发布求助
文献互助 智能选刊 最新文献

2016 4th International Symposium on Digital Forensic and Security (ISDFS)最新文献

筛选
英文 中文
Integrated model: Statistical features, memory analysis for scanner and printer forensics 集成模型:统计功能,内存分析扫描仪和打印机取证
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-25 DOI: 10.1109/ISDFS.2016.7473521
Shah Fahd, Mian Muhammad Waseem Iqbal, Muhammad Arif, Muhammad Imran Javed
{"title":"Integrated model: Statistical features, memory analysis for scanner and printer forensics","authors":"Shah Fahd, Mian Muhammad Waseem Iqbal, Muhammad Arif, Muhammad Imran Javed","doi":"10.1109/ISDFS.2016.7473521","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473521","url":null,"abstract":"Printer and scanner can be used in illegal activities varying from corporate office violation to criminal activities and gathering printer artifacts in this regard can be very vital to held someone inculpatory or exculpatory. Every printer and scanner has its inherent properties and one of them is intrinsic signatures which are translated in printed/scanned documents as well. By inspecting these intrinsic properties in questioned document we can trace source printer. To identify signatures statistical techniques are used, images are filtered using averaging method, median filter and weiner filter to remove unnecessary noise content. Based upon noise content printers/scanners are identified. In addition memory content of printers and scanners can also be used for forensics investigation. Documents are queued in printer/scanner memory before printing/scanning and once printed/scanned, memory contents are still latched until another document is requested for printing/scanning. Integrating these two properties will achieve effective evidence in a scenario in which if a questioned document is modified and coarse area is disturbed, memory contents of printer/scanner will help finding the artifacts. This research proposes an integrated model for detecting printer and scanner from forensic artifacts.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124978662","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Android malware analysis approach based on control flow graphs and machine learning algorithms 基于控制流图和机器学习算法的Android恶意软件分析方法
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-25 DOI: 10.1109/ISDFS.2016.7473512
M. Atici, Ş. Sağiroğlu, I. Dogru
{"title":"Android malware analysis approach based on control flow graphs and machine learning algorithms","authors":"M. Atici, Ş. Sağiroğlu, I. Dogru","doi":"10.1109/ISDFS.2016.7473512","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473512","url":null,"abstract":"Smart devices from smartphones to wearable computers today have been used in many purposes. These devices run various mobile operating systems like Android, iOS, Symbian, Windows Mobile, etc. Since the mobile devices are widely used and contain personal information, they are subject to security attacks by mobile malware applications. In this work we propose a new approach based on control flow graphs and machine learning algorithms for static Android malware analysis. Experimental results have shown that the proposed approach achieves a high classification accuracy of 96.26% in general and high detection rate of 99.15% for DroidKungfu malware families which are very harmful and difficult to detect because of encrypting the root exploits, by reducing data dimension significantly for real time analysis.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125253817","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 26
Real time face recognition system (RTFRS) 实时人脸识别系统
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-25 DOI: 10.1109/ISDFS.2016.7473527
Suad Haji, A. Varol
{"title":"Real time face recognition system (RTFRS)","authors":"Suad Haji, A. Varol","doi":"10.1109/ISDFS.2016.7473527","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473527","url":null,"abstract":"Biometrics is a term used to define an individual's DNA, hand geometry, face, etc. or behavioral characteristics, such as hand signature, voice tone, keystrokes and so on. For that reason, these biological characteristics are unique for every individual. In many situations, face recognition related technologies are becoming more popular among biometric-based technologies that measure an individual's natural data. Genetic biometrics has generally used to authenticate and identify individuals by analyzing their physical characteristics, such as fingerprint, eye iris, vein etc. Instead of using a bankcard, a camera installed at the Automated Teller Machines would capture pictures of faces of customers, and compare them with the photos of account holders in the database of banks to verify the customer's identity. The purpose of this paper is to present a Windows based real time application system using face recognition algorithms. This new system can be applied in various different fields such as identity verification and other potential commercial applications. Both Eigen and Local Binary Patterns face algorithms were used to reduce the impact of light exposure that will affect the accuracy of the system.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"139 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114665241","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Occlusion analysis for face frontalization 人脸正面化的遮挡分析
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-25 DOI: 10.1109/ISDFS.2016.7473525
Anil Çelik, N. Arica
