发布求助
文献互助 智能选刊 最新文献

Journal of Digital Forensics Security and Law最新文献

筛选
英文 中文
Fault Lines In The Application Of International Humanitarian Law To Cyberwarfare 国际人道法在网络战中的应用断层
IF 0.3
Journal of Digital Forensics Security and Law Pub Date : 2022-01-01 DOI: 10.15394/jdfsl.2022.1761
Humna Sohail
{"title":"Fault Lines In The Application Of International Humanitarian Law To Cyberwarfare","authors":"Humna Sohail","doi":"10.15394/jdfsl.2022.1761","DOIUrl":"https://doi.org/10.15394/jdfsl.2022.1761","url":null,"abstract":"","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":null,"pages":null},"PeriodicalIF":0.3,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"67058680","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Social Media User Relationship Framework (SMURF) 社交媒体用户关系框架(SMURF)
IF 0.3
Journal of Digital Forensics Security and Law Pub Date : 2021-02-16 DOI: 10.15394/JDFSL.2021.1698
A. David, Sarah Morris, G. Appleby-Thomas
{"title":"Social Media User Relationship Framework (SMURF)","authors":"A. David, Sarah Morris, G. Appleby-Thomas","doi":"10.15394/JDFSL.2021.1698","DOIUrl":"https://doi.org/10.15394/JDFSL.2021.1698","url":null,"abstract":"The use of social media has spread through many aspects of society, allowing millions of individuals, corporate as well as government entities to leverage the opportunities it affords. These opportunities often end up being exploited by a small percentage of the user community who use it for objectionable or unlawful activities; for example, trolling, cyber bullying, grooming, luring. In some cases, these unlawful activities result in investigations where the swift retrieval of critical evidence is required in order to save a life. This paper presents a proof of concept (PoC) framework for social media user attribution. The framework aims to provide digital evidence that can be used to substantiate user activity in live triage investigations. This paper highlights the use of live triage as a viable technique for the investigation of social media activity, contextualizing user activity and attributing actions to users. It discusses the reliability of artefacts other than the communication content as a means of drawing inferences about user social media activity, taking into account.","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":null,"pages":null},"PeriodicalIF":0.3,"publicationDate":"2021-02-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77440049","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Identification of LSB image Steganography using Cover Image Comparisons 基于封面图像比对的LSB图像隐写识别
IF 0.3
Journal of Digital Forensics Security and Law Pub Date : 2021-01-01 DOI: 10.15394/JDFSL.2021.1551
M. Pelosi, N. Poudel, Pratap Lamichhane, Devon Lam, Gary C. Kessler, Joshua MacMonagle
{"title":"Identification of LSB image Steganography using Cover Image Comparisons","authors":"M. Pelosi, N. Poudel, Pratap Lamichhane, Devon Lam, Gary C. Kessler, Joshua MacMonagle","doi":"10.15394/JDFSL.2021.1551","DOIUrl":"https://doi.org/10.15394/JDFSL.2021.1551","url":null,"abstract":"Steganography has long been used to counter forensic investigation. This use of steganography as an antiforensics technique is becoming more widespread. This requires forensic examiners to have additional tools to more effectively detect steganography. In this paper we introduce a new software concept specifically designed to allow the digital forensics professional to clearly identify and attribute instances of least significant bit (LSB) image steganography by using the original cover image in side-by-side comparison with a suspected steganographic payload image. This technique is embodied in a software implementation named CounterSteg. The CounterSteg software allows detailed analysis and comparison of both the original cover image and any modified image, using sophisticated bitand color-channel visual depiction graphics. In certain cases, the steganographic software used for message transmission can be identified by the forensic analysis of LSB and other changes in the payload image. This paper demonstrates usage and typical forensic analysis with eight commonly available steganographic programs. Future work will attempt to automate the typical types of analysis and detection. This is important, as currently there is a steep rise in the use of image LSB steganographic techniques to hide the payload code used by malware and viruses, and for the purposes of data exfiltration. This results because of the fact that the hidden code and/or data can more easily bypass virus and malware signature detection in such a manner as being surreptitiously hidden in an otherwise innocuous image file.","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":null,"pages":null},"PeriodicalIF":0.3,"publicationDate":"2021-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84786203","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Backup and Recovery Mechanisms of Cassandra Database: A Review Cassandra数据库的备份与恢复机制综述
IF 0.3
Journal of Digital Forensics Security and Law Pub Date : 2021-01-01 DOI: 10.15394/JDFSL.2021.1613
Karina Bohora, Amol Bothe, D. Sheth, Rupali M. Chopade, V. Pachghare
