Proceedings of the 15th Australian Digital Forensics Conference, 5-6 December 2017, Edith Cowan University, Perth, Australia

Conference Foreword This is the sixth year that the Australian Digital Forensics Conference has been held under the banner of the Security Research Institute, which is in part due to the success of the security conference program at ECU. As with previous years, the conference continues to see a quality papers with a number from local and international authors. 8 papers were submitted and following a double blind peer review process, 5 were accepted for final presentation and publication. Conferences such as these are simply not possible without willing volunteers who follow through with the commitment they have initially made, and I would like to take this opportunity to thank the conference committee for their tireless efforts in this regard. These efforts have included but not been limited to the reviewing and editing of the conference papers, and helping with the planning, organisation and execution of the conference. Particular thanks go to those international reviewers who took the time to review papers for the conference, irrespective of the fact that they are unable to attend this year. To our sponsors and supporters a vote of thanks for both the financial and moral support provided to the conference. Finally, to the student volunteers and staff of the ECU Security Research Institute, your efforts as always are appreciated and invaluable. Yours sincerely, Conference ChairProfessor Craig ValliDirector, Security Research Institute Congress Organising Committee Congress Chair: Professor Craig Valli Committee Members: Professor Gary Kessler – Embry Riddle University, Florida, USA Professor Glenn Dardick – Embry Riddle University, Florida, USA Professor Ali Babar – University of Adelaide, Australia Dr Jason Smith – CERT Australia, Australia Associate Professor Mike Johnstone – Edith Cowan University, Australia Professor Joseph A. Cannataci – University of Malta, Malta Professor Nathan Clarke – University of Plymouth, Plymouth UK Professor Steven Furnell – University of Plymouth, Plymouth UK Professor Bill Hutchinson – Edith Cowan University, Perth, Australia Professor Andrew Jones – Khalifa University, Abu Dhabi, UAE Professor Iain Sutherland – Glamorgan University, Wales, UK Professor Matthew Warren – Deakin University, Melbourne Australia Congress Coordinator: Ms Emma Burk

Security, Privacy and Steganographic Analysis of FaceApp and TikTo

Article originally published in International Journal of Computer Science and SecuritySmartphone applications (Apps) can be addictive for users due to their uniqueness, ease-of-use, trendiness, and growing popularity. The addition of Artificial Intelligence (AI) into their functionality has rapidly gained popularity with smartphone users. Over the years, very few smartphone Apps have quickly gained immense popularity like FaceApp and TikTok. FaceApp boasts of using AI to transform photos of human faces using its powerful facial recognition capabilities. FaceApp has been the target of ensuing backlash against it driving the market for a number of other similar yet lesser-known clones into the top ranks of the App stores. TikTok offers video editing and sharing of short video clips whereby making them charming, funny, cringe-inducing, and addictive to the younger generation. FaceApp and TikTok have been the targets of the media, privacy watchdogs, and governments over worries of privacy, ethnicity filters, data misuse, anti-forensics, and security. In this paper, the authors forensically review FaceApp and TikTok Apps from the Android Play Store, for their data ownership, data management, privacy concerns, steganographic use, and overall security posture

