Options
Kechadi, Tahar
Preferred name
Kechadi, Tahar
Official Name
Kechadi, Tahar
Research Output
Now showing 1 - 10 of 30
- PublicationA Cloud Forensic Readiness Model for Service Level Agreements Management(Academic Conferences and Publishing International Limited, 2015-07-03)
; ; Cloud computing is increasingly becoming a target of cyber-criminal attacks. Often the committedcrimes violate the Service Level Agreement (SLA) contracts, which must be respected by all the involvedparties. Cloud Forensics is a branch of Digital Forensic discipline dealing with crimes involving the Cloud. Amanner for leveraging some of the attacks is the provisioning of a Forensic Readiness capability, by performingsome activities before the crimes happen. In this paper we introduce a model aimed to represent themanagement of SLAs through a cloud system.395 - PublicationVirtual Machine Forensics by means of Introspection and Kernel Code Injection(2014-03-24)
; Virtual Machine Introspection offers the ability to access a virtual machine remotely and extract informationfrom it. Virtual machine introspection allows all processes, local data, and network traffic to be tracked andmade available to the investigation process. These properties offer the possibility to monitor a suspect virtualmachine (VM). Moreover, the access to a VM data is far from being trivial; there are various complex tasks tobe dealt with. For instance the returned data is in a raw format, and it is necessary to remap into a userfriendly representation (canonical representation). In this paper we propose a method of bridging thissemantic gap, and provide a graphical reconstruction of events. This proposal is essentially, the recreation ofa virtual machine at a remote location and the subsequent recreation of all processes, data, network traffic ina virtual machine as they occur in the original. This should be achieved in real-time, which will give anopportunity to quickly make decisions based on the evidence as we collect them in real-time. Our approachinvolves recreating a virtual machine and injecting into it all code and data within the original virtual machine,presenting an identical copy for examination. The approach proposed also has another advantage byallowing all data to be saved for further analysis and verification.548 - PublicationMPM Job Scheduling Problem: a bi-objective approachThis paper presents a Recurrent Neural Network approach for the multi purpose machines Job Shop Scheduling Problem. This case of JSSP can be utilized for the modelling of project portfolio management besides the well known adoption in factory environment. Therefore, each project oriented organization develops a set of projects and it has to schedule them as a whole. In this work, we extended a bi-objective system model based on the JSSP modelling and formulate dit as a combination of two recurrent neural networks. In addition, we designed an example within its neural networks that are focused on the Make span and the Total Weighted Tardiness objectives. Moreover, we present the findings of our approach using a set of well known benchmark instances and the discussion about them and the singularity that arises
178 - PublicationHTML5 Zero Configuration Covert Channels: Security Risks and Challenges(ADFSL, 2015-05-21)
; ; ; ; In recent months there has been an increase in the popularity and public awareness of secure, cloudless file transfer systems. The aim of these services is to facilitate the secure transfer of files in a peer-to- peer (P2P) fashion over the Internet without the need for centralised authentication or storage. These services can take the form of client installed applications or entirely web browser based interfaces. Due to their P2P nature, there is generally no limit to the file sizes involved or to the volume of data transmitted – and where these limitations do exist they will be purely reliant on the capacities of the systems at either end of the transfer. By default, many of these services provide seamless, end-to-end encryption to their users. The cyber security and cyber forensic consequences of the potential criminal use of such services are significant. The ability to easily transfer encrypted data over the Internet opens up a range of opportunities for illegal use to cyber criminals requiring minimal technical know-how. This paper explores a number of these services and provides an analysis of the risks they pose to corporate and governmental security. A number of methods for the forensic investigation of such transfers are discussed.525 - PublicationPrediction of NB-UVB phototherapy treatment response of psoriasis patients using data miningNB-UVB Phototherapy is one of the most commontreatments administrated by dermatologists for psoriasis patients.Although in general, the treatment results in improving thecondition, it also can worsen it. If a model can predict thetreatment response before hand, the dermatologists can adjustthe treatment accordingly. In this paper, we use data miningtechniques and conduct four experiments. The best performanceof all four experiments was obtained by the stacked classifiermade of hyper parameter tuned Random Forest, kSVM and ANNbase learners, learned using L1-Regularized Logistic Regressionsuper learner.
