Detecting and tracing slow attacks on mobile phone user service

The lower bandwidth of mobile devices has until recently filtered the range of attacks on the Internet. However, recent research shows that DOS and DDOS attacks, worms and viruses, and a whole range of social engineering attacks are impacting on broadband smartphone users. In our research we have developed a metric-based system to detect the traditional slow attacks that can be effective using limited resources, and then employed combinations of Internet trace back techniques to identify sources of attacks. Our research question asked: What defence mechanisms are effective? We critically evaluate the available literature to appraise the current state of the problem area and then propose an innovative solution for the detection and investigation of attacks

Detecting Slow DDos Attacks on Mobile Devices

Denial of service attacks, distributed denial of service attacks and reflector attacks are well known and documented events. More recently these attacks have been directed at game stations and mobile communication devices as strategies for disrupting communication. In this paper we ask, How can slow DDos attacks be detected? The similarity metric is adopted and applied for potential application. A short review of previous literature on attacks and prevention methodologies is provided and strategies are discussed. An innovative attack detection method is introduced and the processes and procedures are summarized into an investigation process model. The advantages and benefits of applying the metric are demonstrated and the importance of trace back preparation discussed

Protecting Android Devices from Malware Attacks: A State-of-the-Art Report of Concepts, Modern Learning Models and Challenges

Advancements in microelectronics have increased the popularity of mobile devices like cellphones, tablets, e-readers, and PDAs. Android, with its open-source platform, broad device support, customizability, and integration with the Google ecosystem, has become the leading operating system for mobile devices. While Android's openness brings benefits, it has downsides like a lack of official support, fragmentation, complexity, and security risks if not maintained. Malware exploits these vulnerabilities for unauthorized actions and data theft. To enhance device security, static and dynamic analysis techniques can be employed. However, current attackers are becoming increasingly sophisticated, and they are employing packaging, code obfuscation, and encryption techniques to evade detection models. Researchers prefer flexible artificial intelligence methods, particularly deep learning models, for detecting and classifying malware on Android systems. In this survey study, a detailed literature review was conducted to investigate and analyze how deep learning approaches have been applied to malware detection on Android systems. The study also provides an overview of the Android architecture, datasets used for deep learning-based detection, and open issues that will be studied in the future

Mobile bullying : investigating the non-technical factors that influence forensic readiness in township schools in South Africa

The increasing use of mobile devices by high school learners has resulted in increased networking activities for learners who take advantage of opportunities presented by mobile technologies. Mobile technology continues to play a key role in facilitating online interactions amongst South African youth, and some learners use mobile technology to enhance their learning capabilities. However, such electronic operations have also presented new risks particularly in the developing countries where online bullying is on the rise and investigations of such incidents or threats are expensive. Mobile bullying and lack of discipline of bullies, for instance, are major concerns in the society at large. To control these incidents, learners and teachers need to know what to do when incidents arise. The process of digital forensic investigation is typically left for those specialising in the field of digital forensics. Those responsible for learner's safety in schools are often faced with situations where they have to perform basic investigations or preserve evidence for incident escalation to the specialists. However, schools often do not prepare themselves well enough for the challenges relating to mobile bullying. They find themselves not knowing where to start or how to preserve evidence. Digital forensic investigations are even more challenging in school settings because of the dynamic nature of these environments. While studies have been conducted in the developed countries, little is still known about how schools in the developing world, for instance South Africa, may handle mobile bullying. Very little is known about how schools in the developing countries may maximise their potential to use digital evidence while minimising the impact resulting from the incident. There is limited guidance on how to be digital forensic ready in schools where teachers, learners, principals, and other role players are not trained well enough to deal with mobile bullying. The objective of this study was to provide insight into factors that enhance the non-technical forensic readiness program in township schools and the ability of teachers to investigate mobile bullying incidents. The study aimed at employing concepts of forensic readiness to ignite schools' ability to prepare for response to mobile bullying incidents and create a digital forensic ready learning environment. The study was conducted in South Africa, Limpopo and North West provinces. Five schools agreed to participate in this study; eighty-two valid responses were obtained from teachers. The study followed mixed methods approach to the theory

