Developing a Proactive Framework for E-Discovery Compliance

The purpose of this document is to provide Information Systems Management an awareness of a compliance risk associated with the management of electronic data. The changes to the Federal Rules of Civil Procedure in 2006 make electronic data discoverable as evidence for civil court cases introducing the need for proactive management of end user data beyond the data that a particular form of legislation may require. Leveraging existing forensic data collection processes and raising the awareness of the problem and risk to the organization will provide a level of assurance for compliance should the data be requested in a civil trial. This project analyzed the current state that existed for businesses and organizations, the actual risk and precedence that has been set, and determines the current state of awareness and readiness that businesses have for this problem. The project then offers a solution to this problem that will aid in reducing the risk and hardship an organization could face when electronic data is requested. Finally, this project presents the results of actual testing of the proposed solution in a real world business enterprise

The Advanced Framework for Evaluating Remote Agents (AFERA): A Framework for Digital Forensic Practitioners

Digital forensics experts need a dependable method for evaluating evidence-gathering tools. Limited research and resources challenge this process and the lack of multi-endpoint data validation hinders reliability in distributed digital forensics. A framework was designed to evaluate distributed agent-based forensic tools while enabling practitioners to self-evaluate and demonstrate evidence reliability as required by the courts. Grounded in Design Science, the framework features guidelines, data, criteria, and checklists. Expert review enhances its quality and practicality

A Framework for Identifying Host-based Artifacts in Dark Web Investigations

The dark web is the hidden part of the internet that is not indexed by search engines and is only accessible with a specific browser like The Onion Router (Tor). Tor was originally developed as a means of secure communications and is still used worldwide for individuals seeking privacy or those wanting to circumvent restrictive regimes. The dark web has become synonymous with nefarious and illicit content which manifests itself in underground marketplaces containing illegal goods such as drugs, stolen credit cards, stolen user credentials, child pornography, and more (Kohen, 2017). Dark web marketplaces contribute both to illegal drug usage and child pornography. Given the fundamental goal of privacy and anonymity, there are limited techniques for finding forensic artifacts and evidence files when investigating misuse and criminal activity in the dark web. Previous studies of digital forensics frameworks reveal a common theme of collection, examination, analysis, and reporting. The existence and frequency of proposed frameworks demonstrate the acceptance and utility of these frameworks in the field of digital forensics. Previous studies of dark web forensics have focused on network forensics rather than hostbased forensics. macOS is the second most popular operating system after Windows (Net Marketshare, n.d.); however, previous research has focused on the Windows operating system with little attention given to macOS forensics. This research uses design science methodology to develop a framework for identifying host-based artifacts during a digital forensic investigation involving suspected dark web use. Both the Windows operating system and macOS are included with the expected result being a reusable, comprehensive framework that is easy to follow and assists investigators in finding artifacts that are designed to be hidden or otherwise hard to find. The contribution of this framework will assist investigators in identifying evidence in cases where the user is suspected of accessing the dark web for criminal intent when little or no other evidence of a crime is present. The artifact produced for this research, The Dark Web Artifact Framework, was evaluated using three different methods to ensure that it met the stated goals of being easy to follow, considering both Windows and macOS operating systems, considering multiple ways of accessing the dark web, and being adaptable to future platforms. The methods of evaluation v included experimental evaluation conducted using a simulation of the framework, comparison of a previously worked dark web case using the created framework, and the expert opinion of members of the South Dakota Internet Crimes Against Children taskforce (ICAC) and the Division of Criminal Investigation (DCI). A digital component can be found in nearly every crime committed today. The Dark Web Artifact Framework is a reusable, paperless, comprehensive framework that provides investigators with a map to follow to locate the necessary artifacts to determine if the system being investigated has been used to access the dark web for the purpose of committing a crime. In the creation of this framework, a process itself was created that will contribute to future works. The yes/no, if/then structure of the framework is adaptable to fit with workflows in any area that would benefit from a recurring process