{"title":"Occlusion analysis for face frontalization","authors":"Anil Çelik, N. Arica","doi":"10.1109/ISDFS.2016.7473525","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473525","url":null,"abstract":"Frontalization is the process of generating frontal faces from the posed ones appearing in unconstrained environments. Occluders occurring over the face region can make the frontalization approaches generate faulty results. In this study, we propose an approach, to address this problem by reducing negative effects of occluders on the frontalization operation. The proposed approach has the capability of choosing the most suitable frontalization procedure, to generate a more visually appealing output. After the posed face image is hard-frontalized, the possible occlusion occurrences over the face are analyzed using two different techniques; region and pixel based analysis. Finally, according to occlusion analysis output, the best approach for frontalization process is chosen to be applied. The experiments performed on Caltech Occluded Faces Database (COFW) show that the proposed algorithm produces satisfactory results in terms of accuracy and visual appearance.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114379677","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Previously overlooked bias signatures for RC4 以前忽略的RC4的偏置签名
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-25 DOI: 10.1109/ISDFS.2016.7473526
M. Hammood, K. Yoshigoe
{"title":"Previously overlooked bias signatures for RC4","authors":"M. Hammood, K. Yoshigoe","doi":"10.1109/ISDFS.2016.7473526","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473526","url":null,"abstract":"Recent findings suggest that known short-term and long-term biases for RC4 can be practically exploited to capture extended part of the Internet traffic relying on Transportation Layer Security (TLS) with RC4 cipher. While RC4 is no longer a dominant cipher used in the Internet, research community continues to exploure its characteristics and even propose its derivatives. To the best of our knowledge, no works have correctly verified the set of well-known Fluhrer-McGrew biases. We experimentally approached to validate the correctness of the biases during which we uncovered two additional biases. Furthermore, our experiment has successfully produced and generalized a set of non-consecutive byte biases from RC4 keystream. Finally, we have captured bias signatures for several well-known RC4 variants.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"342 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117354646","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Model of hierarchical disk investigation 分层磁盘调查模型
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-25 DOI: 10.1109/ISDFS.2016.7473523
Umit Karabiyik, S. Aggarwal
{"title":"Model of hierarchical disk investigation","authors":"Umit Karabiyik, S. Aggarwal","doi":"10.1109/ISDFS.2016.7473523","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473523","url":null,"abstract":"Digital forensics investigators need specialized tools in order to retrieve evidence on hard disks. When using automated tools, only conventional areas of the disk are often analyzed and as a result potential evidence in hidden areas may be missed. One reason for this is the lack of a universal standard or approach with regards to the systematic disk investigation of the total disk area. In this paper, we present a new hierarchical disk investigation model that can be used to support automated digital forensics tools in systematically examining the disk in its totality, based on the disk's physical and logical structures. We have implemented our proposed model in an open source tool called Automated Disk Investigation Toolkit for illustration.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"58 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124041181","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Visualization of the social bot's fingerprints 社交机器人指纹的可视化
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-25 DOI: 10.1109/ISDFS.2016.7473536
Mehmet Kaya, Shannon N. Conley, A. Varol
{"title":"Visualization of the social bot's fingerprints","authors":"Mehmet Kaya, Shannon N. Conley, A. Varol","doi":"10.1109/ISDFS.2016.7473536","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473536","url":null,"abstract":"As the number of social media users increases for platforms such as Twitter, Facebook, and Instagram, so does the number of bot or spam accounts on these platforms. Typically, these bots or spam accounts are automated programmatically using the social media site's API and attempt to convey or spread a particular message. Some bots are designed for marketers trying to sell products or attract users to new sites. Other types of bots are much more malicious and disseminate misinformation that harms or tricks users. Such bots (fake accounts) may lead to serious consequences, as people's social network has become one of the determining factors in their general decision making. Therefore, these accounts have the potential to influence people's opinions drastically and hence real life events as well. Through different machine learning techniques, researchers have now begun to investigate ways to detect these types of malicious accounts automatically. To successfully differentiate between real accounts and bot accounts, a comprehensive analysis of the behavioral patterns of both types of accounts is required. In this paper, we investigate ways to select the best features from a data set for automated classification of different types of social media accounts (ex. bot versus real account) via visualization. To help select better feature combinations, we try to visualize which features may be more effective for classification using self-organizing maps.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"16 11-12","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121006276","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
