Physical Sciences and Mathematics Commons^™

A Design Science Approach To Investigating Decentralized Identity Technology, Janelle Krupicka

Cybersecurity Undergraduate Research Showcase

The internet needs secure forms of identity authentication to function properly, but identity authentication is not a core part of the internet’s architecture. Instead, approaches to identity verification vary, often using centralized stores of identity information that are targets of cyber attacks. Decentralized identity is a secure way to manage identity online that puts users’ identities in their own hands and that has the potential to become a core part of cybersecurity. However, decentralized identity technology is new and continually evolving, which makes implementing this technology in an organizational setting challenging. This paper suggests that, in the future, decentralized identity …

Potential Security Vulnerabilities In Raspberry Pi Devices With Mitigation Strategies, Briana Tolleson

Cybersecurity Undergraduate Research Showcase

For this research project I used a Raspberry Pi device and conducted online research to investigate potential security vulnerabilities along with mitigation strategies. I configured the Raspberry Pi by using the proper peripherals such as an HDMI cord, a microUSB adapter that provided 5V and at least 700mA of current, a TV monitor, PiSwitch, SD Card, keyboard, and mouse. I installed the Rasbian operating system (OS). The process to install the Rasbian took about 10 minutes to boot starting at 21:08 on 10/27/2023 and ending at 21:18. 1,513 megabytes (MB) was written to the SD card running at (2.5 MB/sec). …

The Propagation And Execution Of Malware In Images, Piper Hall

Cybersecurity Undergraduate Research Showcase

Malware has become increasingly prolific and severe in its consequences as information systems mature and users become more reliant on computing in their daily lives. As cybercrime becomes more complex in its strategies, an often-overlooked manner of propagation is through images. In recent years, several high-profile vulnerabilities in image libraries have opened the door for threat actors to steal money and information from unsuspecting users. This paper will explore the mechanisms by which these exploits function and how they can be avoided.

Analysis Of Honeypots In Detecting Tactics, Techniques, And Procedure (Ttp) Changes In Threat Actors Based On Source Ip Address, Carson Reynolds, Andy Green

Symposium of Student Scholars

The financial and national security impacts of cybercrime globally are well documented. According to the 2020 FBI Internet Crime Report, financially motivated threat actors committed 86% of reported breaches, resulting in a total loss of approximately $4.1 billion in the United States alone. In order to combat this, our research seeks to determine if threat actors change their tactics, techniques, and procedures (TTPs) based on the geolocation of their target’s IP address. We will construct a honeypot network distributed across multiple continents to collect attack data from geographically separate locations concurrently to answer this research question. We will configure the …

Secure Cloud-Based Iot Water Quality Gathering For Analysis And Visualization, Soin Abdoul Kassif Baba M Traore

Symposium of Student Scholars

Water quality refers to measurable water characteristics, including chemical, biological, physical, and radiological characteristics usually relative to human needs. Dumping waste and untreated sewage are the reasons for water pollution and several diseases to the living hood. The quality of water can also have a significant impact on animals and plant ecosystems. Therefore, keeping track of water quality is a substantial national interest. Much research has been done for measuring water quality using sensors to prevent water pollution. In summary, those systems are built based on online and reagent-free water monitoring SCADA systems in wired networks. However, centralized servers, transmission …

Leveraging Machine Learning For Detecting Iot-Based Interference In Operational Wifi Networks [Poster], Josh Pulse

Research in the Capitol

IoT (Internet of Things) devices have become increasingly popular in recent years. IoT includes many smart home devices such as an Amazon Echo, smart lightbulbs, and smart sensors. These devices often include different networking protocols than are used in most WiFi devices but are in the same wireless band, leading to the possibility of interference. With the rise in the number of IoT devices, it is important to understand how they impact the existing WiFi networks that many people deploy in their home or business. In this research project, wireless traffic data will be collected in an environment containing both …

The Amorphous Nature Of Hackers: An Exploratory Study, Kento Yasuhara, Daniel Walnycky, Ibrahim Baggili, Ahmed Alhishwan

Annual ADFSL Conference on Digital Forensics, Security and Law

In this work, we aim to better understand outsider perspectives of the hacker community through a series of situation based survey questions. By doing this, we hope to gain insight into the overall reputation of hackers from participants in a wide range of technical and non-technical backgrounds. This is important to digital forensics since convicted hackers will be tried by people, each with their own perception of who hackers are. Do cyber crimes and national security issues negatively affect people’s perceptions of hackers? Does hacktivism and information warfare positively affect people’s perception of hackers? Do individual personality factors affect one’s …