{"title":"Backup and Recovery Mechanisms of Cassandra Database: A Review","authors":"Karina Bohora, Amol Bothe, D. Sheth, Rupali M. Chopade, V. Pachghare","doi":"10.15394/JDFSL.2021.1613","DOIUrl":"https://doi.org/10.15394/JDFSL.2021.1613","url":null,"abstract":"Cassandra is a NoSQL database having a peer-to-peer, ring-type architecture. Cassandra offers fault-tolerance, data replication for higher availability as well as ensures no single point of failure. Given that Cassandra is a NoSQL database, it is evident that it lacks research that has gone into comparatively older and more widely and broadly used SQL databases. Cassandra’s growing popularity in recent times gives rise to the need to address any security-related or recovery-related concerns associated with its usage. This review paper discusses Cassandra’s existing deletion mechanism and presents some identified issues related to backup and recovery in the Cassandra database. Further, failure detection and handling of failures such as node failure or data center failure have been explored in the paper. In addition, several possible solutions to address backup and recovery, including recovery in case of disasters, have been reviewed.","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":null,"pages":null},"PeriodicalIF":0.3,"publicationDate":"2021-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89799285","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A Constructive DIREST Security Threat Modeling for Drone as a Service 无人机作为一种服务的建设性DIREST安全威胁建模
IF 0.3
Journal of Digital Forensics Security and Law Pub Date : 2021-01-01 DOI: 10.15394/JDFSL.2021.1695
Fahad E. Salamh, Umit Karabiyik, M. Rogers
{"title":"A Constructive DIREST Security Threat Modeling for Drone as a Service","authors":"Fahad E. Salamh, Umit Karabiyik, M. Rogers","doi":"10.15394/JDFSL.2021.1695","DOIUrl":"https://doi.org/10.15394/JDFSL.2021.1695","url":null,"abstract":"The technology used in drones is similar or identical across drone types and components, with many common risks and opportunities. The purpose of this study is to enhance the risk assessment procedures for Drone as a Service (DaaS) capabilities. STRIDE is an acronym that includes the following security risks: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privileges. The paper presents a modified STRIDE threat model and prioritizes its desired properties (i.e., authenticity, integrity, non-reputability, confidentiality, availability, and authorization) to generate an appropriate DaaS threat model. To this end, the proposed DIREST threat model better meets the overall security assessment needs of DaaS. Moreover, this paper discusses the security risks of drones, identifies best practices for security assessment, and proposes a novel software update mechanism for drones during their operations. We explore the best practices related to drone penetration testing, including an effective methodology to maintain the continuity of drone operations, particularly drones used for emergency, safety, and rescue operations. Moreover, this research raises awareness of DaaS and drone operation in general as well as in the forensic science community due to its focus on the importance of securely operated drones for first responders. Furthermore, we address various aspects of security concerns, including data transmission, software restrictions, and embedded system-related events. In order to propose a security assessment for drones, we incorporate digital forensics and penetration testing techniques related to drone operations. Our results show that the proposed threat model enhances the security of flying devices and provides consistency in digital forensic procedures. This work introduces modifications to the STRIDE threat model based on the current literature, drone images provided by the NIST program, and a firmware static analysis of a zino hubsan brand drone.","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":null,"pages":null},"PeriodicalIF":0.3,"publicationDate":"2021-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87788406","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
A Two-Stage Model for Social Network Investigations in Digital Forensics 数字取证中社会网络调查的两阶段模型
IF 0.3
Journal of Digital Forensics Security and Law Pub Date : 2020-08-20 DOI: 10.15394/jdfsl.2020.1667
A. David, Sarah Morris, G. Appleby-Thomas
{"title":"A Two-Stage Model for Social Network Investigations in Digital Forensics","authors":"A. David, Sarah Morris, G. Appleby-Thomas","doi":"10.15394/jdfsl.2020.1667","DOIUrl":"https://doi.org/10.15394/jdfsl.2020.1667","url":null,"abstract":"This paper proposes a two-stage model for identifying and contextualizing features from artefacts created as a result of social networking activity. This technique can be useful in digital investigations and is based on understanding and the deconstruction of the processes that take place prior to, during and after user activity; this includes corroborating artefacts. Digital Investigations are becoming more complex due to factors such as, the volume of data to be examined; different data formats; a wide range of sources for digital evidence; the volatility of data and the limitations of some of the standard digital forensic tools. This paper highlights the need for an approach that enables digital investigators to prioritize social network artefacts to be further analysed; determine social connections in the context of an investigation e.g. a user’s social relationships, how recovered artefacts came to be, and how they can successfully be used as evidence in court.","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":null,"pages":null},"PeriodicalIF":0.3,"publicationDate":"2020-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79177679","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
What’s in the Cloud? - An examination of the impact of cloud storage usage on the browser cache 云里有什么?-检查云存储使用对浏览器缓存的影响
IF 0.3
Journal of Digital Forensics Security and Law Pub Date : 2020-01-01 DOI: 10.15394/JDFSL.2020.1592
G. Horsman
