Other Computer Sciences Commons^™

An Immersive Telepresence System Using Rgb-D Sensors And Head-Mounted Display, Xinzhong Lu, Ju Shen, Saverio Perugini, Jianjun Yang

Computer Science Faculty Publications

We present a tele-immersive system that enables people to interact with each other in a virtual world using body gestures in addition to verbal communication. Beyond the obvious applications, including general online conversations and gaming, we hypothesize that our proposed system would be particularly beneficial to education by offering rich visual contents and interactivity. One distinct feature is the integration of egocentric pose recognition that allows participants to use their gestures to demonstrate and manipulate virtual objects simultaneously. This functionality enables the instructor to effectively and efficiently explain and illustrate complex concepts or sophisticated problems in an intuitive manner. The …

Salad: A Multimodal Approach For Contextual Video Advertising, Chen Xiang, Tam Nguyen, Mohan Kankanhalli

Computer Science Faculty Publications

The explosive growth of multimedia data on Internet has created huge opportunities for online video advertising. In this paper, we propose a novel advertising technique called SalAd, which utilizes textual information, visual content and the webpage saliency, to automatically associate the most suitable companion ads with online videos. Unlike most existing approaches that only focus on selecting the most relevant ads, SalAd further considers the saliency of selected ads to reduce intentional ignorance. SalAd consists of three basic steps. Given an online video and a set of advertisements, we first roughly identify a set of relevant ads based on the …

Information Diffusion, Facebook Clusters, And The Simplicial Model Of Social Aggregation: A Computational Simulation Of Simplicial Diffusers For Community Health Interventions, Kerk Kee, Lisa Sparks, Daniele C. Struppa, Mirco A. Manucci, Alberto Damiano

Communication Faculty Articles and Research

By integrating the simplicial model of social aggregation with existing research on opinion leadership and diffusion networks, this article introduces the constructs of simplicial diffusers (mathematically defined as nodes embedded in simplexes; a simplex is a socially bonded cluster) and simplicial diffusing sets (mathematically defined as minimal covers of a simplicial complex; a simplicial complex is a social aggregation in which socially bonded clusters are embedded) to propose a strategic approach for information diffusion of cancer screenings as a health intervention on Facebook for community cancer prevention and control. This approach is novel in its incorporation of interpersonally bonded clusters, …

Automatic Video Self Modeling For Voice Disorder, Ju Shen, Changpeng Ti, Anusha Raghunathan, Sen-Ching S. Cheung, Rita Patel

Computer Science Faculty Publications

Video self modeling (VSM) is a behavioral intervention technique in which a learner models a target behavior by watching a video of him- or herself. In the field of speech language pathology, the approach of VSM has been successfully used for treatment of language in children with Autism and in individuals with fluency disorder of stuttering. Technical challenges remain in creating VSM contents that depict previously unseen behaviors. In this paper, we propose a novel system that synthesizes new video sequences for VSM treatment of patients with voice disorders. Starting with a video recording of a voice-disorder patient, the proposed …

Tracking Criminals On Facebook: A Case Study From A Digital Forensics Reu Program, Daniel Weiss, Gary Warner

Annual ADFSL Conference on Digital Forensics, Security and Law

The 2014 Digital Forensics Research Experience for Undergraduates (REU) Program at the University of Alabama at Birmingham (UAB) focused its summer efforts on tracking criminal forums and Facebook groups. The UAB-REU Facebook team was provided with a list of about 60 known criminal groups on Facebook, with a goal to track illegal information posted in these groups and ultimately store the information in a searchable database for use by digital forensic analysts. Over the course of about eight weeks, the UAB-REU Facebook team created a database with over 400 Facebook groups conducting criminal activity along with over 100,000 unique users …

Towards A Digital Forensics Competency-Based Program: Making Assessment Count, Rose Shumba

Annual ADFSL Conference on Digital Forensics, Security and Law

This paper describes an approach that UMUC has initiated to revise its graduate programs to a Competency-Based Education (CBE) curriculum. The approach, which is Learning Demonstration (LD) centric, includes the identification of learning goals and competences, identification and description of the LDs, mapping of the LDs to the competences, scripting the LDs, placing the LDs into the respective courses, validating the developed materials, and the development of the open learning resources. Programs in the Cybersecurity and Information Assurance Department, including the Digital Forensics and Cyber Investigations program, are being revised. An LD centric approach to curriculum development helps align programs …

