 |
Information Forensics and Security 2015 |
Forensics is an important tool for tracking and evaluating past attacks and using the information gained to resolve hard problems in the Science of Security. The work cited here, which looks at policies, methodologies, and tools, was presented in 2015.
S. Sarkar and S. Das, “Secure E-Governance: From Observation to Policy Formulation,” 2015 Third International Conference on Image Information Processing (ICIIP), Waknaghat, 2015, pp. 208-213. doi:10.1109/ICIIP.2015.7414767
Abstract: This paper proposes to introduce a security policy as part of forensic readiness for a State who is or will be providing Digital Forensics as a Service (DFaaS) integrated with e-Government services. A few of the constituents of DFaaS are the investigating services for crimes which may even be committed by the Infrastructure Providers (IFP) in Cloud Computing Environment (CCE). The policy proposes to acquire a guarantee from IFP that it will not establish any direct connection with its Virtual Machine (VM)s while providing computing resources to any Cloud Service Provider (CSP) or end user. The basic objective of this policy is to maintain Confidentiality, Integrity and Availability (CIA) of information contained in any CCE in connection with possible threats from the IFP side. A few scenarios are depicted in this paper to show that an IFP can easily establish a connection with one or many VM(s) of a CCE and can violate the basic principles of CIA. In view of this, we have also proposed a few techniques in this paper to make the CSP and end user forensically ready so that such system can raise an immediate alert only when an unauthorized connection is established by a host towards its VM(s).
Keywords: cloud computing; data integrity; data privacy; government data processing; security of data; virtual machines; CCE; CSP; DFaaS; IFP; VM; cloud computing environment; cloud service provider; digital forensics as a service; e-governance security; e-government services; forensic readiness; information availability; information confidentiality; information integrity; infrastructure providers; policy formulation; virtual machine; Bridges; Cloud computing; Games; Government; Cloud Computing Environment; Cyber Crime; Digital forensics; E-Governance; Security (ID#: 16-10777)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7414767&isnumber=7414696
C. T. Christou, G. M. Jacyna, F. J. Goodman, D. G. Deanto and D. Masters, “Geolocation Analysis Using Maxent and Plant Sample Data,” Technologies for Homeland Security (HST), 2015 IEEE International Symposium on, Waltham, MA, 2015, pp. 1-6. doi:10.1109/THS.2015.7225273
Abstract: A study was conducted to assess the feasibility of geolocation based on correctly identifying pollen samples found on goods or people for purposes of compliance with U.S. import laws and criminal forensics. The analysis was based on Neotropical plant data sets from the Global Biodiversity Information Facility. The data were processed through the software algorithm Maxent that calculates plant probability geographic distributions of maximum entropy, subject to constraints. Derivation of single and joint continuous probability densities of geographic points, for single and multiple taxa occurrences, were performed. Statistical metrics were calculated directly from the output of Maxent for single taxon probabilities and were mathematically derived for joint taxa probabilities. Predictions of likeliest geographic regions at a given probability percentage level were made, along with the total corresponding geographic ranges. We found that joint probability distributions greatly restrict the areas of possible provenance of pollen samples.
Keywords: entropy; geographic information systems; law; sampled data systems; statistical distributions; Maxent; Neotropical plant data sets; U.S. import laws; criminal forensics; geolocation analysis; global biodiversity information facility; joint probability distributions; maximum entropy; plant sample data; pollen samples; probability geographic distributions; software algorithm; statistical metrics; Geology; Joints; Logistics; Measurement; Probability distribution; Standards; Neotropics; environmental variables; forensics geolocation; marginal and joint probability distributions; maximum entropy; plant occurrences; pollen analyses; statistical metrics (ID#: 16-10778)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7225273&isnumber=7190491
B. Lee, A. Awad and M. Awad, “Towards Secure Provenance in the Cloud: A Survey,” 2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing (UCC), Limassol, Cyprus, 2015, pp. 577-582. doi:10.1109/UCC.2015.102
Abstract: Provenance information are meta-data that summarize the history of the creation and the actions performed on an artefact e.g. data, process etc. Secure provenance is essential to improve data forensics, ensure accountability and increase the trust in the cloud. In this paper, we survey the existing cloud provenance management schemes and proposed security solutions. We investigate the current related security challenges resulting from the nature of the provenance model and the characteristics of the cloud and we finally identify potential research directions which we feel necessary t should be covered in order to build a secure cloud provenance for the next generation.