Human-Controlled Fuzzing With Afl, Maxim Grishin, Igor Korkin, Phd

Annual ADFSL Conference on Digital Forensics, Security and Law

Fuzzing techniques are applied to reveal different types of bugs and vulnerabilities. American Fuzzy Lop (AFL) is a free most popular software fuzzer used by many other fuzzing frameworks. AFL supports autonomous mode of operation that uses the previous step output into the next step, as a result fuzzer spends a lot of time analyzing minor code sections. By making fuzzing process more focused and human controlled security expert can save time and find more bugs in less time. We designed a new module that can fuzz only the specified functions. As a result, the chosen ones will be inspected …

Timestamp Estimation From Outdoor Scenes, Tawfiq Salem, Jisoo Hwang, Rafael Padilha

Annual ADFSL Conference on Digital Forensics, Security and Law

The increasing availability of smartphones allowed people to easily capture and share images on the internet. These images are often associated with metadata, including the image capture time (timestamp) and the location where the image was captured (geolocation). The metadata associated with images provides valuable information to better understand scenes and events presented in these images. The timestamp can be manipulated intentionally to provide false information to convey a twisted version of reality. Images with manipulated timestamps are often used as a cover-up for wrongdoing or broadcasting false claims and competing views on the internet. Estimating the time of capture …

Digital Forensics For Mobility As A Service Platform: Analysis Of Uber Application On Iphone And Cloud, Nina Matulis, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

Uber is a ride-hailing smartphone application (app) that allows users to order a ride in a highly efficient manner. The Uber app provides Mobility as a Service and allows users to easily order a ride in a private car with just a few clicks. Uber stores large amounts of data on both the mobile device the app is being used on, and in the cloud. Examples of this data include geolocation data, date/time, origin/destination addresses, departure/arrival times, and distance. Uber geolocation data has been previously researched to investigate the privacy of the Uber app; however, there is minimal research relating …

Microsoft Defender Will Be Defended: Memoryranger Prevents Blinding Windows Av, Denis Pogonin, Igor Korkin, Phd

Annual ADFSL Conference on Digital Forensics, Security and Law

Windows OS is facing a huge rise in kernel attacks. An overview of popular techniques that result in loading kernel drivers will be presented. One of the key targets of modern threats is disabling and blinding Microsoft Defender, a default Windows AV. The analysis of recent driver-based attacks will be given, the challenge is to block them. The survey of user- and kernel-level attacks on Microsoft Defender will be given. One of the recently published attackers’ techniques abuses Mandatory Integrity Control (MIC) and Security Reference Monitor (SRM) by modifying Integrity Level and Debug Privileges for the Microsoft Defender via syscalls. …

Smart Home Forensics: Identifying Ddos Attack Patterns On Iot Devices, Samuel Ho, Hope Greeson, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

Smart homes are becoming more common as more people integrate IoT devices into their home environment. As such, these devices have access to personal data on their homeowners’ networks. One of the advantages of IoT devices is that they are compact. However, this limits the incorporation of security measures in their hardware. Misconfigured IoT devices are commonly the target of malicious attacks. Additionally, distributed denial-of-service attacks are becoming more common due to applications and software that provides users with easy-to-use user interfaces. Since one vulnerable device is all an attacker needs to launch an attack on a network, in regards …

A Lightweight Reliably Quantified Deepfake Detection Approach, Tianyi Wang, Kam Pui Chow

Annual ADFSL Conference on Digital Forensics, Security and Law

Deepfake has brought huge threats to society such that everyone can become a potential victim. Current Deepfake detection approaches have unsatisfactory performance in either accuracy or efficiency. Meanwhile, most models are only evaluated on different benchmark test datasets with different accuracies, which could not imitate the real-life Deepfake unknown population. As Deepfake cases have already been raised and brought challenges at the court, it is disappointed that no existing work has studied the model reliability and attempted to make the detection model act as the evidence at the court. We propose a lightweight Deepfake detection deep learning approach using the …

Detection Of Overlapping Passive Manipulation Techniques In Image Forensics, Gianna S. Lint, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

With a growing number of images uploaded daily to social media sites, it is essential to understand if an image can be used to trace its origin. Forensic investigations are focusing on analyzing images that are uploaded to social media sites resulting in an emphasis on building and validating tools. There has been a strong focus on understanding active manipulation or tampering techniques and building tools for analysis. However, research on manipulation is often studied in a vacuum, involving only one technique at a time. Additionally, less focus has been placed on passive manipulation, which can occur by simply uploading …