Phishing Intelligence Using The Simple Set Comparison Tool, Jason Britt, Alan Sprague, Gary Warner

Annual ADFSL Conference on Digital Forensics, Security and Law

Phishing websites, phish, attempt to deceive users into exposing their passwords, user IDs, and other sensitive information by imitating legitimate websites, such as banks, product vendors, and service providers. Phishing investigators need fast automated tools to analyze the volume of phishing attacks seen today. In this paper, we present the Simple Set Comparison tool. The Simple Set Comparison tool is a fast automated tool that groups phish by imitated brand allowing phishing investigators to quickly identify and focus on phish targeting a particular brand. The Simple Set Comparison tool is evaluated against a traditional clustering algorithm over a month's worth …

Identifying Common Characteristics Of Malicious Insiders, Nan Liang, David Biros

Annual ADFSL Conference on Digital Forensics, Security and Law

Malicious insiders account for large proportion of security breaches or other kinds of loss for organizations and have drawn attention of both academics and practitioners. Although methods and mechanism have been developed to monitor potential insider via electronic data monitoring, few studies focus on predicting potential malicious insiders. Based on the theory of planned behavior, certain cues should be observed or expressed when an individual performs as a malicious insider. Using text mining to analyze various media content of existing insider cases, we strive to develop a method to identify crucial and common indicators that an individual might be a …

Continuous Monitoring System Based On Systems' Environment, Eli Weintraub, Yuval Cohen

Annual ADFSL Conference on Digital Forensics, Security and Law

We present a new framework (and its mechanisms) of a Continuous Monitoring System (CMS) having new improved capabilities, and discuss its requirements and implications. The CMS is based on the real-time actual configuration of the system and the environment rather than a theoretic or assumed configuration. Moreover, the CMS predicts organizational damages taking into account chains of impacts among systems' components generated by messaging among software components. In addition, the CMS takes into account all organizational effects of an attack. Its risk measurement takes into account the consequences of a threat, as defines in risk analysis standards. Loss prediction is …

Html5 Zero Configuration Covert Channels: Security Risks And Challenges, Jason Farina, Mark Scanlon, Stephen Kohlmann, Nhien-An Le-Khac, Tahar Kechadi

Annual ADFSL Conference on Digital Forensics, Security and Law

In recent months there has been an increase in the popularity and public awareness of secure, cloudless file transfer systems. The aim of these services is to facilitate the secure transfer of files in a peer-to-peer (P2P) fashion over the Internet without the need for centralized authentication or storage. These services can take the form of client installed applications or entirely web browser based interfaces. Due to the P2P nature, there is generally no limit to the file sizes involved or to the volume of data transmitted - and where these limitations do exist they will be purely reliant on …

Measuring Hacking Ability Using A Conceptual Expertise Task, Justin S. Giboney, Jeffrey G. Proudfoot, Sanjay Goel, Joseph S. Valacich

Annual ADFSL Conference on Digital Forensics, Security and Law

Hackers pose a continuous and unrelenting threat to organizations. Industry and academic researchers alike can benefit from a greater understanding of how hackers engage in criminal behavior. A limiting factor of hacker research is the inability to verify that self-proclaimed hackers participating in research actually possess their purported knowledge and skills. This paper presents current work in developing and validating a conceptual-expertise based tool that can be used to discriminate between novice and expert hackers. The implications of this work are promising since behavioral information systems researchers operating in the information security space will directly benefit from the validation of …

Invited Paper - A Profile Of Prolonged, Persistent Ssh Attack On A Kippo Based Honeynet, Craig Valli, Priya Rabadia, Andrew Woodard

Annual ADFSL Conference on Digital Forensics, Security and Law

This paper is an investigation focusing on activities detected by SSH honeypots that utilised kippo honeypot software. The honeypots were located across a variety of geographical locations and operational platforms. The honeynet has suffered prolonged, persistent and attack from a /24 network which appears to be of Chinese geographical origin. In addition to these attacks, other attackers have been successful in compromising real hosts in a wide range of other countries that were subsequently involved in attacking the honeypot machines in the honeynet.