Keywords: Cloud computing; Data models; Data privacy; Encryption; History; cloud computing; provenance; security; trust (ID#: 16-10779)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7431477&isnumber=7431374
S. Sarkar and S. Das, “Secure e-Governance: From Observation to Policy Formulation,” 2015 Third International Conference on Image Information Processing (ICIIP), Waknaghat, 2015, pp. 208-213. doi:10.1109/ICIIP.2015.7414767
Abstract: This paper proposes to introduce a security policy as part of forensic readiness for a State who is or will be providing Digital Forensics as a Service (DFaaS) integrated with e-Government services. A few of the constituents of DFaaS are the investigating services for crimes which may even be committed by the Infrastructure Providers (IFP) in Cloud Computing Environment (CCE). The policy proposes to acquire a guarantee from IFP that it will not establish any direct connection with its Virtual Machine (VM)s while providing computing resources to any Cloud Service Provider (CSP) or end user. The basic objective of this policy is to maintain Confidentiality, Integrity and Availability (CIA) of information contained in any CCE in connection with possible threats from the IFP side. A few scenarios are depicted in this paper to show that an IFP can easily establish a connection with one or many VM(s) of a CCE and can violate the basic principles of CIA. In view of this, we have also proposed a few techniques in this paper to make the CSP and end user forensically ready so that such system can raise an immediate alert only when an unauthorized connection is established by a host towards its VM(s).
Keywords: cloud computing; data integrity; data privacy; government data processing; security of data; virtual machines; CCE; CSP; DFaaS; IFP; VM; cloud computing environment; cloud service provider; digital forensics as a service; e-governance security; e-government services; forensic readiness; information availability; information confidentiality; information integrity; Infrastructure providers; policy formulation; virtual machine; Bridges; Cloud computing; Games; Government; Cloud Computing Environment; Cyber Crime; Digital forensics; E-Governance; Security (ID#: 16-10780)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7414767&isnumber=7414696
Z. Erkin, “Private Data Aggregation with Groups for Smart Grids in a Dynamic Setting Using CRT,” Information Forensics and Security (WIFS), 2015 IEEE International Workshop on, Rome, 2015, pp. 1-6. doi:10.1109/WIFS.2015.7368584
Abstract: Computing the total consumption within a neighbourhood or of a single households in smart grids is important for billing and statistical analysis. Fine granular data used for this purpose, unfortunately, leaks too much privacy sensitive information on the inhabitants and thus raise serious concerns. In this paper, we propose a cryptographic protocol that protects the privacy sensitive measurements while it enables the utility provider to obtain the desired statistical information. Our protocols improves the state-of-the-art in three dimensions. Firstly, from a single execution of the protocol, the utility provider can obtain the total consumption of the whole neighbourhood as well as smaller groups that are created based on their features, e.g. schools, hospitals, etc. Secondly, to the best our knowledge, our protocol is the first one that cope with missing measurements without invoking other protocols or relying on third parties. Thirdly, our protocol relies on simple primitives that can be implemented efficiently even on limited devices, particularly on smart meters. We achieve our goal of having a simple, efficient protocol that is suitable for groups in a dynamic setting by combining the Chinese Remainder Theorem with modified homomorphic encryption. The simplicity and the capabilities of our protocol make it very promising to be deployed in practice as shown in the analysis.
Keywords: cryptographic protocols; data aggregation; data privacy; electricity supply industry ;energy consumption; power engineering computing; smart meters; smart power grids; statistical analysis; CRT; Chinese remainder theorem; cryptographic protocol; energy consumption readings; modified homomorphic encryption; privacy sensitive measurements; private data aggregation; smart grids; smart meters; statistical analysis; Encryption; Proposals; Protocols; Smart meters; Time measurement (ID#: 16-10781)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7368584&isnumber=7368550
S. Rane, J. Freudiger, A. E. Brito and E. Uzun, “Privacy, Efficiency & Fault Tolerance in Aggregate Computations on Massive Star Networks,” Information Forensics and Security (WIFS), 2015 IEEE International Workshop on, Rome, 2015, pp. 1-6. doi:10.1109/WIFS.2015.7368608
Abstract: We consider the challenge of performing efficient, fault-tolerant, privacy-preserving aggregate computations in a star topology, i.e., a massive number of participants connected to a single untrusted aggregator. The privacy constraints are that the participants do not discover each other's data, and the aggregator obtains the final results while remaining oblivious to each participant's individual contribution to the aggregate. In achieving these goals, previous approaches have either assumed a trusted dealer that distributes keys to the participants and the aggregator, or introduced additional parties that withhold the decryption key from the aggregator, or applied secret sharing with either pairwise communication amongst the participants or O(N2) ciphertext overhead at the aggregator. In contrast, we describe a protocol based on Shamir secret sharing and homomorphic encryption without assuming any additional parties. We also eliminate all pairwise communication amongst the participants and still require only O(N1+ε) overhead at the aggregator, where ε ≪ 1 can be achieved for massively multiparty computation. Our protocol arranges the star-connected participants into a logical hierarchy that facilitates parallelization, while allowing for user churn, i.e., a specified number of participants can go offline after providing their data, and new participants can join at a later stage of the computation.
