Procedures and tools for acquisition and analysis of volatile memory on android smartphones

Mobile phone forensics have become more prominent since mobile phones have become ubiquitous both for personal and business practice. Android smartphones show tremendous growth in the global market share. Many researchers and works show the procedures and techniques for the acquisition and analysis the non-volatile memory inmobile phones. On the other hand, the physical memory (RAM) on the smartphone might retain incriminating evidence that could be acquired and analysed by the examiner. This study reveals the proper procedure for acquiring the volatile memory inthe Android smartphone and discusses the use of Linux Memory Extraction (LiME) for dumping the volatile memory. The study also discusses the analysis process of the memory image with Volatility 2.3, especially how the application shows its capability analysis. Despite its advancement there are two major concerns for both applications. First, the examiners have to gain root privileges before executing LiME. Second, both applications have no generic solution or approach. On the other hand, currently there is no other tool or option that might give the same result as LiME and Volatility 2.3

Privacy in Gaming

Video game platforms and business models are increasingly built on collection, use, and sharing of personal information for purposes of both functionality and revenue. This paper examines privacy issues and explores data practices, technical specifications, and policy statements of the most popular games and gaming platforms to provide an overview of the current privacy legal landscape for mobile gaming, console gaming, and virtual reality devices. The research observes how modern gaming aligns with information privacy notions and norms and how data practices and technologies specific to gaming may affect users and, in particular, child gamers. After objectively selecting and analyzing major players in gaming, the research notes the many different ways that game companies collect data from users, including through cameras, sensors, microphones, and other hardware, through platform features for social interaction and user-generated content, and by means of tracking technologies like cookies and beacons. The paper also notes how location and biometric data are collected routinely through game platforms and explores issues specific to mobile gaming and pairing with smartphones and other external hardware devices. The paper concludes that transparency as to gaming companies’ data practices could be much improved, especially regarding sharing with third party affiliates. In addition, the research considers how children’s privacy may be particularly affected while gaming, determining that special attention should be paid to user control mechanisms and privacy settings within games and platforms, that social media and other interactive features create unique privacy and safety concerns for children which require gamer and parent education, and that privacy policy language is often incongruent with age ratings advertised to children and parents. To contribute additional research value and resources, the paper attaches a comprehensive set of appendices, on which the research conclusions are in part based, detailing the technical specifications and privacy policy statements of popular games and gaming platforms for mobile gaming, console gaming, and virtual reality devices

Internet Predictions

More than a dozen leading experts give their opinions on where the Internet is headed and where it will be in the next decade in terms of technology, policy, and applications. They cover topics ranging from the Internet of Things to climate change to the digital storage of the future. A summary of the articles is available in the Web extras section

On the Security of Software Systems and Services

This work investigates new methods for facing the security issues and threats arising from the composition of software. This task has been carried out through the formal modelling of both the software composition scenarios and the security properties, i.e., policies, to be guaranteed. Our research moves across three different modalities of software composition which are of main interest for some of the most sensitive aspects of the modern information society. They are mobile applications, trust-based composition and service orchestration. Mobile applications are programs designed for being deployable on remote platforms. Basically, they are the main channel for the distribution and commercialisation of software for mobile devices, e.g., smart phones and tablets. Here we study the security threats that affect the application providers and the hosting platforms. In particular, we present a programming framework for the development of applications with a static and dynamic security support. Also, we implemented an enforcement mechanism for applying fine-grained security controls on the execution of possibly malicious applications. In addition to security, trust represents a pragmatic and intuitive way for managing the interactions among systems. Currently, trust is one of the main factors that human beings keep into account when deciding whether to accept a transaction or not. In our work we investigate the possibility of defining a fully integrated environment for security policies and trust including a runtime monitor. Finally, Service-Oriented Computing (SOC) is the leading technology for business applications distributed over a network. The security issues related to the service networks are many and multi-faceted. We mainly deal with the static verification of secure composition plans of web services. Moreover, we introduce the synthesis of dynamic security checks for protecting the services against illegal invocations

Applications of Automated Identification Technology in EHR/EMR

Although both the electronic health record (EHR) and the electronic medical record (EMR) store an individuals computerized health information and the terminologies are often used interchangeably, there are some differences between them. Three primary approaches in Automated Identification Technology (AIT) are barcoding, radio frequency identification (RFID), and biometrics. In this paper, technology intelligence, progress, limitations, and challenges of EHR/EMR are introduced. The applications and challenges of barcoding, RFID, and biometrics in EHR/EMR are presented respectively

Procedures And Tools For Acquisition And Analysis Of Volatile Memory On Android Smartphones

Mobile phone forensics have become more prominent since mobile phones have become ubiquitous both for personal and business practice. Android smartphones show tremendous growth in the global market share. Many researchers and works show the procedures and techniques for the acquisition andanalysisthe non volatile memory inmobile phones. On the other hand, the physical memory (RAM) on the smartphone might retain incriminating evidence that could be acquired and analysed by the examiner. This study reveals the proper procedure for acquiring the volatile memory inthe Android smartphone and discusses the use of Linux Memory Extraction (LiME) for dumping the volatile memory. The study also discusses the analysis process of the memory image with Volatility 2.3, especially how the application shows its capability analysis. Despite its advancement there are two major concerns for both applications. First, the examiners have to gain root privileges before executing LiME. Second, both applications have no generic solution or approach. On the other hand, currently there is no other tool or option that might give the same result as LiME and Volatility 2.3

Connectivity and Continuity: New Fronts in the Platform War

Device interconnectivity in video conferencing, telephony, texting, file sharing, and application handoff has become a critical battleground for tech giants. This panel compared approaches to device connectivity and application continuity, reviewed current solutions, and shared projections for the future of connectivity. Apple, Microsoft, and Google are predictably focusing on connectivity across devices and applications rather than across platforms. Given the scope of impact of these innovations, tech giants will be under increasing pressure to architect a world wherein devices and platforms are secondary to what users want to achieve via technology. Participants examined competing approaches to connectivity and continuity, explored emergent issues for research and practice, and discussed the social and business impacts of these technologies