Examination of Cyber-criminal Behaviour

Cybercrime is the world’s biggest growth industry and is now costing an estimated €180 billion loss to organisations and individuals, every year. The creation of ‘virtual identities’ gives a greater anonymity to the activities of organised criminals. Today our commonwealth is protected by firewalls rather than firepower. This is an issue of global importance as new technology has provided a world of opportunity for criminals. As a consequence law enforcement agencies all over the world are struggling to cope. Therefore, today’s top priority is to use computer technology to fight computer crime

Sufficiency of Windows Event log as Evidence in Digital Forensics

The prevalence of computer and the internet has brought forth the increasing spate of cybercrime activities; hence the need for evidence to attribute a crime to a suspect. The research therefore, centres on evidence, the legal standards applied to digital evidence presented in court and the main sources of evidence in the Windows operating system, such as the Registry, slack space and the Windows event log. In order to achieve the main aim of this research, cybercrime activities such as automated password guessing attack and hacking was emulated on to a Windows operating system within a virtual network environment set up using VMware workstation. After the attack the event logs on the victim system was analysed and assessed for its admissibility (evidence must conform to certain legal rules), and weight (evidence must convince the court that the accused committed the crime)

Case Study: Using ADLARS to Design and Develop a Real-Time Network Emulator

As testing and benchmarking performance of web services and networked applications has proven to be cost-effective, and crucial in some applications, increased significance has been attached to the development of hardware and software network emulators and simulators. In this paper, we discuss a possible design of a light-weight real-time IP network emulator that can provide the same functionality and performance as hardware simulators. Also, as the systematic software engineering discipline has become a necessity in the software development life-cycle, we present a possible approach, utilizing mature software engineering disciplines, for building the software architecture of the emulator. We then use ADLARS [1], an Architecture Description Language for Real-time Systems to describe the architecture. The emulator’s architecture serves as a good test-bed for our ADL because of its real-time and concurrent nature. We conclude by testing our design and presenting a possible JAVA implementation of the emulator over a UNIX system

Visualizing Variability Models Using Hyperbolic Trees

Software Product Line Engineering (SPLE) has emerged in recent years as a viable way to maximize reuse when designing a family of related products. One of the main tasks conducted during the SPLE process is Variability Management (VM). VM is about identifying commonality among the different products being developed while capturing and cataloging variability. In real-life projects, VM models tend to encompass a very large number of variants reaching in many projects the order of thousands. Visualizing these models has been a major challenge for tool developers. In this work, we present our MUSA CASE tool which uses hyperbolic trees for representing VM models and supports gesture based interaction (using multi-touch interfaces). The tool has been successfully used to develop a large scale case study

Achieving Model Completeness for Hierarchally Structured Activities of Daily Life

Being able to recognise everyday activities of daily life provides the opportunity of tracking functional decline among elderly people who suffer from Alzheimer’s disease. This paper describes an approach that has been developed for recognising activities of daily life based on a hierarchal structure of plans. While it is logical to envisage that the most common activities will be modelled within a library of plans, it can be impossible to imagine that the library contains plans for every possible hierarchal activity. In order to generalise the activity recognition capability outside the framework of the core activities constructed to support recognition, decision trees are constructed using a well - known induction algorithm during a train period. The motivation of this work is to allow people with Alzheimer’s disease to have additional years of independent living before the disease reaches a stage where it becomes incurable

Integration operators for generating RDF/OWL-based user defined mediator views in a grid environment

Research and development activities relating to the grid have generally focused on applications where data is stored in files. However, many scientific and commercial applications are highly dependent on Information Servers (ISs) for storage and organization of their data. A data-information system that supports operations on multiple information servers in a grid environment is referred to as an interoperable grid system. Different perceptions by end-users of interoperable systems in a grid environment may lead to different reasons for integrating data. Even the same user might want to integrate the same distributed data in various ways to suit different needs, roles or tasks. Therefore multiple mediator views are needed to support this diversity. This paper describes our approach to supporting semantic interoperability in a heterogeneous multi-information server grid environment. It is based on using Integration Operators for generating multiple semantically rich RDF/OWL-based user defined mediator views above the grid participating ISs. These views support different perceptions of the distributed and heterogeneous data available. A set of grid services are developed for the implementation of the mediator views

Malicious code detection using penalized splines on OPcode frequency

Recently, malicious software are gaining exponential growth due to the innumerable obfuscations of extended x86 IA-32 (OPcodes) that are being employed to evade from traditional detection methods. In this paper, we design a novel distinguisher to separate malware from benign that combines Multivariate Logistic Regression model using kernel HS in Penalized Splines along with OPcode frequency feature selection technique for efficiently detecting obfuscated malware. The main advantage of our penalized splines based feature selection technique is its performance capability achieved through the efficient filtering and identification of the most important OPcodes used in the obfuscation of malware. This is demonstrated through our successful implementation and experimental results of our proposed model on large malware datasets. The presented approach is effective at identifying previously examined malware and non-malware to assist in reverse engineering.10 page(s

Foreword: Special Issue on Trends in Artificial Intelligence and Data Analytics for an Ethical and Inclusive Digitalized Society

Artificial Intelligence (AI) and Data Analytics play a crucial role in building a digitalized society that is ethical and inclusive. AI is a simulation that is trained to learn and mimic human behaviour. These AI algorithms are capable of learning from their mistakes and doing tasks that are comparable to those performed by humans. AI will have a significant impact on our quality of life as it develops. The main aim of any tool and approach is to simplify human effort and aid us in making better decisions. Data Analytics helps in analyzing raw data in order to draw inferences from it. These techniques and processes have been automated in order to deal with raw data, which is intended for human consumption. The combination of both these techniques will help humans to evolve further in field of research and will enhance the decision making process... Byline: Mamoun Alazab, Ameer Al-Nemrat, Mohammad Shojafar, Shahd Al-Janab