Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Institution
- Keyword
-
- Computer Science (2)
- Digital (2)
- Forensic (2)
- Memory Forensics (2)
- Android Debug Bridge (1)
-
- Artifact Analysis and Understanding (1)
- Artifact Genome Project (1)
- Artifacts (1)
- Bash Bunny (1)
- CPTED (1)
- Cloud (1)
- Community-based conservation (1)
- Compliance (1)
- Corruption (1)
- Crime prevention (1)
- Criminal Networks (1)
- Curriculum (1)
- Cyber security (1)
- Cybercrime (1)
- Cybersecurity (1)
- Data Analysis (1)
- Digital Forensics (1)
- Digital Humanities (1)
- Disk (1)
- Doc2Vec (1)
- Education (1)
- Extraction of Application Data (1)
- Forensic Artifacts (1)
- Forensic chemistry (1)
- Forensic science (1)
Articles 1 - 13 of 13
Full-Text Articles in Physical Sciences and Mathematics
Evaluation Of The Trunarc Handheld Narcotics Analyzer As A Pre-Analysis Screening Device For The Orange County Crime Lab, Sarah Yang, D. Bauer, C. Woltz, S. Soto, Michael Ibba
Evaluation Of The Trunarc Handheld Narcotics Analyzer As A Pre-Analysis Screening Device For The Orange County Crime Lab, Sarah Yang, D. Bauer, C. Woltz, S. Soto, Michael Ibba
Student Scholar Symposium Abstracts and Posters
Forensic analysis of suspected narcotics is often dangerous as the substances’ composition is unknown. Many techniques for drug identification require handling of the substance outside of its packaging, which can expose the analyst to potentially harmful chemicals. The TruNarc Handheld Narcotics Analyzer is a portable Raman spectroscopy device that is non-destructive of evidence and can be used to screen drugs through simple packaging to minimize the risk of exposure. The Orange County Crime Lab (OCCL) is testing the limits of this device to determine if it can be used to screen new evidence within the Seized Drugs Lab. The OCCL …
Forensicast: A Non-Intrusive Approach & Tool For Logical Forensic Acquisition & Analysis Of The Google Chromecast Tv, Alex Sitterer, Nicholas Dubois, Ibrahim Baggili
Forensicast: A Non-Intrusive Approach & Tool For Logical Forensic Acquisition & Analysis Of The Google Chromecast Tv, Alex Sitterer, Nicholas Dubois, Ibrahim Baggili
Electrical & Computer Engineering and Computer Science Faculty Publications
The era of traditional cable Television (TV) is swiftly coming to an end. People today subscribe to a multitude of streaming services. Smart TVs have enabled a new generation of entertainment, not only limited to constant on-demand streaming as they now offer other features such as web browsing, communication, gaming etc. These functions have recently been embedded into a small IoT device that can connect to any TV with High Definition Multimedia Interface (HDMI) input known as Google Chromecast TV. Its wide adoption makes it a treasure trove for potential digital evidence. Our work is the primary source on forensically …
Forensic Artifact Finder (Forensicaf): An Approach & Tool For Leveraging Crowd-Sourced Curated Forensic Artifacts, Tyler Balon, Krikor Herlopian, Ibrahim Baggili, Cinthya Grajeda-Mendez
Forensic Artifact Finder (Forensicaf): An Approach & Tool For Leveraging Crowd-Sourced Curated Forensic Artifacts, Tyler Balon, Krikor Herlopian, Ibrahim Baggili, Cinthya Grajeda-Mendez
Electrical & Computer Engineering and Computer Science Faculty Publications
Current methods for artifact analysis and understanding depend on investigator expertise. Experienced and technically savvy examiners spend a lot of time reverse engineering applications while attempting to find crumbs they leave behind on systems. This takes away valuable time from the investigative process, and slows down forensic examination. Furthermore, when specific artifact knowledge is gained, it stays within the respective forensic units. To combat these challenges, we present ForensicAF, an approach for leveraging curated, crowd-sourced artifacts from the Artifact Genome Project (AGP). The approach has the overarching goal of uncovering forensically relevant artifacts from storage media. We explain our approach …
Duck Hunt: Memory Forensics Of Usb Attack Platforms, Tyler Thomas, Mathew Piscitelli, Bhavik Ashok Nahar, Ibrahim Baggili
Duck Hunt: Memory Forensics Of Usb Attack Platforms, Tyler Thomas, Mathew Piscitelli, Bhavik Ashok Nahar, Ibrahim Baggili
Electrical & Computer Engineering and Computer Science Faculty Publications
To explore the memory forensic artifacts generated by USB-based attack platforms, we analyzed two of the most popular commercially available devices, Hak5's USB Rubber Ducky and Bash Bunny. We present two open source Volatility plugins, usbhunt and dhcphunt, which extract artifacts generated by these USB attacks from Windows 10 system memory images. Such artifacts include driver-related diagnostic events, unique device identifiers, and DHCP client logs. Our tools are capable of extracting metadata-rich Windows diagnostic events generated by any USB device. The device identifiers presented in this work may also be used to definitively detect device usage. Likewise, the DHCP logs …