Keywords: computational complexity; cryptography; data privacy; fault tolerant computing; topology; Shamir secret sharing; ciphertext overhead; decryption key; fault-tolerant aggregate computations; homomorphic encryption; massive star networks; massively multiparty computation; pairwise communication; privacy-preserving aggregate computations; star topology; untrusted aggregator; Aggregates; Encryption; Fault tolerance; Fault tolerant systems; Privacy; Protocols (ID#: 16-10782)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7368608&isnumber=7368550
A. Grigorescu, H. Boche and R. F. Schaefer, “Robust PUF Based Authentication,” Information Forensics and Security (WIFS), 2015 IEEE International Workshop on, Rome, 2015, pp. 1-6. doi:10.1109/WIFS.2015.7368560
Abstract: Physical Unclonable Functions (PUFs) can be seen as the fingerprint of a device. PUFs are ideal objects for device authentication due to its uniqueness. In this paper, PUF based authentication is studied from an information theoretical perspective considering compound sources, which models uncertainty in the PUF knowledge and some attack classes. It is shown, that authentication is robust against source uncertainty and a special class of attacks. The secrecy privacy capacity region is derived.
Keywords: data privacy; information theory; message authentication; PUF; attack class;device authentication; information theoretical perspective; physical unclonable function; secrecy privacy capacity region; source uncertainty; Authentication; Compounds; Privacy; Probability distribution; Reliability; Uncertainty; Yttrium (ID#: 16-10783)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7368560&isnumber=7368550
M. Conti, V. Cozza, M. Petrocchi and A. Spognardi, “TRAP: Using Targeted Ads to Unveil Google Personal Profiles,” Information Forensics and Security (WIFS), 2015 IEEE International Workshop on, Rome, 2015, pp. 1-6. doi:10.1109/WIFS.2015.7368607
Abstract: In the last decade, the advertisement market spread significantly in the web and mobile app system. Its effectiveness is also due thanks to the possibility to target the advertisement on the specific interests of the actual user, other than on the content of the website hosting the advertisement. In this scenario, became of great value services that collect and hence can provide information about the browsing user, like Facebook and Google. In this paper, we show how to maliciously exploit the Google Targeted Advertising system to infer personal information in Google user profiles. In particular, the attack we consider is external from Google and relies on combining data from Google AdWords with other data collected from a website of the Google Display Network. We validate the effectiveness of our proposed attack, also discussing possible application scenarios. The result of our research shows a significant practical privacy issue behind such type of targeted advertising service, and call for further investigation and the design of more privacy-aware solutions, possibly without impeding the current business model involved in online advertisement.
Keywords: Web sites; advertising data processing; data privacy; Google AdWords; Google Display Network; Google Targeted Advertising system; Google personal profiles; Google user profiles; TRAP; Web site; World Wide Web; advertisement market; mobile app system; online advertisement; privacy-aware solutions; Advertising; Google; Monitoring; Navigation; Patents; Visualization (ID#: 16-10784)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7368607&isnumber=7368550
M. H. Saad, A. Serageldin and G. I. Salama, “Android Spyware Disease and Medication,” 2015 Second International Conference on Information Security and Cyber Forensics (InfoSec), Cape Town, South Africa, 2015, pp. 118-125. doi:10.1109/InfoSec.2015.7435516
Abstract: Android-based smartphones are gaining significant advantages on its counterparts in terms of market share among users. The increasing usage of Android OS make it ideal target for attackers. There is an urgent need to develop solutions that guard the user's privacy and can monitor, detect and block these Eavesdropping applications. In this paper, two proposed paradigm are presented. The first proposed paradigm is a spyware application to highlight the security weaknesses ???disease???. The spy-ware application has been used to deeply understand the vulnerabilities in the Android operating system, and to study how the spy-ware can be developed to abuse these vulnerabilities for intercepting victim's privacy such as received SMS, incoming calls and outgoing calls. The spy-ware abuses the Internet service to transfer the intercepted information from victim's cell phone illegally to a cloud database. The Android OS permission subsystem and the broadcast receiver subsystem contribute to form a haven for the spy-ware by granting it absolute control to listen, intercept and track the victim privacy. The second proposed paradigm is a new detection paradigm “medication” based on fuzz testing technique to mitigate known vulnerabilities. In this proposal, anti-spy-ware solution “DroidSmartFuzzer” has been designed. The implementation of the anti-spy-ware application has been used to mitigate the risks of the mentioned attacks. It should be noted that the proposed paradigm “DroidSmart-Fuzzer” and its fuzzing test cases are designed not only to catch the proposed spy-ware application but also to catch any similar malicious application designed to intercept one or more of the listed privacies.