TOWARDS ARTIFICIAL NEURAL NETWORK MODEL TO DIAGNOSE THYROID PROBLEMS

Medical diagnosis can be viewed as a pattern classification problem: based a set of input features the goal is to classify a patient as having a particular disorder or as not having it. Thyroid hormone problems are the most prevalent problems nowadays. In this paper an artificial neural network approach is developed using a back propagation algorithm in order to diagnose thyroid problems. It gets a number of factors as input and produces an output which gives the result of whether a person has the problem or is healthy. It is found that back propagation algorithm is proved to be having high sensitivity and specificity

Cybersecurity & Ethics for Lawyers in Plain English

Meeting proceedings of a seminar by the same name, held April 26, 2022

Evaluating the Applicability of a Use Value-Based File Retention Method

A well constructed file retention policy can help a company determine the relative value and the corresponding retrieval service level of the different files it owns. Though such a retention policy is useful, the method one can use to arrive at such a policy is under-researched. This paper discusses how one can arrive at a method (based on a systematic literature review) for developing file retention policies based on use values of files. In the case study, we demonstrate how one can develop a file retention policy by testing of causal relations between file retention policy parameters and the use value of files. This case study shows that, contrary to suggestions of previous research, the file type has no significant causal relation with the value of a file and thus should be excluded from a retention policy in this case. The case study also shows that there is a strong causal relation between the position of a user of a file and the value of this file. Furthermore, we have amended an existing subjective file valuation method, namely, the Information Value Questionnaire (IVQ). However, to make file retention methods effective and reliable a substantially more case experiences need to be collected

The Quest for Appropriate Remedies in the Microsoft Antitrust EU Cases: A Comparative Appraisal

The Microsoft cases in the United States and in Europe have been influential in determining the contours of the substantive liability standards for dominant firms in US antitrust law and in EC Competition law. The competition law remedies that were adopted, following the finding of liability, seem, however, to constitute the main measure for the “success” of the case(s). An important disagreement exists between those arguing that the remedies put in place failed to address the roots of the competition law violation identified in the liability decision and others who advance the view that the remedies were far-reaching and that their alleged failure demonstrates the weakness of the liability claim. This study evaluates these claims by examining the variety of remedies that were finally imposed in the European Microsoft cases, from a comparative perspective. The study begins with a discussion of the roots of the Microsoft issues in Europe and the consequent choice of a remedial approach by the Commission and the Court. It then explores the effectiveness of the remedies in achieving the aims that were set. The non-consideration of the structural remedy in the European case and the pros and cons of developing such a remedy in the future are briefly discussed before more emphasis is put on alternative remedies (competition and non-competition law ones) that have been suggested in the literature. The study concludes by discussing the fit between the remedy and the theory of consumer harm that led to the finding of liability and questions a total dissociation between the two. We believe that it is important to think seriously about potential remedies before litigation begins. However, we do not require an ex ante identification of an appropriate remedy by the plaintiffs, since this could lead to underenforcement or overenforcement.antitrust, remedies, Microsoft, complementarity, innovation, efficiency, monopoly, oligopoly, media player, interoperability, Internet browser

Documentation Assessment of the Diebold Voting System

The California Secretary of State commissioned a comprehensive, independent evaluation of the electronic voting systems certified for use within the State. This team, working as part of the “Top to Bottom” Review (“TTBR”), evaluated the documentation supplied by Diebold Election System, Inc

Enhanced Version Control for Unconventional Applications

The Extensible Markup Language (XML) is widely used to store, retrieve, and share digital documents. Recently, a form of Version Control System has been applied to the language, resulting in Version-Aware XML allowing for enhanced portability and scalability. While Version Control Systems are able to keep track of changes made to documents, we think that there is untapped potential in the technology. In this dissertation, we present novel ways of using Version Control System to enhance the security and performance of existing applications. We present a framework to maintain integrity in offline XML documents and provide non-repudiation security features that are independent of central certificate repositories. In addition, we use Version Control information to enhance the performance of Automated Policy Enforcement eXchange framework (APEX), an existing document security framework developed by Hewlett-Packard (HP) Labs. Finally, we present an interactive and scalable visualization framework to represent Version-Aware-related data that helps users visualize and understand version control data, delete specific revisions of a document, and access a comprehensive overview of the entire versioning history