Anatomy Of An Internet Hijack And Interception Attack: A Global And Educational Perspective, Ben A. Scott, Michael N. Johnstone, Patryk Szewczyk

Annual ADFSL Conference on Digital Forensics, Security and Law

The Internet’s underlying vulnerable protocol infrastructure is a rich target for cyber crime, cyber espionage and cyber warfare operations. The stability and security of the Internet infrastructure are important to the function of global matters of state, critical infrastructure, global e-commerce and election systems. There are global approaches to tackle Internet security challenges that include governance, law, educational and technical perspectives. This paper reviews a number of approaches to these challenges, the increasingly surgical attacks that target the underlying vulnerable protocol infrastructure of the Internet, and the extant cyber security education curricula; we find the majority of predominant cyber security …

A Low-Cost Machine Learning Based Network Intrusion Detection System With Data Privacy Preservation, Jyoti Fakirah, Lauhim Mahfuz Zishan, Roshni Mooruth, Michael L. Johnstone, Wencheng Yang

Annual ADFSL Conference on Digital Forensics, Security and Law

Network intrusion is a well-studied area of cyber security. Current machine learning-based network intrusion detection systems (NIDSs) monitor network data and the patterns within those data but at the cost of presenting significant issues in terms of privacy violations which may threaten end-user privacy. Therefore, to mitigate risk and preserve a balance between security and privacy, it is imperative to protect user privacy with respect to intrusion data. Moreover, cost is a driver of a machine learning-based NIDS because such systems are increasingly being deployed on resource-limited edge devices. To solve these issues, in this paper we propose a NIDS …

Exploring Ai And Multiplayer In Java, Ronni Kurtzhals

Student Academic Conference

I conducted research into three topics: artificial intelligence, package deployment, and multiplayer servers in Java. This research came together to form my project presentation on the implementation of these topics, which I felt accurately demonstrated the various things I have learned from my courses at Moorhead State University. Several resources were consulted throughout the project, including the work of W3Schools and StackOverflow as well as relevant assignments and textbooks from previous classes. I found this project relevant to computer science and information systems for several reasons, such as the AI component and use of SQL data tables; but it was …

Optimizing Networking Topologies With Shortest Path Algorithms, Jordan Sahs

UNO Student Research and Creative Activity Fair

Communication networks tend to contain redundant devices and mediums of transmission, thus the need to locate, document, and optimize networks is increasingly becoming necessary. However, many people do not know where to start the optimization progress. What is network topology? What is this “Shortest Path Problem”, and how can it be used to better my network? These questions are presented, taught, and answered within this paper. To supplement the reader’s understanding there are thirty-eight figures in the paper that are used to help convey and compartmentalize the learning process needed to grasp the materials presented in the ending sections.

In …

Integrating The Bullet Physics Engine Into Minecraft, Ethan Johnson

Student Academic Conference

During the past fall semester, I started a programming project called Rayon which is designed to be a realistic physics engine implementation that runs alongside the videogame Minecraft. It is a library which Minecraft mod developers can use to implement realistic entity movement into their own mods. Rayon, being entirely written in the Java programming language, currently uses a port of the Bullet physics engine called JBullet which is very outdated and no longer being maintained. To find a more performant solution, I have set out to replace JBullet with an alternative library called LibBulletJME which is designed to interface …

Forensic Analysis Of Spy Applications In Android Devices, Shinelle Hutchinson, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

Smartphones with Google's Android operating system are becoming more and more popular each year, and with this increased user base, comes increased opportunities to collect more of these users' private data. There have been several instances of malware being made available via the Google Play Store, which is one of the predominant means for users to download applications. One effective way of collecting users' private data is by using Android Spyware. In this paper, we conduct a forensic analysis of a malicious Android spyware application and present our findings. We also highlight what information the application accesses and what it …

Predict The Failure Of Hydraulic Pumps By Different Machine Learning Algorithms, Yifei Zhou, Monika Ivantysynova, Nathan Keller

The Summer Undergraduate Research Fellowship (SURF) Symposium

Pump failure is a general concerned problem in the hydraulic field. Once happening, it will cause a huge property loss and even the life loss. The common methods to prevent the occurrence of pump failure is by preventative maintenance and breakdown maintenance, however, both of them have significant drawbacks. This research focuses on the axial piston pump and provides a new solution by the prognostic of pump failure using the classification of machine learning. Different kinds of sensors (temperature, acceleration and etc.) were installed into a good condition pump and three different kinds of damaged pumps to measure 10 of …

Contents, Adfsl

Annual ADFSL Conference on Digital Forensics, Security and Law

No abstract provided.

