User relationship classification of facebook messenger mobile data using WEKA

© Springer Nature Switzerland AG 2018. Mobile devices are a wealth of information about its user and their digital and physical activities (e.g. online browsing and physical location). Therefore, in any crime investigation artifacts obtained from a mobile device can be extremely crucial. However, the variety of mobile platforms, applications (apps) and the significant size of data compound existing challenges in forensic investigations. In this paper, we explore the potential of machine learning in mobile forensics, and specifically in the context of Facebook messenger artifact acquisition and analysis. Using Quick and Choo (2017)’s Digital Forensic Intelligence Analysis Cycle (DFIAC) as the guiding framework, we demonstrate how one can acquire Facebook messenger app artifacts from an Android device and an iOS device (the latter is, using existing forensic tools. Based on the acquired evidence, we create 199 data-instances to train WEKA classifiers (i.e. ZeroR, J48 and Random tree) with the aim of classifying the device owner’s contacts and determine their mutual relationship strength

Supporting Users in Cloud Plan Selection

Cloud computing is a key technology for outsourcing data and applications to external providers. The current cloud market offers a multitude of solutions (plans) differing from one another in terms of their characteristics. In this context, the selection of the right plan for outsourcing is of paramount importance for users wishing to move their data/applications to the cloud. The scientific community has then developed different models and tools for capturing users\u2019 requirements and evaluating candidate plans to determine the extent to which each of them satisfies such requirements. In this chapter, we illustrate some of the existing solutions proposed for cloud plan selection and for supporting users in the specification of their (crisp and/or fuzzy) needs

The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

Performance Modeling of Heterogeneous Distributed Applications

Heterogeneous network computing allows the development of a single complex application using a distributed network of machines; these machines may differ in terms of CPU and memory capacity and/or architecture and specialized functions. In this paper we present a modeling technique, based on Generalized Stochastic Petri Nets (GSPNs), for the performance analysis of applications targeted to this class of systems (heterogeneous applications). We illustrate the use of the proposed technique by modeling and analyzing the CASA 3D-REACT heterogeneous application

Fair Scheduling of General-Purpose Workloads on Workstation Clusters

In this paper we present a scheduling strategy for workstation clusters able to effectively and fairly schedule general-purpose workloads potentially made up by compute-bound, interactive, and I/O-intensive applications, that may each be sequential, client-server, or parallel. The scheduling strategy allocates resources to processes of the same parallel applications in such a way that they all get the same CPU share regardless of the level of resource contention on the respective machines, and relies on an extended i>stride scheduler to fairly allocate individual workstations. A simulation analysis carried out for a variety of workloads and operational conditions shows that our strategy (a) delivers good performance to all the applications classes composing general-purpose workloads, (b) fairly allocates resources among competing applications, and (c) outperforms alternative strategies

Forensic Implications of Virtualization Technologies

In the recent past machine and application virtualization technologies have received a great attention from the IT community, and are being increasingly used both in the Data Center and by the end user. The proliferation of these technologies will result, in the near future, in an increasing number of illegal or inappropriate activities carried out by means of virtual machines, or targeting virtual machines, rather than physical ones. Therefore, appropriate forensic analysis techniques, specifically tailored to virtualization environments, must be developed. Furthermore, virtualization technologies provide very effective anti-forensics capabilities, so specific countermeasures have to be sought as well. In addition to the above problems, however, virtualization technologies provide also the opportunity of developing novel forensic analysis techniques for non-virtualized systems. This chapter discusses the implications on the forensic computing field of the issues, challenges, and opportunities presented by virtualization technologies, with a particular emphasis on the possible solutions to the problems arising during the forensic analysis of a virtualized system