Keywords: Cyber Security, SSH, Secure Shell, Honeypots, Kippo

Inivited Paper - Potential Changes To Ediscovery Rules In Federal Court: A Discussion Of The Process, Substantive Changes And Their Applicability And Impact On Virginia Practice, Joseph J. Schwerha, Susan L. Mitchell, John W. Bagby

Annual ADFSL Conference on Digital Forensics, Security and Law

The Federal Rules of Civil Procedure (FRCP) are subject to a unique process also once used in revising the Federal Rules of Evidence (FRE). Today, this process is followed in revisions of the FRCP, the Federal Rules of Criminal Procedure and the Federal Bankruptcy Rules. This unique rulemaking process differs significantly from traditional notice and comment rulemaking required for a majority of federal regulatory agencies under the Administrative Procedure Act (APA).1 Most notably, rule-making for the federal courts’ procedural matters remain unaffected by the invalidation of legislative veto. It is still widely, but wrongly believed, that the legislative veto was …

On The Network Performance Of Digital Evidence Acquisition Of Small Scale Devices Over Public Networks, Irvin Homem, Spyridon Dosis

Annual ADFSL Conference on Digital Forensics, Security and Law

While cybercrime proliferates – becoming more complex and surreptitious on the Internet – the tools and techniques used in performing digital investigations are still largely lagging behind, effectively slowing down law enforcement agencies at large. Real-time remote acquisition of digital evidence over the Internet is still an elusive ideal in the combat against cybercrime. In this paper we briefly describe the architecture of a comprehensive proactive digital investigation system that is termed as the Live Evidence Information Aggregator (LEIA). This system aims at collecting digital evidence from potentially any device in real time over the Internet. Particular focus is made …

A Review Of Recent Case Law Related To Digital Forensics: The Current Issues, Kelly A. Cole, Shruti Gupta, Dheeraj Gurugubelli, Marcus K. Rogers

Annual ADFSL Conference on Digital Forensics, Security and Law

Digital forensics is a new field without established models of investigation. This study uses thematic analysis to explore the different issues seen in the prosecution of digital forensic investigations. The study looks at 100 cases from different federal appellate courts to analyze the cause of the appeal. The issues are categorized into one of four categories, ‘search and seizure’, ‘data analysis’, ‘presentation’ and ‘legal issues’. The majority of the cases reviewed related to the search and seizure activity.

Keywords: Computer Investigation, Case Law, Digital Forensics, Legal Issues, and Courts

A New Cyber Forensic Philosophy For Digital Watermarks In The Context Of Copyright Laws, Vinod P. Bhattathiripad, Sneha Sudhakaran, Roshna K. Thalayaniyil

Annual ADFSL Conference on Digital Forensics, Security and Law

The objective of this paper is to propose a new cyber forensic philosophy for watermark in the context of copyright laws for the benefit of the forensic community and the judiciary worldwide. The paper first briefly introduces various types of watermarks, and then situates watermarks in the context of the ideaexpression dichotomy and the copyright laws. It then explains the forensic importance of watermarks and proposes a forensic philosophy for them in the context of copyright laws. Finally, the paper stresses the vital need to incorporate watermarks in the forensic tests to establish software copyright infringement and also urges the …

A Survey Of Software-Based String Matching Algorithms For Forensic Analysis, Yi-Ching Liao

Annual ADFSL Conference on Digital Forensics, Security and Law

Employing a fast string matching algorithm is essential for minimizing the overhead of extracting structured files from a raw disk image. In this paper, we summarize the concept, implementation, and main features of ten software-based string matching algorithms, and evaluate their applicability for forensic analysis. We provide comparisons between the selected software-based string matching algorithms from the perspective of forensic analysis by conducting their performance evaluation for file carving. According to the experimental results, the Shift-Or algorithm (R. Baeza-Yates & Gonnet, 1992) and the Karp-Rabin algorithm (Karp & Rabin, 1987) have the minimized search time for identifying the locations of …

Investigating Forensics Values Of Windows Jump Lists Data, Ahmad Ghafarian

Annual ADFSL Conference on Digital Forensics, Security and Law

Starting with Windows 7, Microsoft introduced a new feature to the Windows Operating Systems called Jump Lists. Jump Lists stores information about user activities on the host machine. These activities may include links to the recently visited web pages, applications executed, or files processed. Computer forensics investigators may find traces of misuse in Jump Lists auto saved files. In this research, we investigate the forensics values of Jump Lists data. Specifically, we use several tools to view Jump Lists data on a virtual machine. We show that each tool reveal certain types of information about user’s activity on the host …