{"title":"What’s in the Cloud? - An examination of the impact of cloud storage usage on the browser cache","authors":"G. Horsman","doi":"10.15394/JDFSL.2020.1592","DOIUrl":"https://doi.org/10.15394/JDFSL.2020.1592","url":null,"abstract":"Cloud storage is now a well established and popular service adopted by many individuals and organizations, often at a scaled cost, with free accounts also available. It provides users with the ability to store content on a cloud service provider’s infrastructure, offering the benefit of redundancy, reliability, security, the flexibility of access, and the potential assumed the liability of the provider for data loss within the contexts of a licensing agreement. Consequently, this form of remote storage provides a regulatory challenge as content which once resided upon a seized digital exhibit, available for scrutiny during a digital forensic investigatory, may no longer be present where attempting to acquire access to it creates costing and juridical difficulties. This article offers a digital forensic examination of trace-evidence left in the Internet browser cache following cloud storage account usage and interaction. Following interactions with Dropbox and Google Drive in the Chrome browser, testing demonstrates the possibility to recover data capable of facilitating a partial reconstruction of a user’s cloud storage account, with results offered and contextualized.","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":null,"pages":null},"PeriodicalIF":0.3,"publicationDate":"2020-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87554561","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A FORENSIC FIRST LOOK AT A POS DEVICE: SEARCHING FOR PCI DSS DATA STORAGE VIOLATIONS 首先检查pos设备:搜索pci DSS数据存储违规
IF 0.3
Journal of Digital Forensics Security and Law Pub Date : 2020-01-01 DOI: 10.15394/JDFSL.2020.1614
Stephen Larson, James H. Jones, Jim Swauger
{"title":"A FORENSIC FIRST LOOK AT A POS DEVICE: SEARCHING FOR PCI DSS DATA STORAGE VIOLATIONS","authors":"Stephen Larson, James H. Jones, Jim Swauger","doi":"10.15394/JDFSL.2020.1614","DOIUrl":"https://doi.org/10.15394/JDFSL.2020.1614","url":null,"abstract":"According to the Verizon 2018 Data Breach Investigations Report, 321 POS terminals (user devices) were involved in data breaches in 2017. These data breaches involved standalone POS terminals as well as associated controller systems. This paper examines a standalone Point-of-Sale (POS) system commonly used in smaller retail stores and restaurants to extract unencrypted data and identify possible violations of the Payment Card Industry Data Security Standard (PCI DSS) requirement to protect stored cardholder data. Persistent storage (flash memory chips) were removed from the devices and their contents were successfully acquired. Information about the device and the code running on it was successfully extracted, although no PCI DSS data storage violations were identified.","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":null,"pages":null},"PeriodicalIF":0.3,"publicationDate":"2020-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80225425","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An Evaluation Of Data Erasing Tools 数据擦除工具的评价
IF 0.3
Journal of Digital Forensics Security and Law Pub Date : 2020-01-01 DOI: 10.15394/JDFSL.2020.1615
T. Martin, Andrew Jones
{"title":"An Evaluation Of Data Erasing Tools","authors":"T. Martin, Andrew Jones","doi":"10.15394/JDFSL.2020.1615","DOIUrl":"https://doi.org/10.15394/JDFSL.2020.1615","url":null,"abstract":"The permanent removal of data from computer disks has always been problematic. This has been due, in part, to the lack of availability of tools, and in part due to the misperception by the user that when a file is deleted it is destroyed and cannot be recovered and that when a disk is formatted, the data is destroyed. In this paper, we examine a number of the commonly available tools to determine how effectively they function and whether they achieve the aim of the effective destruction of data","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":null,"pages":null},"PeriodicalIF":0.3,"publicationDate":"2020-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72419117","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Cryptography, Passwords, Privacy, and the Fifth Amendment 密码学,密码,隐私和第五修正案
IF 0.3
Journal of Digital Forensics Security and Law Pub Date : 2020-01-01 DOI: 10.15394/jdfsl.2020.1678
G. Kessler, Ann M. Phillips
{"title":"Cryptography, Passwords, Privacy, and the Fifth Amendment","authors":"G. Kessler, Ann M. Phillips","doi":"10.15394/jdfsl.2020.1678","DOIUrl":"https://doi.org/10.15394/jdfsl.2020.1678","url":null,"abstract":"Military-grade cryptography has been widely available at no cost for personal and commercial use since the early 1990s. Since the introduction of Pretty Good Privacy (PGP), more and more people encrypt files and devices, and we are now at the point where our smartphones are encrypted by default. While this ostensibly provides users with a high degree of privacy, compelling a user to provide a password has been interpreted by some courts as a violation of our Fifth Amendment protections, becoming an often insurmountable hurdle to law enforcement lawfully executing a search warrant. This paper will explore some of the issues around this complex legal and social issue, including the evolution in the use of digital cryptography and the evolving legal interpretations of privacy.","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":null,"pages":null},"PeriodicalIF":0.3,"publicationDate":"2020-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80376099","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信