Social and Behavioral Sciences Commons^™

An Inquiry Into The Aviation Management Education Paradigm Shift, Matthew P. Earnhardt, Jason M. Newcomer, Daryl V. Watkins, James W. Marion

International Journal of Aviation, Aeronautics, and Aerospace

Working adults with four-year degrees from accredited colleges or universities earn, on average, almost three times more than individuals without a degree. This pay gap led Newcomer and his colleagues to study attitudes of aviation and aerospace managers towards education. That study found that managers valued education in new hires, even though they did not deem it critical to their own positions. That finding indicated a potential paradigm shift towards the perceived value of education in the industry.

In the current qualitative, phenomenological research, we interviewed 14 managers from various capacities within the aviation and aerospace industries to determine the …

Reliability Of Eyewitness Reports To A Major Aviation Accident, Dave English, Michael Kuzel

International Journal of Aviation, Aeronautics, and Aerospace

There is a paucity of studies on the reliability of eyewitness reports to aviation crashes. We examine witness statements to a widely observed major airline accident to determine if reported accident investigator distrust of details in eyewitness reports is supported by empirical evidence. The extensive archival witness record (N > 300) of a wide-body airliner crash in clear daylight conditions is subjected to statistical analysis to test eyewitness reliability. Even with over 200 witnesses within a three square kilometre (1.6 square mile) area answering a binary observation question, the variance is sometimes high enough to preclude forming statistically significant conclusions …

Measurable Outcomes Of Safety Culture In Aviation - A Meta-Analytic Review, Benjamin J. Goodheart, Maryjo O. Smith

International Journal of Aviation, Aeronautics, and Aerospace

Though the complimentary concepts of safety culture and safety climate have become increasingly popular over the past three decades, they have only infrequently been central to research designed to examine the empirical relationship between safety culture and safety performance. This tenuous link between culture and safety performance outcomes is especially prevalent in the aviation sector. This study systematically examined the existing literature for empirical evidence and explored the available data via meta-analysis to determine whether safety culture was significantly predictive of safety performance in an aviation operational environment. Although a broad, careful review of the literature was accomplished, the results …

Interactive 3-D Software In Aircraft Rescue And Fire Fighting Training, Mary K. Gorman Ph.D., Rita "Rene" I. Herron Ph.D.

International Journal of Aviation, Aeronautics, and Aerospace

As the nexus between aviation, fire science, and emergency management becomes increasingly more complex, technology can be used to augment training and avoid risk while maintaining authenticity with situational reality. In Aircraft Rescue & Fire Fighting (ARFF), the manner in which the learning content is effectively imparted to the student-professional can make all the difference in a successful emergency response. The interactive 3-D software developed exclusively for Dallas/Fort Worth Fire Training Research Center (DFW FTRC) is part of a curriculum designed to educated and train ARFF professionals in life-saving strategies and tactics. Through a 2013 Memorandum of Understanding, the world’s …

Kinematic Effects In Large Transport Aircraft, Shem Malmquist, Dennis A. Vincenzi Ph.D., Dahai Liu Ph.D.

International Journal of Aviation, Aeronautics, and Aerospace

The control of an aircraft relies on sensory feedback. It follows that any aspect that could create a situation where that feedback is faulty can lead to unintended outcomes. The size of very large jet aircraft can result in kinematic effects that impact the perceptions of the flight crew. Due to the large amount of inertia involved, coupled with aerodynamic factors, when the aircraft pitch (θ) is initially changed, the short term actual motion of the aircraft, as viewed from the center of gravity, remains relatively unchanged. As a consequence of aircraft design, this results in the flight deck changing …

From The Editor-In-Chief, Ibrahim A. Baggili

Journal of Digital Forensics, Security and Law

We are proud to share with you this special edition issue of the JDFSL. This year, JDFSL partnered with both the 6th International Conference on Digital Forensics and Cyber Crime (ICDF2C) and Systematic Approaches to Digital Forensic Engineering (SADFE)–two prominent conferences in our field that were co-hosted. Fifty-three papers were submitted, and the Technical Program Committee accepted only 17 after a rigorous review process.