An Empirical Comparison Of Widely Adopted Hash Functions In Digital Forensics: Does The Programming Language And Operating System Make A Difference?, Satyendra Gurjar, Ibrahim Baggili, Frank Breitinger, Alice Fischer

Annual ADFSL Conference on Digital Forensics, Security and Law

Hash functions are widespread in computer sciences and have a wide range of applications such as ensuring integrity in cryptographic protocols, structuring database entries (hash tables) or identifying known files in forensic investigations. Besides their cryptographic requirements, a fundamental property of hash functions is efficient and easy computation which is especially important in digital forensics due to the large amount of data that needs to be processed when working on cases. In this paper, we correlate the runtime efficiency of common hashing algorithms (MD5, SHA-family) and their implementation. Our empirical comparison focuses on C-OpenSSL, Python, Ruby, Java on Windows and …

Two Challenges Of Stealthy Hypervisors Detection: Time Cheating And Data Fluctuations, Igor Korkin

Annual ADFSL Conference on Digital Forensics, Security and Law

Hardware virtualization technologies play a significant role in cyber security. On the one hand these technologies enhance security levels, by designing a trusted operating system. On the other hand these technologies can be taken up into modern malware which is rather hard to detect. None of the existing methods is able to efficiently detect a hypervisor in the face of countermeasures such as time cheating, temporary self-uninstalling, memory hiding etc. New hypervisor detection methods which will be described in this paper can detect a hypervisor under these countermeasures and even count several nested ones. These novel approaches rely on the …

Maximizing The Speed Of Influence In Social Networks, Yubo Wang

Master's Projects

Influence maximization in social networks is the problem of selecting a limited

size of influential users as seed nodes so that the influence from these seed nodes can propagate to the largest number of other nodes in the network. Previous studies in influence maximization focused on three areas, i.e., designing propagation models, improving algorithms of seed-node selection and exploiting the structure of social networks. However, most of these studies ignored the time constraint in influence propagation. In this paper, I studied how to maximize influence propagation in a given time, i.e., maximizing the speed of influence propagation in social networks. …

Compression Of Video Tracking And Bandwidth Balancing Routing In Wireless Multimedia Sensor Networks, Yin Wang, Jianjun Yang, Ju Shen, Bryson Payne, Juan Guo, Kun Hua

Computer Science Faculty Publications

There has been a tremendous growth in multimedia applications over wireless networks. Wireless Multimedia Sensor Networks(WMSNs) have become the premier choice in many research communities and industry. Many state-of-art applications, such as surveillance, traffic monitoring, and remote heath care are essentially video tracking and transmission in WMSNs. The transmission speed is constrained by the big file size of video data and fixed bandwidth allocation in constant routing paths. In this paper, we present a CamShift based algorithm to compress the tracking of videos. Then we propose a bandwidth balancing strategy in which each sensor node is able to dynamically select …

Leading Undergraduate Students To Big Data Generation, Jianjun Yang, Ju Shen

Computer Science Faculty Publications

People are facing a flood of data today. Data are being collected at unprecedented scale in many areas, such as networking, image processing, virtualization, scientific computation, and algorithms. The huge data nowadays are called Big Data. Big data is an all encompassing term for any collection of data sets so large and complex that it becomes difficult to process them using traditional data processing applications. In this article, the authors present a unique way which uses network simulator and tools of image processing to train students abilities to learn, analyze, manipulate, and apply Big Data. Thus they develop students hands-on …

A Web-Based Temperature Monitoring System For The College Of Arts And Letters, Rigoberto Solorio

Electronic Theses, Projects, and Dissertations

In general, server rooms have restricted access requiring that staff possess access codes, keys, etc. Normally, only administrators are provided access to protect the physical hardware and the data stored in the servers. Servers also have firewalls to restrict outsiders from accessing them via the Internet. Servers also cost a lot of money. For this reason, server rooms also need to be protected against overheating. This will prolong the lifecycle of the units and can prevent data loss from hardware failure.