Keywords: Libraries; Malware; Mobile communication; Operating systems; Privacy; Receivers; Smart phones; Android spyware; android smart fuzzer; anti spy-ware; fuzz testing; malware behavior analysis (ID#: 16-10785)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7435516&isnumber=7435496
N. Moorosi and V. Marivate, “Privacy in Mining Crime Data from Social Media: A South African Perspective,” 2015 Second International Conference on Information Security and Cyber Forensics (InfoSec), Cape Town, South Africa, 2015, pp. 171-175. doi:10.1109/InfoSec.2015.7435524
Abstract: Social Media has changed the way we communicate as friends, family and citizens. Social media has allowed individuals with shared interest, regardless of geographical location, to form communities and discussion forums to share tips and tricks of their trade. As a result, platforms such as Twitter and Facebook have become major sources of information for current events and community interests. In this paper we discuss privacy issues related to mining South African crime and public safety incidents from social media posts. The paper touches on matters related to ownership of social media data, privacy preservation challenges when several types of data from different sources can be integrated as well as legal protection of the processing of personal information. Finally, this paper will discuss ethical issues that arise when the data reveals information such as witnesses to a crime.
Keywords: Companies; Data privacy; Facebook; Media; Privacy; Twitter; POPI; anonymity; privacy; social media (ID#: 16-10786)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7435524&isnumber=7435496
F. Parker, J. Ophoff, J. P. Van Belle and R. Karia, “Security Awareness and Adoption of Security Controls by Smartphone Users,” 2015 Second International Conference on Information Security and Cyber Forensics (InfoSec), Cape Town, South Africa, 2015, pp. 99-104. doi:10.1109/InfoSec.2015.7435513
Abstract: Growth in smartphone functionality and adoption makes such devices tempting targets for criminals. The device, but to a greater extent the information it contains, presents a valuable target for attack. It is therefore critical for smartphone users to take precautionary measures against threats, which may come from potential criminals or negligence by the user. Measures include awareness of vulnerabilities and threats as well as adoption of security controls. This study adds to the body of knowledge in this area by empirically exploring these measures. Using a survey approach an analysis of 510 respondents examines security awareness and adoption of security controls. Previous studies claim that smartphone users do not possess good security awareness, which was mostly not the case in our sample. We report on perceived efficacy and adoption of authentication and anti-theft controls, finding several correlations with smartphone OS, language, and gender. We propose that user education using a simple, non-technical design is key to encourage security awareness and adoption of security controls, especially in emerging markets.
Keywords: Authentication; Encryption; Malware; Mobile handsets; Privacy; Software; anti-theft; authentication; security awareness; security controls; smartphone (ID#: 16-10787)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7435513&isnumber=7435496
S. Parker and J. P. Van Belle, “Lifelogging and Lifeblogging: Privacy Issues and Influencing Factors in South Africa,” 2015 Second International Conference on Information Security and Cyber Forensics (InfoSec), Cape Town, South Africa, 2015, pp. 111-117. doi:10.1109/InfoSec.2015.7435515
Abstract: Although blogging has been around for years, lifelogging and lifeblogging takes this technology and behaviour to the next level. Lifelogging is based on portable mini or even disguised devices which can capture and record everything the eye sees. This technology, coupled with the option of posting everything online, offers both benefits and privacy threats. Very few studies have been completed regarding this topic as it is a newly emerging technology, soon to reach South Africa. This study was therefore aimed at finding out if students were willing to accept this technology and behaviour, given both the benefits and disadvantages which it poses. A positivist stance was taken, and survey data was collected in order to test a number of hypotheses. From 232 respondents, a minority was eager to adopt this technology due to the performance and effort expectancy; however, privacy concerns play a major role in negating this decision.
