Artificial intelligence and UK national security: Policy considerations

RUSI was commissioned by GCHQ to conduct an independent research study into the use of artificial intelligence (AI) for national security purposes. The aim of this project is to establish an independent evidence base to inform future policy development regarding national security uses of AI. The findings are based on in-depth consultation with stakeholders from across the UK national security community, law enforcement agencies, private sector companies, academic and legal experts, and civil society representatives. This was complemented by a targeted review of existing literature on the topic of AI and national security. The research has found that AI offers numerous opportunities for the UK national security community to improve efficiency and effectiveness of existing processes. AI methods can rapidly derive insights from large, disparate datasets and identify connections that would otherwise go unnoticed by human operators. However, in the context of national security and the powers given to UK intelligence agencies, use of AI could give rise to additional privacy and human rights considerations which would need to be assessed within the existing legal and regulatory framework. For this reason, enhanced policy and guidance is needed to ensure the privacy and human rights implications of national security uses of AI are reviewed on an ongoing basis as new analysis methods are applied to data

FACIAL IDENTIFICATION FOR DIGITAL FORENSIC

Forensic facial recognition has become an essential requirement in criminal investigations as a result of the emergence of electronic devices, such as mobile phones and computers, and the huge volume of existing content. Forensic facial recognition goes beyond facial recognition in that it deals with facial images under unconstrained and non-ideal conditions, such as low image resolution, varying facial orientation, poor illumination, a wide range of facial expressions, and the presence of accessories. In addition, digital forensic challenges do not only concern identifying an individual but also include understanding the context, acknowledging the relationships between individuals, tracking, and numbers of advanced questions that help reduce the cognitive load placed on the investigator. This thesis proposes a multi-algorithmic fusion approach by using multiple commercial facial recognition systems to overcome particular weaknesses in singular approaches to obtain improved facial identification accuracy. The advantage of focusing on commercial systems is that they release the forensic team from developing and managing their own solutions and, subsequently, also benefit from state-of-the-art updates in underlying recognition performance. A set of experiments was conducted to evaluate these commercial facial recognition systems (Neurotechnology, Microsoft, and Amazon Rekognition) to determine their individual performance using facial images with varied conditions and to determine the benefits of fusion. Two challenging facial datasets were identified for the evaluation; they represent a challenging yet realistic set of digital forensics scenarios collected from publicly available photographs. The experimental results have proven that using the developed fusion approach achieves a better facial vi identification rate as the best evaluated commercial system has achieved an accuracy of 67.23% while the multi-algorithmic fusion system has achieved an accuracy of 71.6%. Building on these results, a novel architecture is proposed to support the forensic investigation concerning the automatic facial recognition called Facial-Forensic Analysis System (F-FAS). The F-FAS is an efficient design that analyses the content of photo evidence to identify a criminal individual. Further, the F-FAS architecture provides a wide range of capabilities that will allow investigators to perform in-depth analysis that can lead to a case solution. Also, it allows investigators to find answers about different questions, such as individual identification, and identify associations between artefacts (facial social network) and presents them in a usable and visual form (geolocation) to draw a wider picture of a crime. This tool has also been designed based on a case management concept that helps to manage the overall system and provide robust authentication, authorisation, and chain of custody. Several experts in the forensic area evaluated the contributions of theses and a novel approach idea and it was unanimously agreed that the selected research problem was one of great validity. In addition, all experts have demonstrated support for experiments’ results and they were impressed by the suggested F-FAS based on the context of its functions.Republic of Iraq / Ministry of Higher Education and Scientific Research – Baghdad Universit

It’s the Methodology For Me: A Systematic Review of Early Approaches to Studying TikTok

Research on TikTok has grown along with the app’s rapidly rising global popularity. In this systematic review, we investigate 58 articles examining TikTok, its users, and its content. Focusing on articles published in journals and proceedings across the domains of human-computer interaction, communication, and other related disciplines, we analyze the methods being used to study TikTok, as well as ethical considerations. Based on our analysis, we found that research on TikTok tends to use content analysis as their primary method and mainly focus on user behavior and culture, effects of use, the platform’s policies and governance, and very few articles discuss the ethical implications of collecting and analyzing such data. Additionally, most studies employ traditional forms of data collection when the affordances of TikTok tend to differ from other social media platforms. We conclude with a discussion about possible future directions and contribute to ongoing conversations about ethics and social media data

