Forensically-Sound Analysis of Security Risks of using Local Password Managers

Password managers have been developed to address the human challenges associated with password security, i.e., to solve usability issues in a secure way. They offer, e.g., features to create strong passwords, to manage the increasing number of passwords a typical user has, and to auto-fill passwords, sparing users the hassle of not only remembering but also typing them. Previous studies have focused mainly on the security analysis of cloud-based and browser-based password managers; security of local password managers remains mostly under-explored. This paper takes a forensic approach and reports on a case study of three popular local password managers: KeePass (v2.28), Password Safe (v3.35.1) and RoboForm (v7.9.12). Results revealed that either the master password or the content of the password database could be found unencrypted in Temp folders, Page files or Recycle bin, even after the applications had been closed. Therefore, an attacker or malware with temporary access to the computer on which the password managers were running may be able to steal sensitive information, even though these password managers are meant to keep the databases encrypted and protected at all times

Cyber security investigation for Raspberry Pi devices

Big Data on Cloud application is growing rapidly. When the cloud is attacked, the investigation relies on digital forensics evidence. This paper proposed the data collection via Raspberry Pi devices, in a healthcare situation. The significance of this work is that could be expanded into a digital device array that takes big data security issues into account. There are many potential impacts in health area. The field of Digital Forensics Science has been tagged as a reactive science by some who believe research and study in the field often arise as a result of the need to respond to event which brought about the needs for investigation; this work was carried as a proactive research that will add knowledge to the field of Digital Forensic Science. The Raspberry Pi is a cost-effective, pocket sized computer that has gained global recognition since its development in 2008; with the wide spread usage of the device for different computing purposes. Raspberry Pi can potentially be a cyber security device, which can relate with forensics investigation in the near future. This work has used a systematic approach to study the structure and operation of the device and has established security issues that the widespread usage of the device can pose, such as health or smart city. Furthermore, its evidential information applied in security will be useful in the event that the device becomes a subject of digital forensic investigation in the foreseeable future. In healthcare system, PII (personal identifiable information) is a very important issue. When Raspberry Pi plays a processor role, its security is vital; consequently, digital forensics investigation on the Raspberry Pies becomes necessary

Virus taxonomy: the database of the International Committee on Taxonomy of Viruses (ICTV)

The International Committee on Taxonomy of Viruses (ICTV) is charged with the task of developing, refining, and maintaining a universal virus taxonomy. This task encompasses the classification of virus species and higher-level taxa according to the genetic and biological properties of their members; naming virus taxa; maintaining a database detailing the currently approved taxonomy; and providing the database, supporting proposals, and other virus-related information from an open-access, public web site. The ICTV web site (http://ictv.global) provides access to the current taxonomy database in online and downloadable formats, and maintains a complete history of virus taxa back to the first release in 1971. The ICTV has also published the ICTV Report on Virus Taxonomy starting in 1971. This Report provides a comprehensive description of all virus taxa covering virus structure, genome structure, biology and phylogenetics. The ninth ICTV report, published in 2012, is available as an open-access online publication from the ICTV web site. The current, 10th report (http://ictv.global/report/), is being published online, and is replacing the previous hard-copy edition with a completely open access, continuously updated publication. No other database or resource exists that provides such a comprehensive, fully annotated compendium of information on virus taxa and taxonomy

Waves of genomic hitchhikers shed light on the evolution of gamebirds (Aves: Galliformes) : research article

Background The phylogenetic tree of Galliformes (gamebirds, including megapodes, currassows, guinea fowl, New and Old World quails, chicken, pheasants, grouse, and turkeys) has been considerably remodeled over the last decades as new data and analytical methods became available. Analyzing presence/absence patterns of retroposed elements avoids the problems of homoplastic characters inherent in other methodologies. In gamebirds, chicken repeats 1 (CR1) are the most prevalent retroposed elements, but little is known about the activity of their various subtypes over time. Ascertaining the fixation patterns of CR1 elements would help unravel the phylogeny of gamebirds and other poorly resolved avian clades. Results We analyzed 1,978 nested CR1 elements and developed a multidimensional approach taking advantage of their transposition in transposition character (TinT) to characterize the fixation patterns of all 22 known chicken CR1 subtypes. The presence/absence patterns of those elements that were active at different periods of gamebird evolution provided evidence for a clade (Cracidae + (Numididae + (Odontophoridae + Phasianidae))) not including Megapodiidae; and for Rollulus as the sister taxon of the other analyzed Phasianidae. Genomic trace sequences of the turkey genome further demonstrated that the endangered African Congo Peafowl (Afropavo congensis) is the sister taxon of the Asian Peafowl (Pavo), rejecting other predominantly morphology-based groupings, and that phasianids are monophyletic, including the sister taxa Tetraoninae and Meleagridinae. Conclusions The TinT information concerning relative fixation times of CR1 subtypes enabled us to efficiently investigate gamebird phylogeny and to reconstruct an unambiguous tree topology. This method should provide a useful tool for investigations in other taxonomic groups as well