Keywords: Blogs; Cameras; Glass; Internet; Privacy; Sensors; Videos; Lifelogging; UTAUT; lifeblogging; privacy (ID#: 16-10788)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7435515&isnumber=7435496
A. Rabie and U. Handmann, “Biometric for Home Environment Challenges, Modalities and Applications,” Information Technology and Computer Applications Congress (WCITCA), 2015 World Congress on, Hammamet, 2015, pp. 1-4. doi:10.1109/WCITCA.2015.7367059
Abstract: Utilizing biometric traits for privacy-and security-applications is receiving an increasing attention. Applications such as personal identification, access control, forensics applications, e-banking, e-government, e-health and recently personalized human-smart-home and human-robot interaction present some examples. In order to offer person-specific services for/of specific person a pre-identifying step should be done in the run-up. Using biometric in such application is encountered by diverse challenges. First, using one trait and excluding the others depends on the application aimed to. Some applications demand directly touch to biometric sensors, while others don't. Second challenge is the reliability of used biometric arrangement. Civilized application demands lower reliability comparing to the forensics ones. And third, for biometric system could only one trait be used (uni-modal systems) or multiple traits (Bi-or Multi-modal systems). The latter is applied, when systems with a relative high reliability are expected. The main aim of this paper is providing a comprehensive view about biometric and its application. The above mentioned challenges will be analyzed deeply. The suitability of each biometric sensor according to the aimed application will be deeply discussed. Detailed comparison between uni-modal and Multi-modal biometric system will present which system where to be utilized. Privacy and security issues of biometric systems will be discussed too. Three scenarios of biometric application in home-environment, human-robot-interaction and e-health will be presented.
Keywords: biometrics (access control); data privacy; health care; home computing; human-robot interaction; security of data; biometric sensor; biometric system ;e-health; home environment; human-robot-interaction; privacy application; security application; Biomedical imaging; Biometrics (access control); Biosensors; Feature extraction; Reliability; Veins (ID#: 16-10789)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7367059&isnumber=7367013
R. Uda, “Method for Anonymity of Authenticated Messages in SNS,” 2015 World Congress on Sustainable Technologies (WCST), London, 2015, pp. 89-94. doi:10.1109/WCST.2015.7415125
Abstract: Anonymity in SNS is one of the important things for protecting privacy. We proposed a method in which nouns are replaced with other nouns in consideration of semantic relations. For example, some nouns in the sentence “I go to Tokyo University of Technology with Alice“ are replaced such as “I go to university with her.” The method prevents the author from leaking privacy of his/her friends to the third party. Levels of obscurity are decided by the relationship between the author and readers. When the relationship is weaker than that in the example above, the message changes such as “I go to school with a friend.” In the method, proper nouns and some specific nouns are automatically replaced with other appropriate nouns by hi-speed filtering with Bloom filter. We also proposed an additional method in which messages are authenticated. In the method messages are signed with sanitizable signature since some nouns have possibility to be replaced. The combination of the two proposals provides anonymity and integrity and authentication at the same time. However, I found the latter method has vulnerability. If attackers have knowledge of privacy of victims, original nouns can be specified with one hundred percent correctness. Therefore, in this paper, I propose an improve method for anonymity. The method provides perfect obscurity with anonymity although messages are authenticated.
Keywords: data privacy; data structures; digital signatures; social networking (online); Bloom filter; SNS; anonymity method; authenticated message; hi-speed filtering; privacy protection; sanitizable signature; semantic relation; social networking service; Cities and towns; Computer science; Digital forensics; Filtering; Privacy; Public key; Digital Forensics; Information Security; Privacy Protection (ID#: 16-10790)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7415125&isnumber=7414834
O. J. Adebayo, I. ASuleiman, A. Y. Ade, S. O. Ganiyu and I. O. Alabi, “Digital Forensic Analysis for Enhancing Information Security,” Cyberspace (CYBER-Abuja), 2015 International Conference on, Abuja, 2015, pp. 38-44. doi:10.1109/CYBER-Abuja.2015.7360517
Abstract: Digital Forensics is an area of Forensics Science that uses the application of scientific method toward crime investigation. The thwarting of forensic evidence is known as anti-forensics, the aim of which is ambiguous in the sense that it could be bad or good. The aim of this project is to simulate digital crimes scenario and carry out forensic and anti-forensic analysis to enhance security. This project uses several forensics and anti-forensic tools and techniques to carry out this work. The data analyzed were gotten from result of the simulation. The results reveal that although it might be difficult to investigate digital crime but with the help of sophisticated forensic tools/anti-forensics tools it can be accomplished.
