Forensicast: A Non-intrusive Approach & Tool for Logical Forensic Acquisition & Analysis of the Google Chromecast TV

The era of traditional cable Television (TV) is swiftly coming to an end. People today subscribe to a multitude of streaming services. Smart TVs have enabled a new generation of entertainment, not only limited to constant on-demand streaming as they now offer other features such as web browsing, communication, gaming etc. These functions have recently been embedded into a small IoT device that can connect to any TV with High Definition Multimedia Interface (HDMI) input known as Google Chromecast TV. Its wide adoption makes it a treasure trove for potential digital evidence. Our work is the primary source on forensically interrogating Chromecast TV devices. We found that the device is always unlocked, allowing extraction of application data through the backup feature of Android Debug Bridge (ADB) without device root access. We take advantage of this minimal access and demonstrate how a series of artifacts can stitch together a detailed timeline, and we automate the process by constructing Forensicast – a Chromecast TV forensic acquisition and timelining tool. Our work targeted (n=112) of the most popular Android TV applications including 69% (77/112) third party applications and 31% (35/112) system applications. 65% (50/77) third party applications allowed backup, and of those 90% (45/50) contained time-based identifiers, 40% (20/50) invoked some form of logs/activity monitoring, 50% (25/50) yielded some sort of token/cookie, 8% (4/50) resulted in a device ID, 26% (13/50) produced a user ID, and 24% (12/50) created other information. 26% (9/35) system applications provided meaningful artifacts, 78% (7/9) provided time based identifiers, 22% (2/9) involved some form of logs/activity monitoring, 22% (2/9) yielded some form of token/cookie data, 22% (2/9) resulted in a device ID, 44% (4/9) provided a user ID, and 33% (3/9) created other information. Our findings also illustrated common artifacts found in applications that are related to developer and advertising utilities, mainly WebView, Firebase, and Facebook Analytics. Future work and open research problems are shared

Looking towards the future: the changing nature of intrusive surveillance and technical attacks against high-profile targets

In this thesis a novel Bayesian model is developed that is capable of predicting the probability of a range of eavesdropping techniques deployed, given an attacker's capability, opportunity and intent. Whilst limited attention by academia has focused on the cold war activities of Soviet bloc and Western allies' bugging of embassies, even less attention has been paid to the changing nature of the technology used for these eavesdropping events. This thesis makes four contributions: through the analysis of technical eavesdropping events over the last century, technological innovation is shown to have enriched the eavesdropping opportunities for a range of capabilities. The entry barrier for effective eavesdropping is lowered, while for the well resourced eavesdropper, the requirement for close access has been replaced by remote access opportunities. A new way to consider eavesdropping methods is presented through the expert elicitation of capability and opportunity requirements for a range of present-day eavesdropping techniques. Eavesdropping technology is shown to have life-cycle stages with the technology exploited by different capabilities at different times. Three case studies illustrate that yesterday’s secretive government method becomes today’s commodity. The significance of the egress transmission path is considered too. Finally, by using the expert elicitation information derived for capability, opportunity and life-cycle position, for a range of eavesdropping techniques, it is shown that it is possible to predict the probability of particular eavesdropping techniques being deployed. This novel Bayesian inferencing model enables scenarios with incomplete, uncertain or missing detail to be considered. The model is validated against the previously collated historic eavesdropping events. The development of this concept may be scaled with additional eavesdropping techniques to form the basis of a tool for security professionals or risk managers wishing to define eavesdropping threat advice or create eavesdropping policies based on the rigour of this technological study.Open Acces

Unmanned Systems Sentinel / 3 June 2016

Approved for public release; distribution is unlimited

A Curriculum guide for public-safety and emergency-response workers: prevention of transmission of human immunodeficiency virus and hepatitis B virus

"A course of study was designed to train and educate public safety workers and emergency medical workers who may be exposed to human- immunodeficiency-virus (HIV) and hepatitis-B-virus (HBV) during the execution of their jobs. Federal guidelines for preventing occupational transmission of HIV and HBV among worker groups were incorporated into the curriculum. The guide contained information useful to those responsible for offering training including such items as scheduling, involving others in the process, preparation, setting a climate for learning, and ways to evaluate the effectiveness of the training. Information was provided concerning precautionary measures and protective equipment. A section was devoted to case studies which described workplace situations and issues that may challenge public safety workers and emergency care providers. The case studies included the provision of emergency services under the following circumstances: auto accidents, stabbings, house fires, nursing home patients, man with labored breathing, swimming accident, stomach pains, barroom fight, shots fired, drug bust, man falls down, violent male outside house, gay rights rally, inmate collapses, inmate claims to have acquired immune deficiency syndrome (AIDS), intravenous drug search, job injury, and an HIV infected fellow employee. Resource equipment and information is listed for fire fighters, law enforcement officers, emergency medical technicians and paramedics, and corrections personnel. General information on HIV, HBV, and AIDS is also provided." - NIOSHTIC-2Tips for trainers -- Preventing HIV & HBV transmission (lecture outline) -- Case studies -- Resources -- Guidelines for prevention of transmission of human immunodeficiency virus and hepatitis B virus to health-care and public-safety workers : a response to P.L. 100-607, the Health omnibus programs extension act of 1988."February 1989."Also available via the World Wide Web.Includes bibliographical references