Mobile app with steganography functionalities

[Abstract]: Steganography is the practice of hiding information within other data, such as images, audios, videos, etc. In this research, we consider applying this useful technique to create a mobile application that lets users conceal their own secret data inside other media formats, send that encoded data to other users, and even perform analysis to images that may have been under a steganography attack. For image steganography, lossless compression formats employ Least Significant Bit (LSB) encoding within Red Green Blue (RGB) pixel values. Reciprocally, lossy compression formats, such as JPEG, utilize data concealment in the frequency domain by altering the quantized matrices of the files. Video steganography follows two similar methods. In lossless video formats that permit compression, the LSB approach is applied to the RGB pixel values of individual frames. Meanwhile, in lossy High Efficient Video Coding (HEVC) formats, a displaced bit modification technique is used with the YUV components.[Resumo]: A esteganografía é a práctica de ocultar determinada información dentro doutros datos, como imaxes, audio, vídeos, etc. Neste proxecto pretendemos aplicar esta técnica como visión para crear unha aplicación móbil que permita aos usuarios ocultar os seus propios datos secretos dentro doutros formatos multimedia, enviar eses datos cifrados a outros usuarios e mesmo realizar análises de imaxes que puidesen ter sido comprometidas por un ataque esteganográfico. Para a esteganografía de imaxes, os formatos con compresión sen perdas empregan a codificación Least Significant Bit (LSB) dentro dos valores Red Green Blue (RGB) dos seus píxeles. Por outra banda, os formatos de compresión con perdas, como JPEG, usan a ocultación de datos no dominio de frecuencia modificando as matrices cuantificadas dos ficheiros. A esteganografía de vídeo segue dous métodos similares. En formatos de vídeo sen perdas, o método LSB aplícase aos valores RGB de píxeles individuais de cadros. En cambio, nos formatos High Efficient Video Coding (HEVC) con compresión con perdas, úsase unha técnica de cambio de bits nos compoñentes YUV.Traballo fin de grao (UDC.FIC). Enxeñaría Informática. Curso 2022/202

Human visual based perception of steganographic images

In 2014 it was estimated that 1.8 billion images were uploaded daily to the Internet, and in 2018 it is estimated that 3.2 billion images are shared daily. Some of these uploaded images may contain hidden information that can potentially be malicious (e.g. an image that contains hidden information regarding terrorism recruitment) or may cause serious damage (e.g. an employee wishing to hide sensitive company details in an image file and exporting the image to third parties). This research studied the most effective methods in manipulating images to hide information (Data Loss). Significant work has been done on computational algorithmic detection. Yet the desired output from this work was to find the point at which a human can no longer visually establish the difference between an original image and a manipulated image. This research examines the extent of use for file formats, bit depth alterations, least significant bits, message and audio concealment and watermark and filtering techniques for image steganography. The findings of this study indicated that audio insertion and picture insertion into cover image files are the strongest in deceiving the human eye. These results have been categorised for human visual perception in image-based steganography.PostprintPeer reviewe

Embedded system for real-time digital processing of medical Ultrasound Doppler signals

Ultrasound (US) Doppler systems are routinely used for the diagnosis of cardiovascular diseases. Depending on the application, either single tone bursts or more complex waveforms are periodically transmitted throughout a piezoelectric transducer towards the region of interest. Extraction of Doppler information from echoes backscattered from moving blood cells typically involves coherent demodulation and matched filtering of the received signal, followed by a suitable processing module. In this paper, we present an embedded Doppler US system which has been designed as open research platform, programmable according to a variety of strategies in both transmission and reception. By suitably sharing the processing tasks between a state-of-the-art FGPA and a DSP, the system can be used in several medical US applications. As reference examples, the detection of microemboli in cerebral circulation and the measurement of wall _distension_ in carotid arteries are finally presented

An examination of the Asus WL-HDD 2.5 as a nepenthes malware collector

The Linksys WRT54g has been used as a host for network forensics tools for instance Snort for a long period of time. Whilst large corporations are already utilising network forensic tools, this paper demonstrates that it is quite feasible for a non-security specialist to track and capture malicious network traffic. This paper introduces the Asus Wireless Hard disk as a replacement for the popular Linksys WRT54g. Firstly, the Linksys router will be introduced detailing some of the research that was undertaken on the device over the years amongst the security community. It then briefly discusses malicious software and the impact this may have for a home user. The paper then outlines the trivial steps in setting up Nepenthes 0.1.7 (a malware collector) for the Asus WL-HDD 2.5 according to the Nepenthes and tests the feasibility of running the malware collector on the selected device. The paper then concludes on discussing the limitations of the device when attempting to execute Nepenthes