Now showing 1 - 10 of 63
  • Publication
    An efficient customer search tool within an anti-money laundering application implemented on an internaitonal bank's dataset
    Today, money laundering (ML) poses a serious threat not only to financial institutions but also to the nations. This criminal activity is becoming more and more sophisticated and seems to have moved from the cliché of drug trafficking to financing terrorism and surely not forgetting personal gain. Most of the financial institutions internationally have been implementing anti-money laundering solutions (AML) to fight investment fraud activities. In AML, the customer identification is an important task which helps AML experts to monitor customer habits: some being customer domicile, transactions that they are involved in etc. However, simple query tools provided by current DBMS as well as naive approaches in customer searching may produce incorrect and ambiguous results and their processing time is also very high due to the complexity of the database system architecture. In this paper, we present a new approach for identifying customers registered in an investment bank. This approach is developed as a tool that allows AML experts to quickly identify customers who are managed independently across separate databases. It is tested on real-world datasets, which are real and large financial datasets. Some preliminary experimental results show that this new approach is efficient and effective.
      172
  • Publication
    Forensic Analysis of Virtual Hard Drives
    (The Association of Digital Forensics, Security and Law, 2017-03-31) ; ;
    The issue of the volatility of virtual machines is perhaps the most pressing concern in any digital investigation involving a virtual machine. Current digital forensics tools do not fully address the complexities of data recovery that are posed by virtual hard drives. It is necessary, for this reason, to explore ways to capture evidence, other than those using current digital forensic methods. Data recovery should be done in the most efficient and secure manner, as quickly, and in an as non-intrusive way as can be achieved. All data in a virtual machine is disposed of when that virtual machine is destroyed, it may not therefore be possible to extract and preserve evidence such as incriminating images prior to destruction. Recovering that evidence, or finding some way of associating that evidence with the virtual machine before destruction of that virtual machine, is therefore crucial.In this paper we present a method for extracting evidence from a virtual hard disk drive in a quick, secure and verifiable manner, with a minimum impact on the drive thus preserving its integrity for further analysis.
      399
  • Publication
    Security Threats of URL Shortening: A User's Perspective
    Short URLs have been used on the Internet for several years now and as time goes by new security threats are discovered in relation to their use (e.g. malware, phishing, spam). However, although current research in literature has compiled addressing the security threats when utilizing such types of URLs, no study approached the assessment of user confidence and user awareness regarding short URLs. Thus the aim of this paper is to cover the existing knowledge gap and to compile a baseline assessment on the frequency of use, user confidence and user awareness when utilizing short URLs. To do so, we have developed questionnaire connected to the previously mentioned aspects and which was applied to one hundred persons of various nationalities from within the European Union with various user experiences when it comes to the Internet and short URLs. The analysis of the replies received from the participants to the survey has revealed a general awareness that there are security risks associated with short URLs, a tendency of propagation of short URLs to other Internet services and platforms.
      1585
  • Publication
    Distributed Knowledge Map for Mining Data on Grid Platforms
    Recently, huge datasets representing different applications domains are produced and stored on distributed platforms. These datasets are, generally, owned by different organizations. As a consequence, The scale and distribution nature of these datasets have created the problem of efficient mining and management on these platforms. Most of the existing knowledge management approaches are mainly for centralized data mining. Few of them propose solutions for mining and handling knowledge on Grid. However, the new knowledge is stored and managed as any other kinds of resources.
      174
  • Publication
    Electronic Evidence Discovery, Identification and Preservation: Role of the First Responder and related capacity building challenges
    The integrity of electronic evidence is essential for judicial proceedings. In this context, the role of the First Responder for discovery, identification and preservation is considered to be one of the short-term most critical challenge. While the number of devices to be collected was reasonably small and the items were easily identifiable in the past, it is not the case anymore. Many initiatives aim at harmonising technical and legal standards to facilitate electronic evidence exchange, although a consistent approach in basic equipment and training of the field police officer is still missing. Hence, in this paper, we study how synergies between different international organisations create and deploy an innovative and sustainable approach to address capacity building challenges related to the tasks assigned to the First Responder.
      269
  • Publication
    An Analytical Approach to the Recovery of Data from 3rd Party Proprietary CCTV File Systems
    According to recent predictions, the global video surveillance market is expected to reach $42.06 billion annually by 2020. The market is extremely fragmented with only around 40% of the market being accounted for by the 15 top video surveillance equipment suppliers as in an annual report issued by IMS Research. The remaining market share was split amongst the numerous other smaller companies who provide CCTV solutions, usually at lower prices than their brand name counterparts. This cost cutting generally results in a lower specification of components. Recently, an investigation was undertaken in relation to a serious criminal offence, of which significant video footage had been captured on a CCTV DigitalVideo Recorder (DVR). The unit was setup to save the last 31 days of footage to an internal hard drive. However, despite the referenced footage being within this timeframe, it could not be located. The DVR unit was submitted for forensic examination anddata retrieval of specified video footage which, according to the proprietary video backup application, was not retrievable. In this paper, we present the process and method of the forensic retrieval of video footage from a DVR. The objective of this method is to retrieve the oldest video footage possible from a proprietary designed file storage system. We also evaluate our approach with a Ganz CCTV DVR system model C-MPDVR-16 to show that the file system of a DVR has been reversed engineering with no initial knowledge, application or documentation available.