Consumer Perceptions Of Starting Regional Pilot Pay Given Additional Qualifications, Scott R. Winter, Stephen Rice, Timothy G. Rosser, Rian Mehta, Ayu Rice

International Journal of Aviation, Aeronautics, and Aerospace

Public Law 111-216, passed in 2010, has drastically increased the required number of flight hours necessary to become a commercial airline pilot from 250 hours to 1,500 hours in the United States. Intended to increase the safety and qualifications of commercial airline pilots, one possible unintended consequence may be fewer pilots pursuing an airline career due to increased training costs, with no apparent increase in starting salary. The purpose of this exploratory study was to examine consumer perceptions of how much additional pay starting first officers should make based on this new law. American participants from Amazon’s ® Mechanical Turk …

Passengers From India And The United States Have Differential Opinions About Autonomous Auto-Pilots For Commercial Flights, Stephen Rice, Keegan Kraemer, Scott R. Winter, Rian Mehta, Victoria Dunbar, Timothy G. Rosser, Julie C. Moore

International Journal of Aviation, Aeronautics, and Aerospace

There has been much previous research on cultural differences between the United States and India, as well as some research on consumer attitudes towards auto-pilots in commercial airlines. However, to date, there has been no research that examines how passengers from different countries feel about auto-pilots and remote-controlled (RC) pilots in commercial aircraft, or how they feel about their co-workers or children flying in these situations. The current study manipulates both the type of pilot (human pilot, auto-pilot, and RC pilot) and the passenger (participant, child of participant, or work colleague) and examines three different dependent variables (comfort level, trust …

Aviation Consumers’ Trust In Pilots: A Cognitive Or Emotional Function, Scott R. Winter, Stephen Rice, Rian Mehta

International Journal of Aviation, Aeronautics, and Aerospace

Previous research has shown that stigmas play an important role in trust. While previous research has focused on trust in individuals with stigmas in various settings, no research that we know of has specifically looked at trust in pilots as a function of their stigmas, and what might mediate those effects. In two studies, we asked Indian participants to rate their trust in pilots as a function of gender, age, weight and ethnicity. The results of the first study indicated that Indians trusted female pilots less than male pilots, older pilots less than younger pilots, obese pilots less than slim …

Book Review: The Basics Of Digital Forensics: The Primer For Getting Started In Digital Forensics, Stephen Larson

Journal of Digital Forensics, Security and Law

The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics is well-named–it really is very basic. And it should be, as the book’s intended audience includes entry-level digital forensics professionals and complimentary fields such as law enforcement, legal, and general information security. Though the copyright is 2012, some of the data is from 2009, and there is mention of estimates for 2010.

Understanding Computer Forensics Requirements In China Via The “Panda Burning Incense” Virus Case, Frank Law, K. P. Chow, Y. H. Mai

Journal of Digital Forensics, Security and Law

In March 2012, Mainland China has amended its Criminal Procedure Law, which includes the introduction of a new type of evidence, i.e., digital evidence, to the court of law. To better understand the development of computer forensics and digital evidence in Mainland China, this paper discusses the Chinese legal system in relation to digital investigation and how the current legal requirements affect the existing legal and technical usage of digital evidence at legal proceedings. Through studying the famous “Panda Burning Incense (Worm.WhBoy.cw)” virus case that happened in 2007, this paper aims to provide a better understanding of how to properly …

Multi-Stakeholder Case Prioritization In Digital Investigations, Joshua I. James

Journal of Digital Forensics, Security and Law

This work examines the problem of case prioritization in digital investigations for better utilization of limited criminal investigation resources. Current methods of case prioritization, as well as observed prioritization methods used in digital forensic investigation laboratories are examined. After, a multi-stakeholder approach to case prioritization is given that may help reduce reputational risk to digital forensic laboratories while improving resource allocation. A survey is given that shows differing opinions of investigation priority between Law Enforcement and the public that is used in the development of a prioritization model. Finally, an example case is given to demonstrate the practicality of the …