Keywords: digital forensics; antiforensic analysis; antiforensic tool; data analysis; digital crime scenario; digital forensic analysis; forensic evidence; forensics science; information security enhancement; Analytical models; Computers; Cyberspace; Digital forensics; Information security; Operating systems; Digital forensic; anti-digital forensic; image acquisition; image integrity; privacy (ID#: 16-10791)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7360517&isnumber=7360499
B. P. Gopularam, S. Dara and N. Niranjan, “Experiments in Encrypted and Searchable Network Audit Logs,” Emerging Information Technology and Engineering Solutions (EITES), 2015 International Conference on, Pune, 2015, pp. 18-22. doi:10.1109/EITES.2015.13
Abstract: We consider the scenario where a consumer can securely outsource their network telemetry data to a Cloud Service Provider and enable a third party to audit such telemetry for any security forensics. Especially we consider the use case of privacy preserving search in network log audits. In this paper we experiment with advances in Identity Based Encryption and Attribute-Based encryption schemes for auditing network logs.
Keywords: cloud computing; cryptography; data privacy; digital forensics; telemetry; attribute-based encryption; cloud service provider; encrypted network audit logs; identity based encryption; network telemetry data; privacy preserving search; searchable network audit logs; security forensics; Encryption; Privacy; Public key; Servers; Telemetry; audit log privacy; identity based encryption; network telemetry (ID#: 16-10792)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7083378&isnumber=7082065
S. Acharya, W. Glenn and M. Carr, “A Grreat Framework for Incident Response in Healthcare,” Bioinformatics and Biomedicine (BIBM), 2015 IEEE International Conference on, Washington, DC, 2015, pp. 776-778. doi:10.1109/BIBM.2015.7359784
Abstract: This research seeks to examine the use of Google Rapid Response (GRR) in the healthcare setting and the general necessity for a more in-depth approach to malware incident response in healthcare organizations in general. GRR is a scalable framework that allows for data to be gathered from many machines at once, through multiple clients, single server architecture, in order to detect incidents of malware or malicious activity. With the increase in malware incidents and the sensitivity of healthcare data, it is important to make sure this information is secure. GRR is examined for its uses in the detection of malware, along with its meeting of HIPAA requirements such as privacy and the detection and notification of breaches (security being handled through the detection of this malware). It was determined that GRR has some great potential within this field, albeit it has some flaws and limitations that should be accounted for before implementing it within a healthcare organization. The biggest issue is making sure that the access control and privacy settings are correctly implemented to prevent a breach of information from GRR itself, due to the power of this tool to allow great access to any of the client computers connected to it.
Keywords: authorisation; client-server systems; data privacy; health care; invasive software; medical administrative data processing; GRR; GRReat framework; Google Rapid Response; HIPAA requirements; access control; client computers; healthcare data sensitivity; healthcare organizations; malicious activity; malware incident response; privacy settings; single server architecture; Forensics; Lead; Monitoring; Servers; GRR; HIPAA; OpenEMR; incident response; malware (ID#: 16-10793)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7359784&isnumber=7359638
A. Rabie and U. Handmann, “Biometrie for Home Environment Challenges, Modalities and Applications,” Information Technology and Computer Applications Congress (WCITCA), 2015 World Congress on, Hammamet, Tunisia, 2015, pp. 1-4. doi:10.1109/WCITCA.2015.7367021
Abstract: Utilizing biometrie traits for privacy- and security-applications is receiving an increasing attention. Applications such as personal identification, access control, forensics appli-cations, e-banking, e-government, e-health and recently person-alized human-smart-home and human-robot interaction present some examples. In order to offer person-specific services for/of specific person a pre-identifying step should be done in the run-up. Using biometric in such application is encountered by diverse challenges. First, using one trait and excluding the others depends on the application aimed to. Some applications demand directly touch to biometric sensors, while others don't. Second challenge is the reliability of used biometric arrangement. Civilized application demands lower reliability comparing to the forensics ones. And third, for biometric system could only one trait be used (uni-modal systems) or multiple traits (Bi- or Multi-modal systems). The latter is applied, when systems with a relative high reliability are expected. The main aim of this paper is providing a comprehensive view about biometric and its application. The above mentioned challenges will be analyzed deeply. The suitability of each biometric sensor according to the aimed application will be deeply discussed. Detailed com-parison between uni-modal and Multi-modal biometric system will present which system where to be utilized. Privacy and security issues of biometric systems will be discussed too. Three scenarios of biometric application in home-environment, human-robot-interaction and e-health will be presented.
