Social and Behavioral Sciences Commons^™

What A User Wants: Redesigning A Library's Web Site Based On A Card-Sort Analysis, Laura Pope Robbins, Lisa Esposito, Christ Kretz, Michael Aloi

Publications

Web site usability concerns anyone with a web site to maintain. Libraries, however, are often the biggest offenders in terms of usability. In our efforts to provide users with everything they need to do research, we often overwhelm them with sites that are confusing in structure, difficult to navigate, and weighed down with jargon. Dowling College Library recently completed a redesign of its web site based upon the concept of usability. For smaller libraries in particular, this can be a challenge. The web site is often maintained by one or two people and finding the time and resources to conduct …

Book Review: Tourists In Space: A Practical Guide, T. D. Oswalt

Publications

This document is Dr. Oswalt’s review of Tourists in Space : a Practical Guide by Erik Seedhouse. Springer/Praxis, 2008 314p, 9780387746432 $34.95

Promoting Teamwork: An Event-Based Approach To Simulation-Based Teamwork Training For Emergency Medicine Residents, Michael A. Rosen, Eduardo Salas, Teresa S. Wu, Salvatore Silvestri, Elizabeth H. Lazzara, Rebecca Lyons, Sally J. Weaver, Heidi B. King

Publications

The growing complexity of patient care requires that emergency physicians (EPs) master not only knowledge and procedural skills, but also the ability to effectively communicate with patients and other care providers and to coordinate patient care activities. EPs must become good team players, and consequently an emergency medicine (EM) residency program must systematically train these skills. However, because teamwork-related competencies are relatively new considerations in health care, there is a gap in the methods available to accomplish this goal. This article outlines how teamwork training for residents can be accomplished by employing simulation-based training (SBT) techniques and contributes tools and …

An Investigation Of Determinism And Chaotic Behavior In Flight Performance Data: A Chaos Theory And Nonlinear Time Series Analysis Approach, Lionel Blankson Amanfu

Master's Theses - Daytona Beach

Human flight performance data were investigated using non-linear time series analysis methods to determine deterministic chaotic behavior in the data. Using a sequence of steps of non-linear methods, four flight performance data were used to investigate for the existence of deterministic chaotic behavior. Results revealed that flight performance data may exhibit chaotic behavior. Results also showed a consistent low determinism value in all the data examined which is the defining characteristic of chaotic behavior. It was also found that the data originated from non-stationary process. The Maximal Lyapunov Exponent (MLE) value which indicate chaotic behavior exist in the data revealed …

The Cyber-Workplace – Identifying Liability Issues In The Information Age And Managing E-Risk, Nigel Wilson

Annual ADFSL Conference on Digital Forensics, Security and Law

The information age provides numerous opportunities for modern society but also presents significant challenges in identifying liability issues and in managing risk. Technological change has occurred rapidly and is continuing at the same time as other major trends and changes are taking place in society and, in particular, in the workplace. The prospect of global liability and the complexity of jurisdictional differences present a considerable hurdle to the uniform regulation of liability issues. General legislation and legal principles have been readily applied to the cyber-world and to modern business practices and the workplace. Where necessary, legislatures have introduced specific legislation …

Data Mining Techniques For Fraud Detection, Rekha Bhowmik

Annual ADFSL Conference on Digital Forensics, Security and Law

The paper presents application of data mining techniques to fraud analysis. We present some classification and prediction data mining techniques which we consider important to handle fraud detection. There exist a number of data mining algorithms and we present statistics-based algorithm, decision tree-based algorithm and rule-based algorithm. We present Bayesian classification model to detect fraud in automobile insurance. Naïve Bayesian visualization is selected to analyze and interpret the classifier predictions. We illustrate how ROC curves can be deployed for model assessment in order to provide a more intuitive analysis of the models.

