9,804 research outputs found
Towards a Forensic Analysis for Multimedia Communication Services
No matter how robust the employed security mechanisms are malicious users or attackers will always find a way to bypass them. In addition, National Institute of Security and Technology mentions "In conjunction with appropriate tools and procedures, audit trail can assist in detecting security violation and flaws in applications". Until now, in Multimedia Communication Services (MCS), such as Voice over IP, audit trails are not utilized in security audits due to (a) the lack of the appropriate analysis tools and (b) privacy restrictions. In this paper we report on the analysis of MCS audit trail by employing a novel method for identifying "uncommon" traffic indicating non normal behaviour that does not violate users' privacy. We rely on entropy theory and the notion of "itself information" to quantify the randomness of specific message segments, and we also introduce the term "actual itself information" for the assessment of entire message randomness. To protect users' privacy we hash audit trail's data. For evaluating the applicability of our proposed method we utilize an audit trail of a real MCS provider published by honey pot project. Initial outcomes show the feasibility of employing such a method to recognize "uncommon" traffic, recorded in MCS audit trail
The Need to Support of Data Flow Graph Visualization of Forensic Lucid Programs, Forensic Evidence, and their Evaluation by GIPSY
Lucid programs are data-flow programs and can be visually represented as data
flow graphs (DFGs) and composed visually. Forensic Lucid, a Lucid dialect, is a
language to specify and reason about cyberforensic cases. It includes the
encoding of the evidence (representing the context of evaluation) and the crime
scene modeling in order to validate claims against the model and perform event
reconstruction, potentially within large swaths of digital evidence. To aid
investigators to model the scene and evaluate it, instead of typing a Forensic
Lucid program, we propose to expand the design and implementation of the Lucid
DFG programming onto Forensic Lucid case modeling and specification to enhance
the usability of the language and the system and its behavior. We briefly
discuss the related work on visual programming an DFG modeling in an attempt to
define and select one approach or a composition of approaches for Forensic
Lucid based on various criteria such as previous implementation, wide use,
formal backing in terms of semantics and translation. In the end, we solicit
the readers' constructive, opinions, feedback, comments, and recommendations
within the context of this short discussion.Comment: 11 pages, 7 figures, index; extended abstract presented at VizSec'10
at http://www.vizsec2010.org/posters ; short paper accepted at PST'1
Forensic Analysis of WhatsApp Messenger on Android Smartphones
We present the forensic analysis of the artifacts left on Android devices by
\textit{WhatsApp Messenger}, the client of the WhatsApp instant messaging
system. We provide a complete description of all the artifacts generated by
WhatsApp Messenger, we discuss the decoding and the interpretation of each one
of them, and we show how they can be correlated together to infer various types
of information that cannot be obtained by considering each one of them in
isolation.
By using the results discussed in this paper, an analyst will be able to
reconstruct the list of contacts and the chronology of the messages that have
been exchanged by users. Furthermore, thanks to the correlation of multiple
artifacts, (s)he will be able to infer information like when a specific contact
has been added, to recover deleted contacts and their time of deletion, to
determine which messages have been deleted, when these messages have been
exchanged, and the users that exchanged them.Comment: (c)2014. This manuscript version is made available under the
CC-BY-NC-ND 4.0 license http://creativecommons.org/licenses/by-nc-nd/4.0
Quality criteria for multimedia
The meaning of the term quality as used by multimedia workers in the field has become devalued. Almost every package is promoted by its developers as being of the ‘highest quality’. This paper draws on practical experience from a number of major projects to argue, from a quality‐assurance position, that multimedia materials should meet pre‐defined criteria relating to their objectives, content and incidence of errors
- …