Another Brick In The Wall: An Exploratory Analysis Of Digital Forensics Programs In The United States, Syria Mccullough, Stella Abudu, Ebere Onwubuariri, Ibrahim Baggili
Another Brick In The Wall: An Exploratory Analysis Of Digital Forensics Programs In The United States, Syria Mccullough, Stella Abudu, Ebere Onwubuariri, Ibrahim Baggili
Electrical & Computer Engineering and Computer Science Faculty Publications
We present a comprehensive review of digital forensics programs offered by universities across the United States (U.S.). While numerous studies on digital forensics standards and curriculum exist, few, if any, have examined digital forensics courses offered across the nation. Since digital forensics courses vary from university to university, online course catalogs for academic institutions were evaluated to curate a dataset. Universities were selected based on online searches, similar to those that would be made by prospective students. Ninety-seven (n = 97) degree programs in the U.S. were evaluated. Overall, results showed that advanced technical courses are missing from curricula. We …
Mass Incarceration In Nebraska: Data And Historical Analysis Of Inmates From 1980-2020, Anna Krause
Mass Incarceration In Nebraska: Data And Historical Analysis Of Inmates From 1980-2020, Anna Krause
Honors Theses
This study examines Nebraska Department of Corrections inmate data from 1980-2020, looking specifically at inmate demographics and offense trends. State-of-the-art data analysis is conducted to collect, modify, and visualize the data sources. Inmates are organized by each decade they were incarcerated within. The current active prison population is also examined in their own research group. The demographic and offense trends are compared with previous local and national research. Historical context is given for evolving trends in offenses. Solutions for Nebraska prison overcrowding are presented from various interest groups. This study aims to enlighten all interested Nebraskans on who inhabits their …
Illicit Activity Detection In Large-Scale Dark And Opaque Web Social Networks, Dhara Shah, T. G. Harrison, Christopher B. Freas, David Maimon, Robert W. Harrison
Illicit Activity Detection In Large-Scale Dark And Opaque Web Social Networks, Dhara Shah, T. G. Harrison, Christopher B. Freas, David Maimon, Robert W. Harrison
EBCS Articles
Many online chat applications live in a grey area between the legitimate web and the dark net. The Telegram network in particular can aid criminal activities. Telegram hosts “chats” which consist of varied conversations and advertisements. These chats take place among automated “bots” and human users. Classifying legitimate activity from illegitimate activity can aid law enforcement in finding criminals. Social network analysis of Telegram chats presents a difficult problem. Users can change their username or create new accounts. Users involved in criminal activity often do this to obscure their identity. This makes establishing the unique identity behind a given username …
Examining The Crime Prevention Claims Of Crime Prevention Through Environmental Design On System-Trespassing Behaviors: A Randomized Experiment, Daren Fisher, David Maimon, Tamar Berenblum
Examining The Crime Prevention Claims Of Crime Prevention Through Environmental Design On System-Trespassing Behaviors: A Randomized Experiment, Daren Fisher, David Maimon, Tamar Berenblum
EBCS Articles
Crime prevention through environmental design (CPTED) is a non-punitive method for reducing crime through the design of the built environment. The relevance of CPTED strategies however is less clear in the context of computing environments. Building upon prior research indicating that computing environments may change computer users’ behaviors, this study tests the effectiveness of CPTED based approaches in mitigating system trespassing events. Findings from this randomized controlled field trial demonstrate that specific CPTED strategies can mitigate hacking events by: reducing the number of concurrent activities on the target computer, attenuating the number of commands typed in the attacked computer, and …
Zooming Into The Pandemic! A Forensic Analysis Of The Zoom Application, Andrew Mahr, Meghan Cichon, Sophia Mateo, Cinthya Grajeda, Ibrahim Baggili
Zooming Into The Pandemic! A Forensic Analysis Of The Zoom Application, Andrew Mahr, Meghan Cichon, Sophia Mateo, Cinthya Grajeda, Ibrahim Baggili
Electrical & Computer Engineering and Computer Science Faculty Publications