473 - PublicationSmartphone Forensic Analysis: A Case Study for Obtaining Root Access of an Android Samsung S3 Device and Analyse the Image without an Expensive Commercial ToolSmartphone is a very useful and compact device that fits in persons pocket, but at the same time itcan be used as a tool for criminal activities. In this day and age, people increasingly rely on smartphones rather than desktop computers or laptops to exchange messages, share videos and audiomessages. A smartphone is almost equivalent in its application to a PC, hence there are securityrisks associated with its use such as carrying out a digital crime or becoming a victim of one. Criminalscan use smartphones for a number of activities. Namely, committing a fraud over e-mail,harassment via text messages, drug trafficking, child pornography, communications related to narcotics,etc. It is a great challenge for forensic experts to extract data from a smartphone for forensic purposes that can be used as evidence in the court of law. In this case study, I show how to obtain the root access of Samsung S3 phone, how to create DD image and then how to examine DD image via commercial tool like UFED physical analyzer trial version which doesnt support Android devices. I will extract the messages for Viber on trial version of UFED Physical analyzer.
1876 - PublicationDistributed Clustering Algorithm for Spatial Data Mining(2015)
; ; Distributed data mining techniques and mainly distributed clustering are widely used in last decade because they deal with very large and heterogeneous datasets which cannot be gathered centrally. Current distributed clustering approaches are normally generating global models by aggregating local results that are obtained on each site. While this approach analyses the datasets on their locations the aggregation phase is complex, time consuming and may produce incorrect and ambiguous global clusters and therefore incorrect knowledge. In this paper we propose a new clustering approach for very large spatial datasets that are heterogeneous and distributed. The approach is based on K-means Algorithm but it generates the number of global clusters dynamically. It is not necessary to fix the number of clusters. Moreover, this approach uses a very sophisticated aggregation phase. The aggregation phase is designed in such away that the final clusters are compact and accurate while the overall process is efficient in time and memory allocation. Preliminary results show that the proposed approach scales up well in terms of running time, and result quality, we also compared it to two other clustering algorithms BIRCH and CURE and we show clearly this approach is much more efficient than the two algorithms.1092 - PublicationSimulating SQL-Injection Cyber-attacks using GNS3(International Journal of Computer Theory and Engineering, 2015-02-13)
; ; ; Network Forensics is a subtopic of Digital Forensics wherein research on artificat investigations and intrusions evidence acquisition is addressed. Among many challenges in the field, the problem of losing data artifacts in the state of flux, (i.e., live volatile data), when network devices are suddenly non-operational remains a topic of interest to many investigators. The main objective of this article is to simulate an SQL injection attack scenarios in a complex network environment. We designed and simulated a typical Demilitarized Zone (DMZ) network environment using Graphical Network Simulator (GNS3), Virtual Box and VMware workstation. Using this set-up we are now able to simulate specific network devices configuration, perform SQL injection attacks against victim machines and collect network logs. The main motivation of our work is to finally define an attack pathway prediction methodology that makes it possible to examine the network artifacts collected in case network attacks.1217 - PublicationSecurity Threats of URL Shortening: A Users PerspectiveShort URLs have been used on the Internet for several years now and as time goes by new security threats are discovered in relation to their use (e.g. malware, phishing, spam). However, although current research in literature has compiled addressing the security threats when utilizing such types of URLs, no study approached the assessment of user confidence and user awareness regarding short URLs. Thus the aim of this paper is to cover the existing knowledge gap and to compile a baseline assessment on the frequency of use, user confidence and user awareness when utilizing short URLs. To do so, we have developed questionnaire connected to the previously mentioned aspects and which was applied to one hundred persons of various nationalities from within the European Union with various user experiences when it comes to the Internet and short URLs. The analysis of the replies received from the participants to the survey has revealed a general awareness that there are security risks associated with short URLs, a tendency of propagation of short URLs to other Internet services and platforms.
2689 - PublicationReference Architecture for a Cloud Forensic Readiness System(2014)
; ; The Digital Forensic science is participating to a brand new change represented by the management of incidents in the Cloud Computing Services. Due that the Cloud Computing architecture is uncontrollable because of some specific features,its use to commit crimes is becoming a very critical issue, too. Proactive Cloud Forensics becomes a matter of urgency, due to its capability of collecting critical data before crimes happen, thus saving time and money for the subsequent investigations. In this paper, a proposal for a Cloud Forensic Readiness System is presented. It is conceived as reference architecture, in order to be of general applicability, not technically constrained by any Cloud architecture. The principal aim of this work is to extend our initial proposed Cloud Forensic Readiness System reference architecture, by providing more details and an example of its application by exploiting the Open Stack Cloud Platform.1821