Keywords: Biomedical imaging; Biometrics (access control); Biosensors; Feature extraction; Reliability; Veins (ID#: 16-10794)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7367021&isnumber=7367013
Songyang Wu and Yong Zhang, “Secure Logging Monitor Service for Cloud Forensics,” 2015 IEEE 16th International Conference on Communication Technology (ICCT), Hangzhou, 2015, pp. 757-762. doi:10.1109/ICCT.2015.7399942
Abstract: Logs are one of the most important pieces in forensics, which can be leveraged to extract critical evidences or help drastically speed up the investigation. Nevertheless, collecting the logs from cloud infrastructure is extremely difficult, since the investigators almost totally lack of control over the cloud. In this work, we introduce the notion of secure logging monitor service, which is deployed in the cloud and generates integrity proofs of cloud logs in real time. Once a proof entry has been produced, a dishonest cloud service provider (CSP) even colludes with the investigator, can't fake or remove the corresponding logs without being detected. Compared with related works, the proposed scheme can simultaneously meet the most major requirements of cloud forensics, including the integrity of log evidences, privacy protection and low computational burden.
Keywords: cloud computing; data integrity; data privacy; digital forensics; system monitoring; cloud forensics; cloud infrastructure; critical evidence extraction; dishonest cloud service provider; integrity proof integration; log evidence integrity; logs collection; privacy protection; secure logging monitor service; Bismuth; Indexes; Monitoring; Cloud Forensics; Forensic Investigation; Information Security (ID#: 16-10795)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7399942&isnumber=7399781
S. Zafar and M. B. Tiwana, “Discarded Hard Disks: A Treasure Trove for Cybercriminals: A Case Study of Recovered Sensitive Data from a Discarded Hard Disk,” Anti-Cybercrime (ICACC), 2015 First International Conference on, Riyadh, 2015, pp. 1-6. doi:10.1109/Anti-Cybercrime.2015.7351956
Abstract: The modern malware poses serious security threats because of its evolved capability of using staged and persistent attack while remaining undetected over a long period of time to perform a number of malicious activities. The challenge for malicious actors is to gain initial control of the victim's machine by bypassing all the security controls. The most favored bait often used by attackers is to deceive users through a trusting or interesting email containing a malicious attachment or a malicious link. To make the email credible and interesting the cybercriminals often perform reconnaissance activities to find background information on the potential target. To this end, the value of information found on the discarded or stolen storage devices is often underestimated or ignored. In this paper, we present the partial results of analysis of one such hard disk that was purchased from the open market. The data found on the disk contained highly sensitive personal and organizational data. The results from the case study will be useful in not only understanding the involved risk but also creating awareness of related threats.
Keywords: data protection; digital forensics; hard discs; invasive software; unsolicited e-mail; background information; cybercriminals; discarded hard disks; discarded storage devices; e-mail credibility; malicious activities; malicious actors; malicious attachment; malicious link; malware; reconnaissance activities; recovered sensitive data; security controls; security threats; sensitive-personal organizational data; stolen storage devices; trust management; Electronic mail; Hard disks; Malware; Media; Organizations; Software; Advanced Persistent Threat; Cybercrime; Data Recovery; Digital Forensics; Security and Privacy Awareness; Social Network Analysis; Spear-phishing (ID#: 16-10796)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7351956&isnumber=7351910
C. Vielhauer and J. Dittmann, “From Biometric to Forensic Hashing: Challenges in Digital Crime Scene Trace Analysis,” Signal Processing Conference (EUSIPCO), 2015 23rd European, Nice, 2015, pp. 764-768. doi:10.1109/EUSIPCO.2015.7362486
Abstract: The known BioHash concept introduced e.g. for handwriting biometrics offers possibility of template protection or to derive individual keys (e.g. crypto keys for further protection). In our paper we introduce two forensic use cases: (A) the forensic investigation of a BioHash found during digital forensics and (B) the application of the BioHash to latent crime scene traces in digitized forensics. Firstly, we elaborate the design of the BioHash in the known two operation modes with their essential parameter settings. Secondly we analyze, which forensic information can be derived and interpreted from publicly available data by introducing four investigation purposes. Further, we show that the BioHash can be used for a privacy-preserving search or to enhance reproducibility of varying features in crime scene forensics.
