Apr 082013
 
Automated Network Traige

In many police investigations today, computer systems are somehow involved. The number and capacity of computer systems needing to be seized and examined is increasing, and in some cases it may be necessary to quickly find a single computer system within a large number of computers in a network. To investigate potential evidence from a […]

Apr 082013
 
DigitalFIRE Virtual Cloud Environment

The Digital Forensic Investigation Research Laboratory conducts a lot of research on Cloud environments. However, Cloud environments can sometimes be cumbersome to create and configure, taking time away from testing and research. In order to streamline this process, DigitalFIRE has created a virtualised Cloud environment for Cloud security and investigation researchers. By virtualising Cloud components, this allows researchers […]

Apr 042013
 
What is Cybersecurity?

Last week, a number of Korean organizations fell victim to cyber attacks. This has prompted discussions about cybersecurity in Korea, and while following this issue I’ve realized that Korea’s main challenge appears to be understanding what cybersecurity actually is. From many of the discussions, representatives from various organizations appear to believe that security is a […]

Mar 262013
 
Legal Protest and Distributed Denial of Service

The United States government, via the “We the People” portal (petitions.whitehouse.gov), was petitioned by Dylan K. [1] to “Make, distributed denial-of-service (DDoS), a legal form of protest”. The petition states that: With the advance in [Internet technology], comes new grounds for protesting. Distributed denial-of-service (DDoS), is not any form of hacking in any way. It […]

Mar 192013
 
Digital Forensic Investigation and Cloud Computing

Earlier this year, researchers from the Digital Forensic Investigation Research Group had a chapter published in the book “Cybercrime and Cloud Forensics: Applications for Investigation Processes“.  There were contributions from authors discussing practical as well as theoretical aspects of digital crime, investigation, side channel attacks, law, international cooperation, and the future of crime and Cloud […]

Feb 272013
 
Signature Based Detection of User Events for Post-Mortem Forensic Analysis

The concept of signatures is used in many fields, normally for the detection of some sort of pattern. For example, antivirus and network intrusion detection systems sometimes implement signature matching to attempt to differentiate legitimate code or network traffic from malicious data. The principle of these systems that that within a given set of data, malicious data […]

Feb 192013
 
Lectures in Mathematics for Digital Forensic Researchers

Digital forensics is a very practical discipline that addresses the needs of every day investigations. Whether deleted data needs to be recovered or the suspect’s  photographs need to be attributed to the suspect’s photo camera – forensic analyst has to do whatever it takes to advance the investigation. There is rarely any time to think […]

Feb 022013
 
The Digital Investigation Process

Everyday new ideas all around the world are born. By the start of the new millennium the race was on, as everyone and their brother realized how potent technology was to their future. And now as we move into the second decade of the millennium, technological advancements became one of the pillars of a nation. […]

 Posted by at 6:08 am
Nov 082012
 
Social Media and Intelligence Gathering

Online social media has changed the way many people, businesses and even governments interact with each other. Because of Twitter’s popularity and its ability to broadcast small pieces of information to a large number of people, it is an effective form of mass communication. However, ease in communication that allows the public to freely communicate […]

Oct 042012
 
Evasion-Resistant Malware Signature Based on Profiling Kernel Data Structure Objects

Malware creators are continually looking for new methods to evade malware detection engines. A popular evasion method is based on malicious code obfuscation that changes the syntax of the code while preserving its execution semantics. If the malware signature relies on the syntactic features of the malicious code, it can be evaded by obfuscation techniques. In this […]