Multimedia Forensics

This book is open access. Media forensics has never been more relevant to societal life. Not only media content represents an ever-increasing share of the data traveling on the net and the preferred communications means for most users, it has also become integral part of most innovative applications in the digital information ecosystem that serves various sectors of society, from the entertainment, to journalism, to politics. Undoubtedly, the advances in deep learning and computational imaging contributed significantly to this outcome. The underlying technologies that drive this trend, however, also pose a profound challenge in establishing trust in what we see, hear, and read, and make media content the preferred target of malicious attacks. In this new threat landscape powered by innovative imaging technologies and sophisticated tools, based on autoencoders and generative adversarial networks, this book fills an important gap. It presents a comprehensive review of state-of-the-art forensics capabilities that relate to media attribution, integrity and authenticity verification, and counter forensics. Its content is developed to provide practitioners, researchers, photo and video enthusiasts, and students a holistic view of the field

A Framework for the Systematic Evaluation of Malware Forensic Tools

Following a series of high profile miscarriages of justice linked to questionable expert evidence, the post of the Forensic Science Regulator was created in 2008 with a remit to improve the standard of practitioner competences and forensic procedures. It has since moved to incorporate a greater level of scientific practice in these areas, as used in the production of expert evidence submitted to the UK Criminal Justice System. Accreditation to their codes of practice and conduct will become mandatory for all forensic practitioners by October 2017. A variety of challenges with expert evidence are explored and linked to a lack of a scientific methodology underpinning the processes followed. In particular, the research focuses upon investigations where malicious software (‘malware’) has been identified. A framework, called the ‘Malware Analysis Tool Evaluation Framework’ (MATEF), has been developed to address this lack of methodology to evaluate software tools used during investigations involving malware. A prototype implementation of the framework was used to evaluate two tools against a population of over 350,000 samples of malware. Analysis of the findings indicated that the choice of tool could impact on the number of artefacts observed in malware forensic investigations as well as identifying the optimal execution time for a given tool when observing malware artefacts. Three different measures were used to evaluate the framework. The first of these evaluated the framework against the requirements and determined that these were largely met. Where the requirements were not met these are attributed to matters either outside scope or the fledgling nature of the research. Another measure used to evaluate the framework was to consider its performance in terms of speed and resource utilisation. This identified scope for improvement in terms of the time to complete a test and the need for more economical use of disk space. Finally, the framework provides a scientific means to evaluate malware analysis tools, hence addressing the Research Question subject to the level at which ground truth is established. A number of contributions are produced as the output of this work. First there is confirmation for the case for a lack of trusted practice in the field of malware forensics. Second, the MATEF itself, as it facilitates the production of empirical evidence of a tool’s ability to detect malware artefacts. A third contribution is a set of requirements for establishing trusted practice in the use of malware artefact detection tools. Finally, empirical evidence that supports both the notion that the choice of tool can impact on the number of artefacts observed in malware forensic investigations as well as identifying the optimal execution time for a given tool when observing malware artefacts

Recent Advances in Forensic Anthropological Methods and Research

Forensic anthropology, while still relatively in its infancy compared to other forensic science disciplines, adopts a wide array of methods from many disciplines for human skeletal identification in medico-legal and humanitarian contexts. The human skeleton is a dynamic tissue that can withstand the ravages of time given the right environment and may be the only remaining evidence left in a forensic case whether a week or decades old. Improved understanding of the intrinsic and extrinsic factors that modulate skeletal tissues allows researchers and practitioners to improve the accuracy and precision of identification methods ranging from establishing a biological profile such as estimating age-at-death, and population affinity, estimating time-since-death, using isotopes for geolocation of unidentified decedents, radiology for personal identification, histology to assess a live birth, to assessing traumatic injuries and so much more