Keywords: Data Mining, Decision Tree, Bayesian Network, ROC …

Simple - Rethinking The Monolithic Approach To Digital Forensic Software, Craig Valli

Annual ADFSL Conference on Digital Forensics, Security and Law

This paper outlines a collaborative project nearing completion between the sec.au Security Research Group at Edith Cowan University and Western Australian Police Computer Crime Squad. The primary goal of this project is to create a software tool for use by non-technical law enforcement officers during the initial investigation and assessment of an electronic crime scene. This tool will be designed as an initial response tool, to quickly and easily find, view and export any relevant files stored on a computer, establishing if further expert investigation of that computer is warranted. When fully developed, the tool will allow investigators unprecedented real …

How Virtualized Environments Affect Computer Forensics, Diane Barrett

Annual ADFSL Conference on Digital Forensics, Security and Law

Virtualized environments can make forensics investigation more difficult. Technological advances in virtualization tools essentially make removable media a PC that can be carried around in a pocket or around a neck. Running operating systems and applications this way leaves very little trace on the host system. This paper will explore all the newest methods for virtualized environments and the implications they have on the world of forensics. It will begin by describing and differentiating between software and hardware virtualization. It will then move on to explain the various methods used for server and desktop virtualization. Next, it will describe the …

The Virtual Digital Forensics Lab - Expanding Law Enforcement Capabilities, Mark Mccoy, Sean A. Ensz

Annual ADFSL Conference on Digital Forensics, Security and Law

Law enforcement is attempting to respond to the growing and complex need to examine all manner of digital evidence using stand-alone forensic workstations and limited storage solutions. Digital forensic investigators often find their cases stalled by cumbersome and inflexible technology limiting their effectiveness. The Virtual Digital Forensics Lab (VDFL) is a new concept that applies existing enterprise host, storage, and network virtualization technologies to current forensic investigative methods. This paper details the concept of the VDFL, the technology solutions it employs, and the flexibility it provides for digital forensic investigators.

Keywords: Virtual Digital Forensics, digital forensic investigations, law enforcement, virtual …

Digital Forensic Certification Versus Forensic Science Certification, Nena Lim

Annual ADFSL Conference on Digital Forensics, Security and Law

Companies often rely on certifications to select appropriate individuals in disciplines such as accounting and engineering. The general public also tends to have confidence in a professional who has some kinds of certification because certification implies a standard of excellence and that the individual has expert knowledge in a specific discipline. An interesting question to the digital forensic community is: How is a digital forensic certification compared to a forensic science certification? The objective of this paper is to compare the requirements of a digital forensic certification to those of a forensic science certification. Results of the comparison shed lights …

On Teaching Tcp/Ip Protocol Analysis To Computer Forensics Examiners, Gary C. Kessler

Security Studies & International Affairs - Daytona Beach

Digital investigators have an increasing need to examine data network logs and traffic, either as part of criminal or civil investigations or when responding to information security incidents. To truly understand the contents of the logs and the data packets, examiners need to have a good foundation in the protocols comprising the Transmission Control Protocol/Internet Protocol (TCP/IP) suite. This paper introduces the use of protocol analyzers and packet sniffers for TCP/IP traffic, and provides examples of normal and suspect TCP/IP traffic. This paper also provides a basis for a discussion of intrusion detection and signature analysis.

On Teaching Tcp/Ip Protocol Analysis To Computer Forensics Examiners, Gary C. Kessler

Applied Aviation Sciences - Daytona Beach

Digital investigators have an increasing need to examine data network logs and traffic, either as part of criminal or civil investigations or when responding to information security incidents. To truly understand the contents of the logs and the data packets, examiners need to have a good foundation in the protocols comprising the Transmission Control Protocol/Internet Protocol (TCP/IP) suite. This paper introduces the use of protocol analyzers and packet sniffers for TCP/IP traffic, and provides examples of normal and suspect TCP/IP traffic. This paper also provides a basis for a discussion of intrusion detection and signature analysis.

Simulation-Based Training For Patient Safety: 10 Principles That Matter, Eduardo Salas, Katherine A. Wilson, Elizabeth Lazzara, Heidi B. King, Jeffery S. Augenstein

Publications

Simulation-based training can improve patient care when factors influencing its design, delivery, evaluation, and transfer are taken into consideration. In this paper, we provide a number of principles and practical tips that organizations in health care can use to begin implementing effective simulation-based training as a way to enhance patient safety. We commend the health care community for their efforts thus far. We hope that the information provided in this paper will encourage thinking beyond the "bells and whistles" of the simulation and bring to light full potential of simulation-based training in health care and patient safety.