Front Matter, Adfsl

Annual ADFSL Conference on Digital Forensics, Security and Law

No abstract provided.

Analysis Of Data Erasure Capability On Sshd Drives For Data Recovery, Andrew Blyth

Annual ADFSL Conference on Digital Forensics, Security and Law

Data Protection and Computer Forensics/Anti-Forensics has now become a critical area of concern for organizations. A key element to this is how data is sanitized at end of life. In this paper we explore Hybrid Solid State Hybrid Drives (SSHD) and the impact that various Computer Forensics and Data Recovery techniques have when performing data erasure upon a SSHD.

Knowledge Expiration In Security Awareness Training, Tianjian Zhang

Annual ADFSL Conference on Digital Forensics, Security and Law

No abstract provided.

Positive Identification Of Lsb Image Steganography Using Cover Image Comparisons, Michael Pelosi, Nimesh Poudel, Pratap Lamichhane, Devon Lam, Gary Kessler, Joshua Macmonagle

Annual ADFSL Conference on Digital Forensics, Security and Law

In this paper we introduce a new software concept specifically designed to allow the digital forensics professional to clearly identify and attribute instances of LSB image steganography by using the original cover image in side-by-side comparison with a suspected steganographic payload image. The “CounterSteg” software allows detailed analysis and comparison of both the original cover image and any modified image, using sophisticated bit- and color-channel visual depiction graphics. In certain cases, the steganographic software used for message transmission can be identified by the forensic analysis of LSB and other changes in the payload image. The paper demonstrates usage and typical …

Exploring The Use Of Graph Databases To Catalog Artifacts For Client Forensics, Rose Shumba

Annual ADFSL Conference on Digital Forensics, Security and Law

Cloud computing has revolutionized the methods by which digital data is stored, processed, and transmitted. It is providing users with data storage and processing services, enabling access to resources through multiple devices. Although organizations continue to embrace the advantages of flexibility and scalability offered by cloud computing, insider threats are becoming a serious concern as cited by security researchers. Insiders can use authorized access to steal sensitive information, calling for the need for an investigation. This concept paper describes research in progress towards developing a Neo4j graph database tool to enhance client forensics. The tool, with a Python interface, allows …

Forensic Analysis Of The Exfat Artifacts, Yves Vandermeer, An Lekhac, Tahar Kechadi, Joe Carthy

Annual ADFSL Conference on Digital Forensics, Security and Law

Although keeping some basic concepts inherited from FAT32, the exFAT file system introduces many differences, such as the new mapping scheme of directory entries. The combination of exFAT mapping scheme with the allocation of bitmap files and the use of FAT leads to new forensic possibilities. The recovery of deleted files, including fragmented ones and carving becomes more accurate compared with former forensic processes. Nowadays, the accurate and sound forensic analysis is more than ever needed, as there is a high risk of erroneous interpretation. Indeed, most of the related work in the literature on exFAT structure and forensics, is …

Unmanned Aerial Vehicle Forensic Investigation Process: Dji Phantom 3 Drone As A Case Study, Alan Roder, Kim-Kwang Raymond Choo, Nhien-A Le-Khac

Annual ADFSL Conference on Digital Forensics, Security and Law

Drones (also known as Unmanned Aerial Vehicles – UAVs) are a potential source of evidence in a digital investigation, partly due to their increasing popularity in our society. However, existing UAV/drone forensics generally rely on conventional digital forensic investigation guidelines such as those of ACPO and NIST, which may not be entirely fit-for-purpose. In this paper, we identify the challenges associated with UAV/drone forensics. We then explore and evaluate existing forensic guidelines, in terms of their effectiveness for UAV/drone forensic investigations. Next, we present our set of guidelines for UAV/drone investigations. Finally, we demonstrate how the proposed guidelines can be …

Detection And Recovery Of Anti-Forensic (Vault) Applications On Android Devices, Michaila Duncan, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

Significant number of mobile device users currently employ anti-forensics applications, also known as vault or locker applications, on their mobile devices in order to hide files such as photos. Because of this, investigators are required to spend a large portion of their time manually looking at the applications installed on the device. Currently, there is no automated method of detecting these anti-forensics applications on an Android device. This work presents the creation and testing of a vault application detection system to be used on Android devices. The main goal of this work is twofold: (i) Detecting and reporting the presence …