Keywords: biometrics (access control); digital forensics; police data processing; BioHash concept; biometric hashing; crime scene forensics; digital crime scene trace analysis; digital forensics; forensic hashing; forensic information; privacy-preserving search; template protection; Error analysis; Forensics; Robustness; Semantics; Sensitivity; TV; Writing; Biometrics; Passive forensic analysis (ID#: 16-10797)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7362486&isnumber=7362087
A. S. Shinde and V. Bendre, “An Embedded Fingerprint Authentication System,” Computing Communication Control and Automation (ICCUBEA), 2015 International Conference on, Pune, 2015, pp. 205-208. doi:10.1109/ICCUBEA.2015.45
Abstract: Fingerprint authentication is one of the most reliable and widely used personal identification method. However, manual fingerprint authentication is tedious, inaccurate, time-consuming and costly that it is not capable of meeting today's increasing performance necessities. An automatic fingerprint authentication system (AFAS) is widely needed. It plays a very essential role in forensic and civilian applications such as criminal identification, access control, and ATM card verification. This paper describes the design and implementation of an Embedded Fingerprint Authentication system which operates in two stages: minutia extraction and minutia matching. The present technological era is demanding reliable and cost-effective personal authentication systems for large number of daily use applications where security and privacy performance of the information is required. Biometrics authentication techniques in combination with embedded systems technologies give a demanding solution to this need. This paper explains the hardware-software co-design responsible for matching two fingerprint minutiae sets and suggests the use of reconfigurable architectures for Automatic Fingerprint Authentication System. Moreover, this paper explains the implementation of a fingerprint algorithm using a Spartan-6FPGA, as an appropriate portable and low cost device. The experimental results show that system meets the response time requirements of Automatic Fingerprint Authentication System with high speed using hardware-software co-design.
Keywords: data privacy; digital forensics; embedded systems; field programmable gate arrays; hardware-software codesign; message authentication; AFAS; ATM card verification; Spartan-6 FPGA; access control; and applications; automatic fingerprint authentication system; biometrics authentication techniques; criminal identification; daily use applications; embedded system; field programmable gate array; fingerprint minutiae sets; forensic applications; hardware-software codesign; manual fingerprint authentication; minutia extraction; minutia matching; personal identification method; privacy performance; reconfigurable architectures; response time requirements; security performance; Authentication; Coprocessors; Databases; Field programmable gate arrays; Fingerprint recognition; Hardware; Portable computers; Biometrics; Embedded system; Reconfigurable; fingerprint; hardware-software co-design; matching; minutia (ID#: 16-10798)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7155835&isnumber=7155781
N. Raza, “Challenges to Network Forensics in Cloud Computing,” 2015 Conference on Information Assurance and Cyber Security (CIACS), Rawalpindi, 2015, pp. 22-29. doi:10.1109/CIACS.2015.7395562
Abstract: The digital forensics refers to the application of scientific techniques in investigation of a crime, specifically to identify or validate involvement of some suspect in an activity leading towards that crime. Network forensics particularly deals with the monitoring of network traffic with an aim to trace some suspected activity from normal traffic or to identify some abnormal pattern in the traffic that may give clue towards some attack. Network forensics, quite valuable phenomenon in investigation process, presents certain challenges including problems in accessing network devices of cloud architecture, handling large amount network traffic, and rigorous processing required to analyse the huge volume of data, of which large proportion may prove to be irrelevant later on. Cloud Computing technology offers services to its clients remotely from a shared pool of resources, as per clients customized requirement, any time, from anywhere. Cloud Computing has attained tremendous popularity recently, leading to its vast and rapid deployment, however Privacy and Security concerns have also increased in same ratio, since data and application is outsourced to a third party. Security concerns about cloud architecture have come up as the prime barrier hindering the major shift of industry towards cloud model, despite significant advantages of cloud architecture. Cloud computing architecture presents aggravated and specific challenges in the network forensics. In this paper, I have reviewed challenges and issues faced in conducting network forensics particularly in the cloud computing environment. The study covers limitations that a network forensic expert may confront during investigation in cloud environment. I have categorized challenges presented to network forensics in cloud computing into various groups. Challenges in each group can be handled appropriately by either Forensic experts, Cloud service providers or Forensic tools whereas leftover challenges are declared as beyond the control.
Keywords: cloud computing; digital control; digital forensics; outsourcing; software architecture; cloud architecture; cloud computing; data outsourcing; data privacy; digital forensics; network forensics; Cloud computing; Computational modeling; Computer architecture; Digital forensics; Security; Telecommunication traffic; challenges to network forensics in cloud; network forensics; network forensics in cloud (ID#: 16-10799)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7395562&isnumber=7395552
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.