Evidentiary Power And Propriety Of Digital Identifiers And The Impact On Privacy Rights In The United States, Michael Losavio, Deborah Keeling

Journal of Digital Forensics, Security and Law

Media and network systems capture and store data about electronic activity in new, sometimes unprecedented ways; computational systems make for new means of analysis and knowledge development. These new forms offer new, powerful tactical tools for investigations of electronic malfeasance under traditional legal regulation of state power, particular that of Fourth Amendment limitations on police searches and seizures under the U.S. Constitution. But autonomy, identity and authenticity concerns with electronic data raise issues of public policy, privacy and proper police oversight of civil society. We examine those issues and their implications for digital and computational forensics

Developing A Conceptual Framework For Modeling Deviant Cyber Flash Mob: A Socio-Computational Approach Leveraging Hypergraph Constructs, Samer Al-Khateeb, Nitin Agarwal

Journal of Digital Forensics, Security and Law

In a Flash Mob (FM) a group of people get together in the physical world perform an unpredicted act and disperse quickly. Cyber Flash Mob (CFM) is the cyber manifestation of flash mob coordinated primarily using social media. Deviant Cyber Flash Mob (or, DCFM) is a special case of CFM, which is categorized as the new face of transnational crime organizations (TCOs). The DCFM phenomenon can be considered as a form of a cyber-collective action that is defined as an action aiming to improve group’s conditions (such as, status or power). In this paper, we conduct a conceptual analysis of …

Book Review: Understanding The Misunderstandings In Pilot-Controller Dialogue, Jason M. Newcomer

International Journal of Aviation, Aeronautics, and Aerospace

Misunderstandings in any environment can be detrimental, if not counterproductive, to the intentions, expectations, or objective(s) of any communication, but in complex airspace congested by heavy traffic, pilot-controller transmissions, and various meteorological phenomena, they can be catastrophic. Barshi and Farris combine 45 years of aviation experience, 20 years of related research, and advanced education with sound methodology to deliver a well-balanced combination of theoretical and practical work to the fields of aviation, human factors, and psychology. Though Misunderstandings in ATC Communications, the authors guide readers through a series of experiments, literature, and transcribed air traffic control recordings to explore …

Idiographic Digital Profiling: Behavioral Analysis Based On Digital Forensics, Chad M. Steel

Journal of Digital Forensics, Security and Law

Idiographic digital profiling (IDP) is the application of behavioral analysis to the field of digital forensics. Previous work in this field takes a nomothetic approach to behavioral analysis by attempting to understand the aggregate behaviors of cybercriminals. This work is the first to take an idiographic approach by examining a particular subject's digital footprints for immediate use in an ongoing investigation. IDP provides a framework for investigators to analyze digital behavioral evidence for the purposes of case planning, subject identification, lead generation, obtaining and executing warrants, and prosecuting offenders.

Personal Denial Of Service (Pdos) Attacks: A Discussion And Exploration Of A New Category Of Cyber Crime, Michael R. Bartolacci, Larry J. Leblanc, Ashley Podhradsky

Journal of Digital Forensics, Security and Law

The growth of the Internet has created a corresponding growth in Internet-based crimes and online misbehavior, particularly among younger computer-savvy people. Younger generations have grown up in a world where internet access, social networking, e-commerce and smartphones are commonplace. Given this fact, they have learned how to use, and how to abuse, technology. This leads us to define a new category of cybercrime called a Personal Denial of Service attack (PDOS). A PDOS is a cyber-crime in which an individual deliberately prevents the access of another individual or small group to online services such as email or banking. Due to …

On Cyber Attacks And Signature Based Intrusion Detection For Modbus Based Industrial Control Systems, Wei Gao, Thomas H. Morris

