Machine Learning based Information Forensics from Smart Sources

University of Technology Sydney. Faculty of Engineering and Information Technology.We live in a world that connects, socializes and interacts using internet. Humans generate tons of information on daily basis, according to Forbes 2.5 quintillion bytes of data is created each day in year 2018. The data creation pace is continuously accelerating with the growth of the Internet of Things (IoT). Extensive social media usage fuels data creation which is primarily generated from mobile phones. In the present scenario, data is the asset and this asset is extremely vulnerable. In our research work we utilized these data sources to aid digital forensics investigation. Due to our technology engulfed lifestyle, we leave a lot of information about ourselves during our routine activities. These traces are used by the wrongdoers for their vicious objectives but also these traces can be used by investigators to understand any incident and to penalize the delinquents. Forensics investigators face challenges with a huge amount of data during investigations. Whether the data source is an online social network, a smart phone or an IOT based environment, huge amount of data adds complexity and delay to forensics investigation. To contribute to the forensics investigation we propose the use of machine learning for forensics data analysis. Forensics investigation is a three-phase process including data acquisition, data analysis and presentation. Our research focuses on the first two phases of the forensics investigation cycle i.e. data collection and data analysis. This thesis discusses following research achievements: 1. Data acquisition from smart sources for forensic information especially for IoT 2. Machine learning based data analysis to extract forensic artefacts 3. IoT forensics framework (acquisition and analysis phase) implementation This thesis is segmented based on the three data sources for data analysis namely online social networks, smart phones and sensor-based networks (IoT). Using IoT based data this thesis proposes a scheme SACIFS (Smart aged care information forensics) for IoT forensic feature extraction and data analysis of elderly patients monitored in a nursing home environment. We developed our machine learning model based on Support Vector Machine to detect an incident and highlight relevant forensic artefacts. We used smart phone data in Digital Forensic Intelligence Analysis Cycle framework to identify strongly connected contacts during triage phase. We classified the contacts of a smart phone user with respect to their closeness, extracted from the data features from Facebook messenger. Moreover, utilizing publically available Online Social Network, we analysed multiple tools to collect, analyse and visualize data from Facebook pages and groups

Cyber security investigation for Raspberry Pi devices

Big Data on Cloud application is growing rapidly. When the cloud is attacked, the investigation relies on digital forensics evidence. This paper proposed the data collection via Raspberry Pi devices, in a healthcare situation. The significance of this work is that could be expanded into a digital device array that takes big data security issues into account. There are many potential impacts in health area. The field of Digital Forensics Science has been tagged as a reactive science by some who believe research and study in the field often arise as a result of the need to respond to event which brought about the needs for investigation; this work was carried as a proactive research that will add knowledge to the field of Digital Forensic Science. The Raspberry Pi is a cost-effective, pocket sized computer that has gained global recognition since its development in 2008; with the wide spread usage of the device for different computing purposes. Raspberry Pi can potentially be a cyber security device, which can relate with forensics investigation in the near future. This work has used a systematic approach to study the structure and operation of the device and has established security issues that the widespread usage of the device can pose, such as health or smart city. Furthermore, its evidential information applied in security will be useful in the event that the device becomes a subject of digital forensic investigation in the foreseeable future. In healthcare system, PII (personal identifiable information) is a very important issue. When Raspberry Pi plays a processor role, its security is vital; consequently, digital forensics investigation on the Raspberry Pies becomes necessary

Investigating the tension between cloud-related actors and individual privacy rights

Historically, little more than lip service has been paid to the rights of individuals to act to preserve their own privacy. Personal information is frequently exploited for commercial gain, often without the person’s knowledge or permission. New legislation, such as the EU General Data Protection Regulation Act, has acknowledged the need for legislative protection. This Act places the onus on service providers to preserve the confidentiality of their users’ and customers’ personal information, on pain of punitive fines for lapses. It accords special privileges to users, such as the right to be forgotten. This regulation has global jurisdiction covering the rights of any EU resident, worldwide. Assuring this legislated privacy protection presents a serious challenge, which is exacerbated in the cloud environment. A considerable number of actors are stakeholders in cloud ecosystems. Each has their own agenda and these are not necessarily well aligned. Cloud service providers, especially those offering social media services, are interested in growing their businesses and maximising revenue. There is a strong incentive for them to capitalise on their users’ personal information and usage information. Privacy is often the first victim. Here, we examine the tensions between the various cloud actors and propose a framework that could be used to ensure that privacy is preserved and respected in cloud systems

Security Analysis of the Internet of Things Using Digital Forensic and Penetration Testing Tools

We exist in a universe where everything is related to the internet or each other like smart TVs, smart telephones, smart thermostat, cars and more. Internet of Things has become one of the most talked about technologies across the world and its applications range from the control of home appliances in a smart home to the control of machines on the production floor of an industry that requires less human intervention in performing basic daily tasks. Internet of Things has rapidly developed without adequate attention given to the security and privacy goals involved in its design and implementation. This document contains three research projects all centered on how to improve user\u27s data privacy and security in the Internet of Things. The first research provides a detailed analysis of the Internet of Things architecture, some security vulnerabilities, and countermeasures. We went on to discuss some solutions to these issues and presented some available Internet of Things simulators that could be used to test Internet of Things systems. In the second research, we explored privacy and security challenges faced by consumers of smart devices in this case we used an Amazon Echo Dot as our case study. During this research, we were able to compare two different digital forensic tools to see which performed better at extracting information from the device and if the device observes best practices for user data privacy. In the third research project, we used a tool called GATTacker to exploit security vulnerabilities of a Bluetooth Low Energy device and provide security awareness to users