      1524
  • Publication
    HTML5 Zero Configuration Covert Channels: Security Risks and Challenges
    In recent months there has been an increase in the popularity and public awareness of secure, cloudless file transfer systems. The aim of these services is to facilitate the secure transfer of files in a peer-to- peer (P2P) fashion over the Internet without the need for centralised authentication or storage. These services can take the form of client installed applications or entirely web browser based interfaces. Due to their P2P nature, there is generally no limit to the file sizes involved or to the volume of data transmitted – and where these limitations do exist they will be purely reliant on the capacities of the systems at either end of the transfer. By default, many of these services provide seamless, end-to-end encryption to their users. The cyber security and cyber forensic consequences of the potential criminal use of such services are significant. The ability to easily transfer encrypted data over the Internet opens up a range of opportunities for illegal use to cyber criminals requiring minimal technical know-how. This paper explores a number of these services and provides an analysis of the risks they pose to corporate and governmental security. A number of methods for the forensic investigation of such transfers are discussed.
      527
  • Publication
    An Efficient Data Warehouse for Crop Yield Prediction
    Nowadays, precision agriculture combined with modern information and communications technologies, is becoming more common in agricultural activities such as automated irrigation systems, precision planting, variable rate applications of nutrients and pesticides, and agricultural decision support systems. In the latter, crop management data analysis, based on machine learning and data mining, focuses mainly on how to efficiently forecast and improve crop yield. In recent years, raw and semi-processed agricultural data are usually collected using sensors, robots, satellites, weather stations, farm equipment, farmers and agribusinesses while the Internet of Things (IoT) should deliver the promise of wirelessly connecting objects and devices in the agricultural ecosystem. Agricultural data typically captures information about farming entities and operations. Every farming entity encapsulates an individual farming concept, such as field, crop, seed, soil, temperature, humidity, pest, and weed. Agricultural datasets are spatial, temporal, complex, heterogeneous, non-standardized, and very large. In particular, agricultural data is considered as Big Data in terms of volume, variety, velocity and veracity. Designing and developing a data warehouse for precision agriculture is a key foundation for establishing a crop intelligence platform, which will enable resource efficient agronomy decision making and recommendations. Some of the requirements for such an agricultural data warehouse are privacy, security, and real-time access among its stakeholders (e.g., farmers, farm equipment manufacturers, agribusinesses, co-operative societies, customers and possibly Government agencies). However, currently there are very few reports in the literature that focus on the design of efficient data warehouses with the view of enabling Agricultural Big Data analysis and data mining. In this paper, we propose a system architecture and a database schema for designing and implementing a continental level data warehouse. Besides, some major challenges and agriculture dimensions are also reviewed and analysed.
      314
  • Publication
    The End of effective Law Enforcement in the Cloud? - To encrypt, or not to encrypt
    With an exponentially increasing usage of cloud services, the need for forensic investigations of virtual space is equally in constantly increasing demand, which includes as a very first approach, the gaining of access to it as well as the data stored. This is an aspect that faces a number of challenges, stemming not only from the technical difficulties and peculiarities, but equally covers the interaction with an emerging line of businesses offering cloud storage and services. Beyond the forensic aspects, it also covers to an ever increasing amount the non-forensic considerations, such as the availability of logs and archives, legal and data protection considerations from a global perspective and the clashes in between, as well as the ever competing interests between law enforcement to seize evidence which is non-physical, and businesses who need to be able to continue to operate and provide their hosted services, even if law enforcement seek to collect evidence. The trend post-Snowden has been unequivocally towards default encryption, and driven by market leaders such as Apple, motivated to a large extent by the perceived demands for privacy of the consumer. The central question to be explored in this paper is to what extent this trend towards default encryption will have a negative impact on law enforcement investigations and possibilities, and will at the end attempt to provide a solution, which takes into account the needs of both law enforcement, but also of the cloud service providers. It is hoped that the recommendations from this paper will be able to have an impact in the ability for law enforcement to continue with their investigations in an efficient manner, whilst also safeguarding the ability for business to thrive and continue to develop and offer new and innovative solutions, which do not put law enforcement at risk.
      501
  • Publication
    EMvidence: A Framework for Digital Evidence Acquisition from IoT Devices through Electromagnetic Side-Channel Analysis
    EM side-channel analysis (EM-SCA) is a branch in information security where the unintentional electromagnetic (EM) emissions from computing devices. This has been used for various purposes including software behaviour detection, software modification detection, malicious software identification, and data extraction. The possibility of applying EM-SCA in digital forensic investigation scenarios involving IoT devices has been proposed recently. When it is difficult or impossible to acquire forensic evidence from an IoT device, observing EM emissions of the device can provide valuable information to an investigator. This work addresses the challenge of making EM-SCA a practical reality to digital forensic investigators by introducing a software framework called EMvidence. The framework is designed to facilitate extensibility through an EM plug-in model.
      17