The metadata legal conundrum from a public records act perspective 从公共记录法案的角度来看元数据的法律难题
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-25 DOI: 10.1109/ISDFS.2016.7473531
Alejandro Villegas
{"title":"The metadata legal conundrum from a public records act perspective","authors":"Alejandro Villegas","doi":"10.1109/ISDFS.2016.7473531","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473531","url":null,"abstract":"The Freedom of Information Act (FOIA) allows the release of public records inclusive of metadata. The agencies fulfilling FOIA and Public Records Act (PRA) requests are having challenges appropriately interpreting metadata because of the technological complexities involved. The Washington courts appear to be deliberating inconsistently when addressing metadata related cases. The purpose of this paper is to analyze the metadata interpretation on a set of court cases; and propose a framework that can be leveraged to achieve consistency across public records requests that include a metadata component whether explicitly or implicitly.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"71 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127320024","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Use of HOG descriptors in phishing detection 在网络钓鱼检测中使用HOG描述符
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-25 DOI: 10.1109/ISDFS.2016.7473534
A. S. Bozkir, E. Sezer
{"title":"Use of HOG descriptors in phishing detection","authors":"A. S. Bozkir, E. Sezer","doi":"10.1109/ISDFS.2016.7473534","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473534","url":null,"abstract":"Phishing is a scamming activity which deals with making a visual illusion on computer users by providing fake web pages which mimic their legitimate targets in order to steal valuable digital data such as credit card information or e-mail passwords. In contrast to other anti-phishing attempts this paper proposes to evaluate and solve this problem by leveraging a pure computer vision based method in the concept of web page layout similarity. Proposed approach employs Histogram of Oriented Gradients (HOG) descriptor in order to capture cues of page layout without the need of time consuming intermediate stage of segmentation. Moreover, histogram intersection kernel has been used as a similarity metric for computing similarity. Thus, an efficient and fast phishing page detection scheme has been developed in order to combat with zero-day phishing page attacks. To verify the efficiency of our phishing page detection mechanism, 50 unique phishing pages and their legitimate targets have been collected. Furthermore, 100 pairs of legitimate pages have been gathered. As the next stage, the similarity scores in these two groups were computed and compared. According to promising results, similarity degree around 75% and above can be adequate for alarming.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114479039","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
Advanced cargo security handheld network access device 先进的货物安全手持网络接入设备
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-25 DOI: 10.1109/ISDFS.2016.7473511
Sergio Enriques, Y. Ozturk
{"title":"Advanced cargo security handheld network access device","authors":"Sergio Enriques, Y. Ozturk","doi":"10.1109/ISDFS.2016.7473511","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473511","url":null,"abstract":"With the aim of improving the security for shipping containers used in a global supply chain, the Department of Homeland Security is developing the technical requirements for an open container security system communications interface. The primary purpose of this system is to monitor the status of shipping containers equipped with electronic chain of custody devices, and channel this information to a secure data consolidation server. A secure handheld network access device (HNAD) is intended to integrate with and extend the functionality of the Department of Homeland Security's Advance Container Security System. By replicating most of the functionality provided by a Data Consolidation Server, a handheld unit can be used to provide users with a secure and convenient method to wirelessly monitor and control the status of the container security devices in the area. Once a user has obtained the necessary security keys to enable wireless communication with the security devices, the handheld unit will join an existing IEEE 802.15.4 wireless network and permit the secure exchange of information between itself and the security devices. This study presents a secure Handheld Network Access Device using an off the shelf phone running the Android OS. This study also extends the phones wireless capability via a USB-to-XBee dongle to enable communications with secure locks using the IEEE 802.15.4 protocol.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"154 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114164921","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信