Theory” hosting a wealth of highly nuanced academic dialogue conducted under its banner, current incarnations of SDT appear as branches on an evolutionary tree. This …

Digital Forensic Readiness Intelligence Crime Repository, Victor R. Kebande, Nickson M. Karie, Kim-Kwang R. Choo, Sadi Alawadi

Research outputs 2014 to 2021

It may not always be possible to conduct a digital (forensic) investigation post-event if there is no process in place to preserve potential digital evidence. This study posits the importance of digital forensic readiness, or forensic-by-design, and presents an approach that can be used to construct a Digital Forensic Readiness Intelligence Repository (DFRIR). Based on the concept of knowledge sharing, the authors leverage this premise to suggest an intelligence repository. Such a repository can be used to cross-reference potential digital evidence (PDE) sources that may help digital investigators during the process. This approach employs a technique of capturing PDE from …

Digital Forensic Readiness In Operational Cloud Leveraging Iso/Iec 27043 Guidelines On Security Monitoring, Sheunesu Makura, H. S. Venter, Victor R. Kebande, Nickson M. Karie, Richard A. Ikuesan, Sadi Alawadi

Research outputs 2014 to 2021

An increase in the use of cloud computing technologies by organizations has led to cybercriminals targeting cloud environments to orchestrate malicious attacks. Conversely, this has led to the need for proactive approaches through the use of digital forensic readiness (DFR). Existing studies have attempted to develop proactive prototypes using diverse agent-based solutions that are capable of extracting a forensically sound potential digital evidence. As a way to address this limitation and further evaluate the degree of PDE relevance in an operational platform, this study sought to develop a prototype in an operational cloud environment to achieve DFR in the cloud. …

Evaluating The Impact Of Sandbox Applications On Live Digital Forensics Investigation, Reem Bashir, Helge Janicke, Wen Zeng

Research outputs 2014 to 2021

Sandbox applications can be used as anti-forensics techniques to hide important evidence in the digital forensics investigation. There is limited research on sandboxing technologies, and the existing researches on sandboxing are focusing on the technology itself. The impact of sandbox applications on live digital forensics investigation has not been systematically analysed and documented. In this study, we proposed a methodology to analyse sandbox applications on Windows systems. The impact of having standalone sandbox applications on Windows operating systems image was evaluated. Experiments were conducted to examine the artefacts of three sandbox applications: Sandboxie, BufferZone and ToolWiz Time Freeze on Windows …

Quantifying The Need For Supervised Machine Learning In Conducting Live Forensic Analysis Of Emergent Configurations (Eco) In Iot Environments, Victor R. Kebande, Richard A. Ikuesan, Nickson M. Karie, Sadi Alawadi, Kim-Kwang Raymond Choo, Arafat Al-Dhaqm

Research outputs 2014 to 2021

© 2020 The Author(s) Machine learning has been shown as a promising approach to mine larger datasets, such as those that comprise data from a broad range of Internet of Things devices, across complex environment(s) to solve different problems. This paper surveys existing literature on the potential of using supervised classical machine learning techniques, such as K-Nearest Neigbour, Support Vector Machines, Naive Bayes and Random Forest algorithms, in performing live digital forensics for different IoT configurations. There are also a number of challenges associated with the use of machine learning techniques, as discussed in this paper.

Resources, Race And Rights: A Case Study Of Native Title And The Adani Carmichael Coal Mine, Kate Arnautovic

Theses : Honours

This thesis examines the extent to which state institutions and government have taken into account Indigenous rights and interests during the approval process for a large mining development. This case study focuses on the various phases of approval for the proposed Adani Carmichael Coal Mine, a significant development that has challenged the native title system in Australia. It assesses the extent to which the rights and interests of the Wangan and Jagalingou people, the traditional owners that possess a native title claim over the region, have been upheld by the National Native Title Tribunal and the State and Federal Government. …

Improving Forensic Software Tool Performance In Detecting Fraud For Financial Statements, Brian Cusack, Tau’Aho Ahokov

Australian Digital Forensics Conference

The use of computer forensics is important for forensic accounting practice because most accounting information is in digital forms today. The access to evidence is increasingly more complex and in far greater volumes than in previous decades. The effective and efficient means of detecting fraud are required for the public to maintain their confidence in the reliability of accounting audit and the reputation of accounting firms. The software tools used by forensic accounting can be called into question. Many appear inadequate when faced with the complexity of fraud and there needs to be the development of automated and specialist problem-solving …

Cctv Surveillance: The Differing Aims And Functions Of Cctv Within The Corporate Stratum, Johan Malmenbratt, David J. Brooks

Australian Security and Intelligence Conference

Closed Circuit Television (CCTV) systems are found in a variety of environments and used for a multitude of purposes, leading to differing views of CCTV within an organisation. In accordance to management theory, organisations contain a stratum of work where each level requires specific skills set. In accordance with this work stratum, the study’s methodology used semi-structured interviews with different levels of security personnel in a Casino complex to extract and undertake a thematic analysis. The study extracted 10 CCTV surveillance features across two themes, being its aims and functions. CCTV features included creating a safe environment, protection, legal compliance …

Creating An Operational Security Management Structure For Inimical Environments: Papua New Guinea As A Case Study, William J. Bailey

Australian Security and Intelligence Conference

Security is a necessary cost for businesses wishing to operate in the developing economy of Papua New Guinea. The country continues to face levels of crime and violence out of proportion to other East Asian countries; which deters many would be investors. However, the potential in PNG is vast and eagerly sought after despite the high costs required to operate without harm, therefore, it is necessary manage the security situation. Experience from similar countries has shown by using optimal security management systems and structures it is possible to work safely, securely and effectively, but this requires a comprehensive security, threat …

Efficacy Of Property Marking As A Situational Crime Prevention Strategy, David J. Brooks, Michael Coole, Chauncey Johnson, Jeff Corkill, Malcolm Jenkinson

Australian Security and Intelligence Conference

Burglary and stealing are crimes that have a significant impact and cost on its victims and society. To mitigate such crimes, property marking is a situational crime prevention strategy that attempts to prevent through dissuasion. There are many forms of property marking, yet there is limited research of its efficacy. Where there have been such studies, there has been some indications of success. Therefore, the study assessed the efficacy of property marking to reduce burglary and stealing crimes. The study undertook a quantitate approach using non-equivalent control groups to assess the geo-spatial impact of property marking when applied at a …

The Challenges Of Seizing And Searching The Contents Of Wi-Fi Devices For The Modern Investigator, Dan Blackman, Patryk Szewczyk

Australian Digital Forensics Conference

To the modern law enforcement investigator, the potential for an offender to have a mobile device on his or her person, who connects to a Wi-Fi network, may afford evidence to place them at a scene, at a particular time. Whilst tools to interrogate mobile devices and Wi-Fi networks, have undergone significant development, little research has been conducted with regards to interrogating Wi-Fi routers and the evidence they may contain. This paper demonstrates that multiple inhibiting factors exist for forensic investigators when attempting to extract data from Wi-Fi routers at the scene. Data volatility means the Wi-Fi router cannot be …