The 2007 Analysis Of Information Remaining On Disks Offered For Sale On The Second Hand Market, Andy Jones, Craig Valli, Glenn S. Dardick, Iain Sutherland

Journal of Digital Forensics, Security and Law

All organisations, whether in the public or private sector, increasingly use computers and other devices that contain computer hard disks for the storage and processing of information relating to their business, their employees or their customers. Individual home users also increasingly use computers and other devices containing computer hard disks for the storage and processing of information relating to their private, personal affairs. It continues to be clear that the majority of organisations and individual home users still remain ignorant or misinformed of the volume and type of information that is stored on the hard disks that these devices contain …

Steganography: Forensic, Security, And Legal Issues, Merrill Warkentin, Ernst Bekkering, Mark B. Schmidt

Journal of Digital Forensics, Security and Law

Steganography has long been regarded as a tool used for illicit and destructive purposes such as crime and warfare. Currently, digital tools are widely available to ordinary computer users also. Steganography software allows both illicit and legitimate users to hide messages so that they will not be detected in transit. This article provides a brief history of steganography, discusses the current status in the computer age, and relates this to forensic, security, and legal issues. The paper concludes with recommendations for digital forensics investigators, IT staff, individual users, and other stakeholders.

Book Review: Challenges To Digital Forensic Evidence, Gary C. Kessler

Journal of Digital Forensics, Security and Law

This issue presents the fifth Book Review column for the JDFSL. It is an experiment to broaden the services that the journal provides to readers, so we are anxious to get your reaction. Is the column useful and interesting? Should we include more than one review per issue? Should we also review products? Do you have suggested books/products for review and/or do you want to write a review? All of this type of feedback -- and more -- is appreciated. Please feel free to send comments to Gary Kessler (gary.kessler@champlain.edu) or Glenn S. Dardick (gdardick@dardick.net).

Developing A Process Model For The Forensic Extraction Of Information From Desktop Search, Timothy Pavlic, Jill Slay, Benjamin Turnbull

Journal of Digital Forensics, Security and Law

Desktop search applications can contain cached copies of files that were deleted from the file system. Forensic investigators see this as a potential source of evidence, as documents deleted by suspects may still exist in the cache. Whilst there have been attempts at recovering data collected by desktop search applications, there is no methodology governing the process, nor discussion on the most appropriate means to do so. This article seeks to address this issue by developing a process model that can be applied when developing an information extraction application for desktop search applications, discussing preferred methods and the limitations of …

The Forensics Aspects Of Event Data Recorders, Jeremy S. Daily, Nathan Singleton, Elizabeth Downing, Gavin W. Manes

Journal of Digital Forensics, Security and Law

The proper generation and preservation of digital data from Event Data Recorders (EDRs) can provide invaluable evidence to automobile crash reconstruction investigations. However, data collected from the EDR can be difficult to use and authenticate, complicating the presentation of such information as evidence in legal proceedings. Indeed, current techniques for removing and preserving such data do not meet the court’s standards for electronic evidence. Experimentation with an EDR unit from a 2001 GMC Sierra pickup truck highlighted particular issues with repeatability of results. Fortunately, advances in the digital forensics field and memory technology can be applied to EDR analysis in …

Data Mining Techniques In Fraud Detection, Rekha Bhowmik

Journal of Digital Forensics, Security and Law

The paper presents application of data mining techniques to fraud analysis. We present some classification and prediction data mining techniques which we consider important to handle fraud detection. There exist a number of data mining algorithms and we present statistics-based algorithm, decision treebased algorithm and rule-based algorithm. We present Bayesian classification model to detect fraud in automobile insurance. Naïve Bayesian visualization is selected to analyze and interpret the classifier predictions. We illustrate how ROC curves can be deployed for model assessment in order to provide a more intuitive analysis of the models.

To License Or Not To License: An Examination Of State Statutes Regarding Private Investigators And Digital Examiners, Thomas Lonardo, Doug White, Alan Rea

Journal of Digital Forensics, Security and Law

In this paper the authors examine statutes that regulate, license, and enforce investigative functions in each US state. After identification and review of Private Investigator licensing requirements, the authors find that very few state statutes explicitly differentiate between Private Investigators and Digital Examiners. After contacting all state agencies the authors present a distinct grouping organizing state approaches to professional Digital Examiner licensing. The authors conclude that states must differentiate between Private Investigator and Digital Examiner licensing requirements and oversight.