The Proceedings of 14th Australian Digital Forensics Conference, 5-6 December 2016, Edith Cowan University, Perth, Australia

Conference Foreword This is the fifth year that the Australian Digital Forensics Conference has been held under the banner of the Security Research Institute, which is in part due to the success of the security conference program at ECU. As with previous years, the conference continues to see a quality papers with a number from local and international authors. 11 papers were submitted and following a double blind peer review process, 8 were accepted for final presentation and publication. Conferences such as these are simply not possible without willing volunteers who follow through with the commitment they have initially made, and I would like to take this opportunity to thank the conference committee for their tireless efforts in this regard. These efforts have included but not been limited to the reviewing and editing of the conference papers, and helping with the planning, organisation and execution of the conference. Particular thanks go to those international reviewers who took the time to review papers for the conference, irrespective of the fact that they are unable to attend this year. To our sponsors and supporters a vote of thanks for both the financial and moral support provided to the conference. Finally, to the student volunteers and staff of the ECU Security Research Institute, your efforts as always are appreciated and invaluable. Yours sincerely, Conference Chair Professor Craig Valli Director, Security Research Institut

Toolbox application to support and enhance the mobile device forensics investigation process - breaking through the techniques available

Dissertation presented as the partial requirement for obtaining a Master's degree in Information Management, specialization in Knowledge Management and Business IntelligenceOne of the main topics that is discussed today is how can a person leverage on technology on a positive and secure way in order to enhance their daily life, making it a healthier, more productive, joyful and easier. However, with improvements in technology, comes challenges for which there is not yet a stable and safe way to overcome. One of the greatest challenges that people are faced has to do with their concern on their privacy and on the safeguard of their sensitive information that is stored in any device that one uses. In fact, one of the most used technology is the Mobile, which can take several forms, features, shapes, and many other components. In line manner, cybercrime is growing rapidly, targeting the exploitation and retrieval of information from these gadgets. Even so, with a Mobile, comes several challenges including a rapidly dynamic change in its landscape, an everincreasing diversity of mobile phones forms, integration of the information on a Mobile into the Cloud and IoT. As such, it’s vital to have a stable and safe toolbox that will enable a digital investigator to potentially prevent, detect and solve any issue that may be related to Mobile Device Forensics while solving out various investigations, being it criminal, civil, corporate or any other

A Digital Forensic Readiness Approach for e-Supply Chain Systems

The internet has had a major impact on how information is shared within supply chains, and in commerce in general. This has resulted in the establishment of information systems such as esupply chains (eSCs) amongst others which integrate the internet and other information and communications technology (ICT) with traditional business processes for the swift transmission of information between trading partners. Many organisations have reaped the benefits that come from adopting the eSC model, but have also faced the challenges with which it comes. One such major challenge is information security. With the current state of cybercrime, system developers are challenged with the task of developing cutting-edge digital forensic readiness (DFR) systems that can keep up with current technological advancements, such as eSCs. Hence, the research highlights the lack of a well-formulated eSC-DFR approach that can assist system developers in the development of e-supply chain digital forensic readiness systems. The main objective of such a system is that it must be able to provide law enforcement/digital forensic investigators that operate on eSC platforms with forensically sound and readily available potential digital evidence that can expedite and support digital forensics incident-response processes. This approach, if implemented can also prepare trading partners for security incidents that might take place, if not prevent them from occurring. Therefore, the work presented in this research is aimed at providing a procedural approach that is based on digital forensic principles for eSC system architects and eSC network service providers to follow in the design of eSC-DFR tools. The author proposes an eSC-DFR process model and eSC-DFR system architectural design that was implemented as part of this research illustrating the concepts of evidence collection, evidence pre-analysis, evidence preservation, system usability alongside other digital forensic principles and techniques. It is the view of the authors that the conclusions drawn from this research can spearhead the development of cutting-edge eSC-DFR systems that are intelligent, effective, user friendly and compliant with international standards.Dissertation (MEng)--University of Pretoria, 2019.Computer ScienceMScUnrestricte