Functional Renormalisation Group analysis of a Tensorial Group Field Theory on R3\mathbb{R}^3

We study a model of Tensorial Group Field Theory (TGFT) on $\mathbb{R}^3$ from the point of view of the Functional Renormalisation Group. This is the first attempt to apply a renormalisation procedure to a TGFT model defined over a non-compact group manifold. IR divergences (with respect to the metric on $\mathbb{R}$) coming from the non-compactness of the group are regularised via compactification, and a thermodynamic limit is then taken. We identify then IR and UV fixed points of the RG flow and find strong hints of a phase transition of the TGFT system from a symmetric to a broken or condensate phase in the IR.Comment: 7 pages, 2 Figure

A Forensically Sound Adversary Model for Mobile Devices

In this paper, we propose an adversary model to facilitate forensic investigations of mobile devices (e.g. Android, iOS and Windows smartphones) that can be readily adapted to the latest mobile device technologies. This is essential given the ongoing and rapidly changing nature of mobile device technologies. An integral principle and significant constraint upon forensic practitioners is that of forensic soundness. Our adversary model specifically considers and integrates the constraints of forensic soundness on the adversary, in our case, a forensic practitioner. One construction of the adversary model is an evidence collection and analysis methodology for Android devices. Using the methodology with six popular cloud apps, we were successful in extracting various information of forensic interest in both the external and internal storage of the mobile device

Mobile device forensics: a snapshot

In the increasingly dynamic environment of mobile forensics, this paper provides an overview of the capabilities of three popular mobile forensic tools on three mobile phones based on Apple’s iOS, Google’s Android and RIM’s BlackBerry operating systems. The paper identifies where each specific tool is best applied and also describes the limitations of each in accessing contacts, call history, message data (SMS, MMS and emails), media files and other data. New releases of forensic tools and mobile operating systems may change the way the data are acquired and preserved in the future. It is therefore hoped that future research will continue to provide the digital forensics community with the most up-to-date overview of mobile forensics capabilities

BUILDING THE NEXT GENERATION OF CYBER SECURITY PROFESSIONALS

Cyber security is an area of strategic and policy interest to governments and enterprises globally, which results in an increase in the demand for cyber security professionals. However, there is a lack of education based on sound theories, standards and practices. In this paper, we adapted the Situational Crime Prevention Theory and the NICE National Cybersecurity Workforce Framework in the design and delivery of our courses, particularly in the Cyber Security Exercise (CSE) which forms an integral part of the courses. The CSE is an attack/defence environment where students are grouped and given a virtual machine with which to host a number of services (e.g. HTTP(S), FTP and SSH) for access by other groups. The CSE is designed to mirror real-world environments where the students´ skills will be applied. An overview of the CSE architecture was also provided for readers interested in replicating the exercise in their institutions. Based on student assessment and feedback, we found that our approach was useful in transferring theoretical knowledge to practical skills suitable for the cyber security workforce

Mobile Cloud Forensics: An Analysis of Seven Popular Android Apps

Using the evidence collection and analysis methodology for Android devices proposed by Martini, Do and Choo, we examined and analyzed seven popular Android cloud-based apps. Firstly, we analyzed each app in order to see what information could be obtained from their private app storage and SD card directories. We collated the information and used it to aid our investigation of each app database files and AccountManager data. To complete our understanding of the forensic artefacts stored by apps we analyzed, we performed further analysis on the apps to determine if the user authentication credentials could be collected for each app based on the information gained in the initial analysis stages. The contributions of this research include a detailed description of artefacts, which are of general forensic interest, for each app analyzed.Comment: Book Chapter in Cloud Security Ecosystem (Syngress, an Imprint of Elsevier), 201

Privacy Risks in Mobile Dating Apps

Dating apps for mobile devices, one popular GeoSocial app category, are growing increasingly popular. These apps encourage the sharing of more personal information than conventional social media apps, including continuous location data. However, recent high profile incidents have highlighted the privacy risks inherent in using these apps. In this paper, we present a case study utilizing forensic techniques on nine popular proximity-based dating apps in order to determine the types of data that can be recovered from user devices. We recover a number of data types from these apps that raise concerns about user privacy. For example, we determine that chat messages could be recovered in at least half of the apps examined and, in some cases, the details of any users that had been discovered nearby could also be extracted

Information Disclosure in Mobile Device: Examining the Influence of Information Relevance and Recipient

Privacy enhancing technologies (PETs) in mobile platforms typically restrict undesired information flow based on its sensitivity. However, sensitivity is often regarded as dichotomous and inflexible to the ever-changing contexts. Improving the effectiveness of PETs requires a better understanding of these contexts. In this paper, we examine the influence of contextual factors in users’ mobile usage based on Nissenbaum’s framework of contextual integrity. Specifically, we conducted a user study (n = 2889) to investigate the influence of relevance of information types on the willingness of disclosure towards typical groups of recipient. While the results suggest a significant relationship between information relevance (of different information) and willingness to disclose (to different recipients), closer examination reveals the relationship is not always clear-cut, and there is a potential influence of recipient. Therefore, incorporating the recipient factor can serve as a potential improvement to the existing approach in privacy management in the mobile device

Using Multimedia Presentations to Improve Digital Forensic Understanding: A Pilot Study

Improving employees’ understanding of digital forensic technical terms and concepts within an organisation is likely to increase the potential of successful collaboration during a cyber security incident (e.g. data breach) investigation within that organisation. In this paper, we seek to determine whether multimedia presentations, in this case videos, are an effective tool in improving a learner’s technical understanding of digital forensic terms and concepts. Using the cognitive theory of multimedia learning as the underlying theoretical lens, we surveyed nine participants from the financial sector who have cyber security-related responsibilities. With the exception of one participant, the study found that the use of multimedia presentations can improve participants’ understanding of technical digital forensic terms and concepts. Potential future research questions are also identified

The Role of the Adversary Model in Applied Security Research

Adversary models have been integral to the design of provably-secure cryptographic schemes or protocols. However, their use in other computer science research disciplines is relatively limited, particularly in the case of applied security research (e.g., mobile app and vulnerability studies). In this study, we conduct a survey of prominent adversary models used in the seminal field of cryptography, and more recent mobile and Internet of Things (IoT) research. Motivated by the findings from the cryptography survey, we propose a classification scheme for common app-based adversaries used in mobile security research, and classify key papers using the proposed scheme. Finally, we discuss recent work involving adversary models in the contemporary research field of IoT. We contribute recommendations to aid researchers working in applied (IoT) security based upon our findings from the mobile and cryptography literature. The key recommendation is for authors to clearly define adversary goals, assumptions and capabilities