An Evaluation Of Windows-Based Computer Forensics Application Software Running On A Macintosh, Gregory H. Carlton

Journal of Digital Forensics, Security and Law

The two most common computer forensics applications perform exclusively on Microsoft Windows Operating Systems, yet contemporary computer forensics examinations frequently encounter one or more of the three most common operating system environments, namely Windows, OS-X, or some form of UNIX or Linux. Additionally, government and private computer forensics laboratories frequently encounter budget constraints that limit their access to computer hardware. Currently, Macintosh computer systems are marketed with the ability to accommodate these three common operating system environments, including Windows XP in native and virtual environments. We performed a series of experiments to measure the functionality and performance of the two …

Book Review: Guide To Computer Forensics And Investigations (3rd Ed.), Keyu Jiang, Ruifeng Xuan

Journal of Digital Forensics, Security and Law

No abstract provided.

Remote Forensics May Bring The Next Sea Change In E-Discovery: Are All Networked Computers Now Readily Accessible Under The Revised Federal Rules Of Civil Procedure?, Joseph J. Schwerha, Scott Inch

Journal of Digital Forensics, Security and Law

The recent amendments to Rule 26 of the Federal Rules of Civil Procedure created a two-tiered approach to discovery of electronically stored information (“ESI”). Responding parties must produce ESI that is relevant, not subject to privilege, and reasonably accessible. However, because some methods of storing ESI, such as on magnetic backup tapes and within enormous databases, require substantial cost to access and search their contents, the rules permit parties to designate those repositories as “not reasonably accessible” because of undue burden or cost. But even despite the difficulty in searching for ESI, the party’s duty to preserve potentially responsive evidence …

Trends In Virtualized User Environments, Diane Barrett

Journal of Digital Forensics, Security and Law

Virtualized environments can make forensics investigation more difficult. Technological advances in virtualization tools essentially make removable media a PC that can be carried around in a pocket or around a neck. Running operating systems and applications this way leaves very little trace on the host system. This paper will explore all the newest methods for virtualized environments and the implications they have on the world of forensics. It will begin by describing and differentiating between software and hardware virtualization. It will then move on to explain the various methods used for server and desktop virtualization. Next, it will explain how …

Extraction And Categorisation Of User Activity From Windows Restore Points, Damir Kahvedžić, Tahar Kechadi

Journal of Digital Forensics, Security and Law

The extraction of the user activity is one of the main goals in the analysis of digital evidence. In this paper we present a methodology for extracting this activity by comparing multiple Restore Points found in the Windows XP operating system. The registry copies represent a snapshot of the state of the system at a certain point in time. Differences between them can reveal user activity from one instant to another. The algorithms for comparing the hives and interpreting the results are of high complexity. We develop an approach that takes into account the nature of the investigation and the …

Data Recovery From Palmmsgv001, Satheesaan Pasupatheeswaran

Journal of Digital Forensics, Security and Law

Both SMS and MMS data analysis is an important factor in mobile forensic analysis. Author did not find any mobile forensic tool that is capable of extracting short messages (SMS) and multimedia messages (MMS) from Palm Treo 750. SMS file of Palm Treo 750 is called PalmMgeV001 and it is a proprietary file system. A research work done to find a method to recover SMS data from PalmMsgV001 file. This paper is going to describe the research work and its findings. This paper also discusses a methodology that will help recover SMS data from PalmMsgV001. The PalmMsgV001 file is analysed …

Data Security Measures In The It Service Industry: A Balance Between Knowledge & Action, N. Mlitwa, Y. Kachala

Journal of Digital Forensics, Security and Law

That “knowledge is power” is fast becoming a cliché within the intelligentsia. Such power however, depends largely on how knowledge itself is exchanged and used, which says a lot about the tools of its transmission, exchange, and storage. Information and communication technology (ICT) plays a significant role in this respect. As a networked tool, it enables efficient exchanges of video, audio and text data beyond geographical and time constraints. Since this data is exchanged over the worldwide web (www), it can be accessible by anyone in the world using the internet. The risk of unauthorised access, interception, modification, or even …

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.