The global pandemic of COVID-19 has turned the spotlight on video conferencing applications like never before. In this critical time, applications such as Zoom have experienced a surge in its user base jump over the 300 million daily mark (ZoomBlog, 2020). The increase in use has led malicious actors to exploit the application, and in many cases perform Zoom Bombings. Therefore forensically examining Zoom is inevitable. Our work details the primary disk, network, and memory forensic analysis of the Zoom video conferencing application. Results demonstrate it is possible to find users' critical information in plain text and/or encrypted/encoded, such …
Advancing Applied Research In Conservation Criminology Through The Evaluation Of Corruption Prevention, Enhancing Compliance, And Reducing Recidivism, Jessica S. Kahler, Joseph W. Rivera, Zachary T. Steele, Pilar Morales-Giner, Christian J. Rivera, Carol F. Ahossin, Ashpreet Kaur, Diane J. Episcopio-Sturgeon
Advancing Applied Research In Conservation Criminology Through The Evaluation Of Corruption Prevention, Enhancing Compliance, And Reducing Recidivism, Jessica S. Kahler, Joseph W. Rivera, Zachary T. Steele, Pilar Morales-Giner, Christian J. Rivera, Carol F. Ahossin, Ashpreet Kaur, Diane J. Episcopio-Sturgeon
Biological Sciences Faculty Publications
Concomitant with an increase in the global illegal wildlife trade has been a substantial increase in research within traditional conservation-based sciences and conservation and green criminology. While the integration of criminological theories and methods into the wildlife conservation context has advanced our understanding of and practical responses to illegal wildlife trade, there remain discrepancies between the number of empirical vs. conceptual studies and a disproportionate focus on a few select theories, geographical contexts, and taxonomic groups. We present three understudied or novel applications of criminology and criminal justice research within the fields of fisheries, forestry, and wildlife conservation. First, we …
Digital Forensic Readiness Intelligence Crime Repository, Victor R. Kebande, Nickson M. Karie, Kim-Kwang R. Choo, Sadi Alawadi
Digital Forensic Readiness Intelligence Crime Repository, Victor R. Kebande, Nickson M. Karie, Kim-Kwang R. Choo, Sadi Alawadi
Research outputs 2014 to 2021
It may not always be possible to conduct a digital (forensic) investigation post-event if there is no process in place to preserve potential digital evidence. This study posits the importance of digital forensic readiness, or forensic-by-design, and presents an approach that can be used to construct a Digital Forensic Readiness Intelligence Repository (DFRIR). Based on the concept of knowledge sharing, the authors leverage this premise to suggest an intelligence repository. Such a repository can be used to cross-reference potential digital evidence (PDE) sources that may help digital investigators during the process. This approach employs a technique of capturing PDE from …
Digital Forensic Readiness In Operational Cloud Leveraging Iso/Iec 27043 Guidelines On Security Monitoring, Sheunesu Makura, H. S. Venter, Victor R. Kebande, Nickson M. Karie, Richard A. Ikuesan, Sadi Alawadi
Digital Forensic Readiness In Operational Cloud Leveraging Iso/Iec 27043 Guidelines On Security Monitoring, Sheunesu Makura, H. S. Venter, Victor R. Kebande, Nickson M. Karie, Richard A. Ikuesan, Sadi Alawadi
Research outputs 2014 to 2021
An increase in the use of cloud computing technologies by organizations has led to cybercriminals targeting cloud environments to orchestrate malicious attacks. Conversely, this has led to the need for proactive approaches through the use of digital forensic readiness (DFR). Existing studies have attempted to develop proactive prototypes using diverse agent-based solutions that are capable of extracting a forensically sound potential digital evidence. As a way to address this limitation and further evaluate the degree of PDE relevance in an operational platform, this study sought to develop a prototype in an operational cloud environment to achieve DFR in the cloud. …
Evaluating The Impact Of Sandbox Applications On Live Digital Forensics Investigation, Reem Bashir, Helge Janicke, Wen Zeng
Evaluating The Impact Of Sandbox Applications On Live Digital Forensics Investigation, Reem Bashir, Helge Janicke, Wen Zeng
Research outputs 2014 to 2021
Sandbox applications can be used as anti-forensics techniques to hide important evidence in the digital forensics investigation. There is limited research on sandboxing technologies, and the existing researches on sandboxing are focusing on the technology itself. The impact of sandbox applications on live digital forensics investigation has not been systematically analysed and documented. In this study, we proposed a methodology to analyse sandbox applications on Windows systems. The impact of having standalone sandbox applications on Windows operating systems image was evaluated. Experiments were conducted to examine the artefacts of three sandbox applications: Sandboxie, BufferZone and ToolWiz Time Freeze on Windows …