The 3D Genome Browser: A web-based browser for visualizing 3D genome organization and long-range chromatin interactions

Abstract Here, we introduce the 3D Genome Browser, http://3dgenome.org, which allows users to conveniently explore both their own and over 300 publicly available chromatin interaction data of different types. We design a new binary data format for Hi-C data that reduces the file size by at least a magnitude and allows users to visualize chromatin interactions over millions of base pairs within seconds. Our browser provides multiple methods linking distal cis-regulatory elements with their potential target genes. Users can seamlessly integrate thousands of other omics data to gain a comprehensive view of both regulatory landscape and 3D genome structure

Crying Over the Cache: Why Technology Has Compromised the Uniform Application of Child Pornography Laws

As thousands of individuals surf the internet daily, every image on every web page is saved automatically to their computer’s cache, absent user direction. Sections 2252(a)(2) and 2252(a)(4)(B) of Title 18 of the U.S. Code criminalize knowing possession and knowing receipt of child pornography images. For the defendant who intentionally saves illicit images to his computer, the cache simply verifies already-proven knowing possession or receipt. However, for the defendant who only views child pornography online, the presence of images in the cache may not be enough to prove knowledge beyond a reasonable doubt. How can the prosecution prove a defendant knowingly received an image he has potentially never seen? How can a prosecutor prove a defendant knowingly possessed an image that may have been a pop-up? Questions like these have split circuit courts over the application of § 2252(a)(2). Several circuit courts have confronted cases with defendants who undoubtedly viewed child pornography images online, but who only left one clue as to their “knowing” receipt—the presence of images in the cache. The Tenth Circuit found that absent direct proof that a defendant viewed the image, the presence of a file in the cache is not enough to meet the “knowing receipt” standard. The Eleventh and Fifth Circuits disagreed, holding that a pattern of seeking out images satisfies the knowledge requirement. This Note analyzes the split and concludes that the presence of images in the cache proves a defendant’s knowing receipt. The Tenth Circuit’s demand of “direct proof of viewership of the image in question” imposes impossible evidentiary requirements. Defendants who view child pornography online have satisfied § 2252(a)(2)’s mens rea requirement even without direct proof of viewership of the image in question

Characteristics of transposable element exonization within human and mouse

Insertion of transposed elements within mammalian genes is thought to be an important contributor to mammalian evolution and speciation. Insertion of transposed elements into introns can lead to their activation as alternatively spliced cassette exons, an event called exonization. Elucidation of the evolutionary constraints that have shaped fixation of transposed elements within human and mouse protein coding genes and subsequent exonization is important for understanding of how the exonization process has affected transcriptome and proteome complexities. Here we show that exonization of transposed elements is biased towards the beginning of the coding sequence in both human and mouse genes. Analysis of single nucleotide polymorphisms (SNPs) revealed that exonization of transposed elements can be population-specific, implying that exonizations may enhance divergence and lead to speciation. SNP density analysis revealed differences between Alu and other transposed elements. Finally, we identified cases of primate-specific Alu elements that depend on RNA editing for their exonization. These results shed light on TE fixation and the exonization process within human and mouse genes.Comment: 11 pages, 4 figure

Insight:an application of information visualisation techniques to digital forensics investigations

As digital devices are becoming ever more ubiquitous in our day to day lives, more of our personal information and behavioural patterns are recorded on these devices. The volume of data held on these devices is substantial, and people investigating these datasets are facing growing backlog as a result. This is worsened by the fact that many software tools used in this area are text based and do not lend themselves to rapid processing by humans.This body of work looks at several case studies in which these datasets were visualised in attempt to expedite processing by humans. A number of different 2D and 3D visualisation methods were trialled, and the results from these case studies fed into the design of a final tool which was tested with the assistance of a group of individuals studying Digital Forensics.The results of this research show some encouraging results which indicate visualisation may assist analysis in some aspects, and indicates useful paths for future work

Behavioural Evidence Analysis Applied to Digital Forensics: An Empirical Analysis of Child Pornography Cases using P2P Networks

The utility of Behavioural Evidence Analysis (BEA) has gained attention in the field of Digital Forensics in recent years. It has been recognized that, along with technical examination of digital evidence, it is important to learn as much as possible about the individuals behind an offence, the victim(s) and the dynamics of a crime. This can assist the investigator in producing a more accurate and complete reconstruction of the crime, in interpreting associated digital evidence, and with the description of investigative findings. Despite these potential benefits, the literature shows limited use of BEA for the investigation of cases of the possession and dissemination of Sexually Exploitative Imagery of Children (SEIC). This paper represents a step towards filling this gap. It reports on the forensic analysis of 15 SEIC cases involving P2P filesharing networks, obtained from the Dubai Police. Results confirmed the predicted benefits and indicate that BEA can assist digital forensic practitioners and prosecutors