for Journals by Title or ISSN
for Articles by Keywords
help
Followed Journals
Journal you Follow: 0
 
Sign Up to follow journals, search in your chosen journals and, optionally, receive Email Alerts when new issues of your Followed Journals are published.
Already have an account? Sign In to see the journals you follow.
Journal Cover
Journal of Digital Forensics, Security and Law
Number of Followers: 0  

  This is an Open Access Journal Open Access journal
ISSN (Print) 1558-7215 - ISSN (Online) 1558-7223
Published by Embry-Riddle Aeronautical University Homepage  [4 journals]
  • Back Matter

    • PubDate: Mon, 07 May 2018 07:13:00 PDT
       
  • Subscription Information

    • PubDate: Mon, 07 May 2018 07:12:52 PDT
       
  • Hierarchical Bloom Filter Trees for Approximate Matching

    • Authors: David Lillis et al.
      Abstract: Bytewise approximate matching algorithms have in recent years shown significant promise in detecting files that are similar at the byte level. This is very useful for digital forensic investigators, who are regularly faced with the problem of searching through a seized device for pertinent data. A common scenario is where an investigator is in possession of a collection of "known-illegal" files (e.g. a collection of child abuse material) and wishes to find whether copies of these are stored on the seized device. Approximate matching addresses shortcomings in traditional hashing, which can only find identical files, by also being able to deal with cases of merged files, embedded files, partial files, or if a file has been changed in any way. Most approximate matching algorithms work by comparing pairs of files, which is not a scalable approach when faced with large corpora. This paper demonstrates the effectiveness of using a "Hierarchical Bloom Filter Tree" (HBFT) data structure to reduce the running time of collection-against-collection matching, with a specific focus on the MRSH-v2 algorithm. Three experiments are discussed, which explore the effects of different configurations of HBFTs. The proposed approach dramatically reduces the number of pairwise comparisons required, and demonstrates substantial speed gains, while maintaining effectiveness.
      PubDate: Mon, 07 May 2018 07:12:34 PDT
       
  • Automated Man-in-the-Middle Attack Against Wi-Fi Networks

    • Authors: Martin Vondráček et al.
      Abstract: Currently used wireless communication technologies suffer security weaknesses that can be exploited allowing to eavesdrop or to spoof network communication. In this paper, we present a practical tool that can automate the attack on wireless security. The developed package called wifimitm provides functionality for the automation of MitM attacks in the wireless environment. The package combines several existing tools and attack strategies to bypass the wireless security mechanisms, such as WEP, WPA, and WPS. The presented tool can be integrated into a solution for automated penetration testing. Also, a popularization of the fact that such attacks can be easily automated should raise public awareness about the state of wireless security.
      PubDate: Mon, 07 May 2018 07:12:18 PDT
       
  • A Sketch-based Rapid Modeling Method for Crime Scene Presentation

    • Authors: Pu Ren et al.
      Abstract: The reconstruction of crime scene plays an important role in digital forensic application. This article integrates computer graphics, sketch-based retrieval and virtual reality (VR) techniques to develop a low-cost and rapid 3D crime scene presentation approach, which can be used by investigators to analyze and simulate the criminal process. First, we constructed a collection of 3D models for indoor crime scenes using various popular techniques, including laser scanning, image-based modeling and geometric modeling. Second, to quickly obtain an object of interest from the 3D model database, a sketch-based retrieval method was proposed. Finally, a rapid modeling system that integrates our database and retrieval algorithm was developed to quickly build a digital crime scene. For practical use, an interactive real-time virtual roaming application was developed in Unity 3D and a low-cost VR head-mounted display (HMD). Practical cases have been implemented to demonstrate the feasibility and availability of our method.
      PubDate: Mon, 07 May 2018 07:11:56 PDT
       
  • Testing Memory Forensics Tools for the Macintosh OS X Operating System

    • Authors: Charles B. Leopard et al.
      Abstract: Memory acquisition is essential to defeat anti-forensic operating-system features and investigate cyberattacks that leave little or no evidence in secondary storage. The forensic community has developed tools to acquire physical memory from Apple’s Macintosh computers, but they have not much been tested. This work tested three major OS X memory-acquisition tools. Although the tools could capture system memory accurately, the open-source tool OSXPmem appeared advantageous in size, reliability, and support for memory configurations and versions of the OS X operating system.
      PubDate: Mon, 07 May 2018 07:11:38 PDT
       
  • Drone Forensic Analysis Using Open Source Tools

    • Authors: M A Hannan Bin Azhar et al.
      Abstract: Carrying capabilities of drones and their easy accessibility to public have led to an increase in crimes committed using drones in recent years. For this reason, the need for forensic analysis of drones captured from the crime scenes and the devices used for these drones is also paramount. This paper presents the extraction and identification of important artefacts from the recorded flight data as well as the associated mobile devices using open source tools and some basic scripts developed to aid the analysis of two popular drone systems- the DJI Phantom 3 Professional and Parrot AR. Drone 2.0. Although different drones vary in their operations, this paper extends the extraction and analysis of the data from the drones and associated devices using some generic methods which are forensically sound adhering to the guidelines of the Association of Chief Police Officers (ACPO).
      PubDate: Mon, 07 May 2018 07:11:21 PDT
       
 
 
JournalTOCs
School of Mathematical and Computer Sciences
Heriot-Watt University
Edinburgh, EH14 4AS, UK
Email: journaltocs@hw.ac.uk
Tel: +00 44 (0)131 4513762
Fax: +00 44 (0)131 4513327
 
Home (Search)
Subjects A-Z
Publishers A-Z
Customise
APIs
Your IP address: 54.161.49.216
 
About JournalTOCs
API
Help
News (blog, publications)
JournalTOCs on Twitter   JournalTOCs on Facebook

JournalTOCs © 2009-