The California State University San Bernardino (CSUSB), Specifically the College of Arts and Letters server room has faced power …

Hole Detection And Shape-Free Representation And Double Landmarks Based Geographic Routing In Wireless Sensor Networks, Jianjun Yang, Zongming Fei, Ju Shen

Computer Science Faculty Publications

In wireless sensor networks, an important issue of geographic routing is “local minimum” problem, which is caused by a “hole” that blocks the greedy forwarding process. Existing geographic routing algorithms use perimeter routing strategies to find a long detour path when such a situation occurs. To avoid the long detour path, recent research focuses on detecting the hole in advance, then the nodes located on the boundary of the hole advertise the hole information to the nodes near the hole. Hence the long detour path can be avoided in future routing. We propose a heuristic hole detecting algorithm which identifies …

On Static And Dynamic Partitioning Behavior Of Large-Scale Networks, Zhongmei Yao, Derek Leonard, Xiaoming Wang, Dmitri Loguinov

Zhongmei Yao

In this paper, we analyze the problem of network disconnection in the context of large-scale P2P networks and understand how both static and dynamic patterns of node failure affect the resilience of such graphs. We start by applying classical results from random graph theory to show that a large variety of deterministic and random P2P graphs almost surely (i.e., with probability 1 − o(1)) remain connected under random failure if and only if they have no isolated nodes. This simple, yet powerful, result subsequently allows us to derive in closed-form the probability that a P2P network develops isolated nodes, and …

Residual-Based Measurement Of Peer And Link Lifetimes In Gnutella Networks, Xiaoming Wang, Zhongmei Yao, Dmitri Loguinov

Zhongmei Yao

Existing methods of measuring lifetimes in P2P systems usually rely on the so-called create-based method (CBM), which divides a given observation window into two halves and samples users "created" in the first half every Delta time units until they die or the observation period ends. Despite its frequent use, this approach has no rigorous accuracy or overhead analysis in the literature. To shed more light on its performance, we flrst derive a model for CBM and show that small window size or large Delta may lead to highly inaccurate lifetime distributions. We then show that create-based sampling exhibits an inherent …

On Node Isolation Under Churn In Unstructured P2p Networks With Heavy-Tailed Lifetimes, Zhongmei Yao, Xiaoming Wang, Dmitri Loguinov

Zhongmei Yao

Previous analytical studies [12], [18] of unstructured P2P resilience have assumed exponential user lifetimes and only considered age-independent neighbor replacement. In this paper, we overcome these limitations by introducing a general node-isolation model for heavy-tailed user lifetimes and arbitrary neighbor-selection algorithms. Using this model, we analyze two age-biased neighbor-selection strategies and show that they significantly improve the residual lifetimes of chosen users, which dramatically reduces the probability of user isolation and graph partitioning compared to uniform selection of neighbors. In fact, the second strategy based on random walks on age-weighted graphs demonstrates that for lifetimes with infinite variance, the system …

Modeling Heterogeneous User Churn And Local Resilience Of Unstructured P2p Networks, Zhongmei Yao, Derek Leonard, Dmitri Loguinov, Xiaoming Wang

Zhongmei Yao

Previous analytical results on the resilience of unstructured P2P systems have not explicitly modeled heterogeneity of user churn (i.e., difference in online behavior) or the impact of in-degree on system resilience. To overcome these limitations, we introduce a generic model of heterogeneous user churn, derive the distribution of the various metrics observed in prior experimental studies (e.g., lifetime distribution of joining users, joint distribution of session time of alive peers, and residual lifetime of a randomly selected user), derive several closed-form results on the transient behavior of in-degree, and eventually obtain the joint in/out degree isolation probability as a simple …

Link Lifetimes And Randomized Neighbor Selection In Dhts, Zhongmei Yao, Dmitri Loguinov

Zhongmei Yao

Several models of user churn, resilience, and link lifetime have recently appeared in the literature [12], [13], [34], [35]; however, these results do not directly apply to classical Distributed Hash Tables (DHTs) in which neighbor replacement occurs not only when current users die, but also when new user arrive into the system, and where replacement choices are often restricted to the successor of the failed zone in the DHT space. To understand neighbor churn in such networks, this paper proposes a simple, yet accurate, model for capturing link dynamics in structured P2P systems and obtains the distribution of link lifetimes …