Multimedia Forensics

This book is open access. Media forensics has never been more relevant to societal life. Not only media content represents an ever-increasing share of the data traveling on the net and the preferred communications means for most users, it has also become integral part of most innovative applications in the digital information ecosystem that serves various sectors of society, from the entertainment, to journalism, to politics. Undoubtedly, the advances in deep learning and computational imaging contributed significantly to this outcome. The underlying technologies that drive this trend, however, also pose a profound challenge in establishing trust in what we see, hear, and read, and make media content the preferred target of malicious attacks. In this new threat landscape powered by innovative imaging technologies and sophisticated tools, based on autoencoders and generative adversarial networks, this book fills an important gap. It presents a comprehensive review of state-of-the-art forensics capabilities that relate to media attribution, integrity and authenticity verification, and counter forensics. Its content is developed to provide practitioners, researchers, photo and video enthusiasts, and students a holistic view of the field

Study of Peer-to-Peer Network Based Cybercrime Investigation: Application on Botnet Technologies

The scalable, low overhead attributes of Peer-to-Peer (P2P) Internet protocols and networks lend themselves well to being exploited by criminals to execute a large range of cybercrimes. The types of crimes aided by P2P technology include copyright infringement, sharing of illicit images of children, fraud, hacking/cracking, denial of service attacks and virus/malware propagation through the use of a variety of worms, botnets, malware, viruses and P2P file sharing. This project is focused on study of active P2P nodes along with the analysis of the undocumented communication methods employed in many of these large unstructured networks. This is achieved through the design and implementation of an efficient P2P monitoring and crawling toolset. The requirement for investigating P2P based systems is not limited to the more obvious cybercrimes listed above, as many legitimate P2P based applications may also be pertinent to a digital forensic investigation, e.g, voice over IP, instant messaging, etc. Investigating these networks has become increasingly difficult due to the broad range of network topologies and the ever increasing and evolving range of P2P based applications. In this work we introduce the Universal P2P Network Investigation Framework (UP2PNIF), a framework which enables significantly faster and less labour intensive investigation of newly discovered P2P networks through the exploitation of the commonalities in P2P network functionality. In combination with a reference database of known network characteristics, it is envisioned that any known P2P network can be instantly investigated using the framework, which can intelligently determine the best investigation methodology and greatly expedite the evidence gathering process. A proof of concept tool was developed for conducting investigations on the BitTorrent network.Comment: This is a thesis submitted in fulfilment of a PhD in Digital Forensics and Cybercrime Investigation in the School of Computer Science, University College Dublin in October 201

A Comprehensive Review on Adaptability of Network Forensics Frameworks for Mobile Cloud Computing

Network forensics enables investigation and identification of network attacks through the retrieved digital content. The proliferation of smartphones and the cost-effective universal data access through cloud has made Mobile Cloud Computing (MCC) a congenital target for network attacks. However, confines in carrying out forensics in MCC is interrelated with the autonomous cloud hosting companies and their policies for restricted access to the digital content in the back-end cloud platforms. It implies that existing Network Forensic Frameworks (NFFs) have limited impact in the MCC paradigm. To this end, we qualitatively analyze the adaptability of existing NFFs when applied to the MCC. Explicitly, the fundamental mechanisms of NFFs are highlighted and then analyzed using the most relevant parameters. A classification is proposed to help understand the anatomy of existing NFFs. Subsequently, a comparison is given that explores the functional similarities and deviations among NFFs. The paper concludes by discussing research challenges for progressive network forensics in MCC

A Comprehensive Review on Adaptability of Network Forensics Frameworks for Mobile Cloud Computing

Network forensics enables investigation and identification of network attacks through the retrieved digital content. The proliferation of smartphones and the cost-effective universal data access through cloud has made Mobile Cloud Computing (MCC) a congenital target for network attacks. However, confines in carrying out forensics in MCC is interrelated with the autonomous cloud hosting companies and their policies for restricted access to the digital content in the back-end cloud platforms. It implies that existing Network Forensic Frameworks (NFFs) have limited impact in the MCC paradigm. To this end, we qualitatively analyze the adaptability of existing NFFs when applied to the MCC. Explicitly, the fundamental mechanisms of NFFs are highlighted and then analyzed using the most relevant parameters. A classification is proposed to help understand the anatomy of existing NFFs. Subsequently, a comparison is given that explores the functional similarities and deviations among NFFs. The paper concludes by discussing research challenges for progressive network forensics in MCC