Journal of Digital Forensics, Security and Law

Industrial control system communication networks are vulnerable to reconnaissance, response injection, command injection, and denial of service attacks. Such attacks can lead to an inability to monitor and control industrial control systems and can ultimately lead to system failure. This can result in financial loss for control system operators and economic and safety issues for the citizens who use these services. This paper describes a set of 28 cyber attacks against industrial control systems which use the MODBUS application layer network protocol. The paper also describes a set of standalone and state based intrusion detection system rules which can be …

Using Internet Artifacts To Profile A Child Pornography Suspect, Marcus K. Rogers, Kathryn C. Seigfried-Spellar

Journal of Digital Forensics, Security and Law

Digital evidence plays a crucial role in child pornography investigations. However, in the following case study, the authors argue that the behavioral analysis or “profiling” of digital evidence can also play a vital role in child pornography investigations. The following case study assessed the Internet Browsing History (Internet Explorer Bookmarks, Mozilla Bookmarks, and Mozilla History) from a suspected child pornography user’s computer. The suspect in this case claimed to be conducting an ad hoc law enforcement investigation. After the URLs were classified (Neutral; Adult Porn; Child Porn; Adult Dating sites; Pictures from Social Networking Profiles; Chat Sessions; Bestiality; Data Cleaning; …

Hot Zone Identification: Analyzing Effects Of Data Sampling On Spam Clustering, Rasib Khan, Mainul Mizan, Ragib Hasan, Alan Sprague

Journal of Digital Forensics, Security and Law

Email is the most common and comparatively the most efficient means of exchanging information in today's world. However, given the widespread use of emails in all sectors, they have been the target of spammers since the beginning. Filtering spam emails has now led to critical actions such as forensic activities based on mining spam email. The data mine for spam emails at the University of Alabama at Birmingham is considered to be one of the most prominent resources for mining and identifying spam sources. It is a widely researched repository used by researchers from different global organizations. The usual process …

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.

On Identities In Modern Networks, Libor Polcak, Radek Hranick, Tomas Martınek

Journal of Digital Forensics, Security and Law

Communicating parties inside computer networks use different kind of identifiers. Some of these identifiers are stable, e.g., logins used to access a specific service, some are only temporary, e.g., dynamically assigned IP addresses. This paper tackles several challenges of lawful interception that emerged in modern networks. The main contribution is the graph model that links identities learnt from various sources distributed in a network. The inferred identities result into an interception of more detailed data in conformance with the issued court order. The approach deals with network address translation, short-lived identifiers and simultaneous usage of different identities. The approach was …

File Detection On Network Traffic Using Approximate Matching, Frank Breitinger, Ibrahim Baggili

Journal of Digital Forensics, Security and Law

In recent years, Internet technologies changed enormously and allow faster Internet connections, higher data rates and mobile usage. Hence, it is possible to send huge amounts of data / files easily which is often used by insiders or attackers to steal intellectual property. As a consequence, data leakage prevention systems (DLPS) have been developed which analyze network traffic and alert in case of a data leak. Although the overall concepts of the detection techniques are known, the systems are mostly closed and commercial. Within this paper we present a new technique for network traffic analysis based on approximate matching (a.k.a …

Accurate Modeling Of The Siemens S7 Scada Protocol For Intrusion Detection And Digital Forensics, Amit Kleinmann, Avishai Wool

Journal of Digital Forensics, Security and Law

The Siemens S7 protocol is commonly used in SCADA systems for communications between a Human Machine Interface (HMI) and the Programmable Logic Controllers (PLCs). This paper presents a model-based Intrusion Detection Systems (IDS) designed for S7 networks. The approach is based on the key observation that S7 traffic to and from a specific PLC is highly periodic; as a result, each HMI-PLC channel can be modeled using its own unique Deterministic Finite Automaton (DFA). The resulting DFA-based IDS is very sensitive and is able to flag anomalies such as a message appearing out of its position in the normal sequence …

Forensics Of Software Copyright Infringement Crimes: The Modern Posar Test Juxtaposed With The Dated Afc Test, Vinod P. Bhattathiripad