Virtual reality forensics: forensic analysis of Meta Quest 2

The Meta Quest 2 is one of the most popular Virtual Reality (VR) entertainment headsets to date. The headset, developed by Meta Platforms Inc., immerses the user in a completely simulated environment. Some VR environments can be shared over the Internet to allow users to communicate and interact with one another and share their experiences. Unfortunately, the safety of these VR environments cannot always be guaranteed, generating a risk that users may be exposed to illicit online behaviour in the form of online harassment, grooming, and cyberbullying. Therefore, forensic examiners must be able to conduct sound forensic analysis of VR headsets to investigate these criminal investigations. In this study, we conduct digital forensic acquisition and analysis of the Meta Quest 2 VR headset. Analysis of the forensic image exemplified that there were several digital artefacts relating to user activities, device information and stored digital artefacts that can be extracted in a forensically sound manner. The main contributions of this study include a detailed description of the forensic acquisition process, identification of internal file storage locations, and recovery and analysis of digital artefacts that can be used to aid VR forensic investigations

Not So Elementary: An Examination of Trends in a Century of Sherlock Holmes Adaptations

This study examines changes over time in 40 different Sherlock Holmes films and 39 television series and movies spanning from 1900 to 2017. Quantitative observations were mixed with a qualitative examination. Perceptions of law enforcement became more positive over time, the types of crime did not vary, and representation of race and gender improved over time with incrementally positive changes in the representation of queer, mentally ill, and physically handicapped individuals. The exact nature of these trends is discussed. Additionally, the trends of different decades are explored and compared. Sherlock Holmes is mostly used as a vehicle for storytelling rather than for the salacious crimes that he solves, making the identification of perceptions of crime in different decades difficult. The reasons for why different Sherlock Holmes projects were created in different eras and for different purposes are discussed

Resurgence and renovation : the contemporary English country house novel after 2000

PhD ThesisThis thesis examines the resurgence of the English country house novel since 2000 as part of the growing popularity of the country house setting in contemporary British culture. In the context of economic recession, growing English nationalism, and a Conservative-led government accused of producing a ‘Downton Abbey-style society’, country house texts are often dismissed as nostalgic for a conservative social order. This study reclaims the English country house novel from this critical dismissal, stressing the genre’s political ambivalence. While readings of the country house resurgence are mostly played out through the media’s reaction to television programmes, my research provides a detailed and comparative examination of literary texts currently missing from the debate. I situate Ian McEwan’s Atonement (2001), Sally Beauman’s Rebecca’s Tale (2001), Toby Litt’s Finding Myself (2003), Wesley Stace’s Misfortune (2005), Diane Setterfield’s The Thirteenth Tale (2006), Sarah Waters’s The Little Stranger (2009), and Alan Hollinghurst’s The Stranger’s Child (2011) within a wider body of discourse on the country house, exploring the contemporary relevance and cultural value of the setting. It is my contention that the English country house novel self-consciously negotiates its growing popularity in contemporary culture. In chapter one, I argue that the recent shift from material to textual inheritance in the genre is a way of reclaiming voices traditionally excluded from the canonical house of fiction. In chapter two, I examine the ideological significance of detail in the country house aesthetic. In chapter three, I explore how the generic preoccupation with authenticity is used to negotiate cultural value. Finally in chapter four, I assert that the trope of ruin signifies an evaluation of the contemporary currency of the country house setting. As such, I suggest that the genre, like the houses it depicts, is undergoing reformation

Virtual reality forensics: Forensic analysis of Meta Quest 2

The Meta Quest 2 is one of the most popular Virtual Reality (VR) entertainment headsets to date. The headset, developed by Meta Platforms Inc., immerses the user in a completely simulated environment. Some VR environments can be shared over the Internet to allow users to communicate and interact with one another and share their experiences. Unfortunately, the safety of these VR environments cannot always be guaranteed, generating a risk that users may be exposed to illicit online behaviour in the form of online harassment, grooming, and cyberbullying. Therefore, forensic examiners must be able to conduct sound forensic analysis of VR headsets to investigate these criminal investigations. In this study, we conduct digital forensic acquisition and analysis of the Meta Quest 2 VR headset. Analysis of the forensic image exemplified that there were several digital artefacts relating to user activities, device information and stored digital artefacts that can be extracted in a forensically sound manner. The main contributions of this study include a detailed description of the forensic acquisition process, identification of internal file storage locations, and recovery and analysis of digital artefacts that can be used to aid VR forensic investigations