Journal of Digital Forensics, Security and Law

This paper presents a new development in the forensics of software copyright through a juxtaposed comparison between the proven AFC test and the recent POSAR test, the two forensic procedures for establishing software copyright infringement cases. First, the paper separately overviews the 3-stage, linear sequential AFC test and then the 5-phase, cyclic POSAR test (as AFC’s logical extension). The paper then compares the processes involved in each of the 5 phases of the POSAR test with the processes involved in the 3 stages in the AFC test, for the benefit of forensic practitioners and researchers. Finally, the paper discusses some …

Leveraging Decentralization To Extend The Digital Evidence Acquisition Window: Case Study On Bittorrent Sync, Mark Scanlon, Jason Farina, Nhien A. Khac, Tahar Kechadi

Journal of Digital Forensics, Security and Law

File synchronization services such as Dropbox, Google Drive, Microsoft OneDrive, Apple iCloud, etc., are becoming increasingly popular in today’s always-connected world. A popular alternative to the aforementioned services is BitTorrent Sync. This is a decentralized/cloudless file synchronization service and is gaining significant popularity among Internet users with privacy concerns over where their data is stored and who has the ability to access it. The focus of this paper is the remote recovery of digital evidence pertaining to files identified as being accessed or stored on a suspect’s computer or mobile device. A methodology for the identification, investigation, recovery and verification …

Fast Rtp Detection And Codecs Classification In Internet Traffic, Petr Matousek, Ondrej Rysavy, Martin Kmet

Journal of Digital Forensics, Security and Law

This paper presents a fast multi-stage method for on-line detection of RTP streams and codec identification of transmitted voice or video traffic. The method includes an RTP detector that filters packets based on specific values from UDP and RTP headers. When an RTP stream is successfully detected, codec identification is applied using codec feature sets. The paper shows advantages and limitations of the method and its comparison with other approaches. The method was implemented as a part of network forensics framework NetFox developed in project SEC6NET. Results show that the method can be successfully used for Lawful Interception as well …

Audit: Automated Disk Investigation Toolkit, Umit Karabiyik, Sudhir Aggarwal

Journal of Digital Forensics, Security and Law

Software tools designed for disk analysis play a critical role today in forensics investigations. However, these digital forensics tools are often difficult to use, usually task specific, and generally require professionally trained users with IT backgrounds. The relevant tools are also often open source requiring additional technical knowledge and proper configuration. This makes it difficult for investigators without some computer science background to easily conduct the needed disk analysis. In this paper, we present AUDIT, a novel automated disk investigation toolkit that supports investigations conducted by non-expert (in IT and disk technology) and expert investigators. Our proof of concept design …

Exploring Forensic Implications Of The Fusion Drive, Shruti Gupta, Marcus Rogers

Journal of Digital Forensics, Security and Law

This paper explores the forensic implications of Apple’s Fusion Drive. The Fusion Drive is an example of auto-tiered storage. It uses a combination of a flash drive and a magnetic drive. Data is moved between the drives automatically to maximize system performance. This is different from traditional caches because data is moved and not simply copied. The research included understanding the drive structure, populating the drive, and then accessing data in a controlled setting to observe data migration strategies. It was observed that all the data is first written to the flash drive with 4 GB of free space always …

An Efficient Similarity Digests Database Lookup – A Logarithmic Divide & Conquer Approach, Frank Breitinger, Christian Rathgeb, Harald Baier

Journal of Digital Forensics, Security and Law

Investigating seized devices within digital forensics represents a challenging task due to the increasing amount of data. Common procedures utilize automated file identification, which reduces the amount of data an investigator has to examine manually. In the past years the research field of approximate matching arises to detect similar data. However, if n denotes the number of similarity digests in a database, then the lookup for a single similarity digest is of complexity of O(n). This paper presents a concept to extend existing approximate matching algorithms, which reduces the lookup complexity from O(n) to O(log(n)). Our proposed approach is based …