Rethinking Digital Forensics

© IAER 2019In the modern socially-driven, knowledge-based virtual computing environment in which organisations are operating, the current digital forensics tools and practices can no longer meet the need for scientific rigour. There has been an exponential increase in the complexity of the networks with the rise of the Internet of Things, cloud technologies and fog computing altering business operations and models. Adding to the problem are the increased capacity of storage devices and the increased diversity of devices that are attached to networks, operating autonomously. We argue that the laws and standards that have been written, the processes, procedures and tools that are in common use are increasingly not capable of ensuring the requirement for scientific integrity. This paper looks at a number of issues with current practice and discusses measures that can be taken to improve the potential of achieving scientific rigour for digital forensics in the current and developing landscapePeer reviewe

Assessing Identity Theft in the Internet of Things

Published by Innovative Information Science & Technology Research Group (ISYOU)In the Internet of Things everything is interconnected. In the same context that “man-made fire” got the party started for human civilisation, “man-made TCP” enabled computing devices to participate in our lives. Today we live in a socially-driven knowledge centred computing era and we are happy in living our lives based on what an Internet alias have said or done. We are prepared to accept any reality as long as it is presented to us in a digitised manner. The Internet of Things is an emerging technology introduced in Smart Devices that will need to be intergrated with the current Information Technology infrastructure in terms of its application and security considerations. In this paper we explore the identity cyberattacks that can be related to Internet of Things and we raise our concerns. We also present a vulnerability assessment model that attempts to predict how an environment can be influenced by this type of attacks.Peer reviewe

Towards the Resolution of Safety and Security Conflicts

© 2021, IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. This is the accepted manuscript version of a conference paper which has been published in final form at https://doi.org/10.1109/ICCST49569.2021.9717390Safety engineering and cyber security have complementary aims, but typically realise these using different techniques, risk assessment methods and cultural approaches. As a result, the integration of safety and cyber security concerns is a complex process, with potential for conflict. We present a generalized taxonomy of common conflict areas between safety and cyber security, oriented around the development and deployment lifecycle, and supplement this with a discussion of concepts and methodologies for resolution based on the shared principle of defence-in-depth

An Academic Approach to Digital Forensics

This is the accepted manuscript version of the following article: O. Angelopoulou, and S. Vidalis, “An academic approach to digital forensics”, Journal of Information Warfare, Vol. 13(4), 2015. The final published version is available at: https://www.jinfowar.com/journal/volume-13-issue-4/academic-approach-digital-forensics © Copyright 2017 Journal of Information Warfare. All Rights Reserved.Digital forensics as a field of study creates a number of challenges when it comes to the academic environment. The aim of this paper is to explore these challenges in relation to the learning and teaching theories. We discuss our approach and methods of educating digital forensic investigators based on the learning axioms and models, and we also present the learning environments we develop for our scholarsPeer reviewe

Extracting Intelligence from Digital Forensic Artefacts

Stilianos Vidalis, Olga Angelopoulou, Andrew Jones, ‘Extracting Intelligence from Digital Forensic Artefacts’, paper presented at the 15th European Conference on Cyber Warfare and Security, Munich, Germany, 7-8 July, 2016.Forensic science and in particular digital forensics as a business process has predominantly been focusing on generating evidence for court proceedings. It is argued that in today’s socially-driven, knowledge-centric, virtual-computing era, this is not resource effective. In past cases it has been discovered retrospectively that the necessary information for a successful identification and extraction of evidence was previously available in a database or within previously analysed files. Such evidence could have been proactively used in order to solve a particular case, a number of linked cases or to better understand the criminal activity as a whole. This paper will present a conceptual architecture for a distributed system that will allow forensic analysts to forensically fuse and semantically analyse digital evidence for the extraction of intelligence that could lead to the accumulation of knowledge necessary for a successful prosecution.Peer reviewe

Information Security and Digital Forensics in the world of Cyber Physical Systems

Andrew Jones, Stilianos Vidalis, Nasser Abouzakhar, ‘Information Security and Digital Forensics in the world of Cyber Physical Systems’, paper presented at the 11th International Conference on Digital Information Management, Porto, Portugal, 19-21 September, 2016.The security of Cyber Physical Systems and any digital forensic investigations into them will be highly dependent on data that is stored and processed in the Cloud. This paper looks at a number of the issues that will need to be addressed if this environment is to be trusted to securely hold both system critical and personal information and to enable investigations into incidents to be undertaken

A Trust-Based Approach for Data Sharing in the MQTT Environment

© 2023 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. This is the accepted manuscript version of a conference paper which has been published in final form at https://doi.org/10.1109/PST58708.2023.10320147Internet of Things (IoT) is considered as a giant network of connected devices who collect data and share them with each other. There has been extensive developments on IoT standards and protocols that enable IoT devices to exchange data in a structured and meaningful way. Message Queuing Telemetry Transport (MQTT) is one of such developments receiving widely adoption for industrial applications. It is designed as a lightweight messaging protocol based on the publish-subscribe model by which clients publish messages to a broker who is responsible for distributing the messages to subscribed clients. MQTT is often deployed in a hostile environment in which IoT devices and brokers are vulnerable to attacks. While security for MQTT has received great attention, it does not adequately address the authorisation issues within a decentralised MQTT environment. Existing work adopts policy-based approaches to regulate data sharing across multiple brokers, which we believe, are unlikely to scale well. In this paper we propose a trust-based approach that can be easily incorporated into the existing implementation of MQTT broker. We introduce a way of computing trust rating of brokers and develop two means of using the trust ratings to control data flow across multiple broker domains. Our approach is capable of detecting and blocking malicious clients and brokers from sending false or malicious messages into the system

Management of Knowledge-based Grids

Fujitsu is set to bring high-performance computing (HPC) to Wales. They will provide a distributed grid which is a project set over five-years costing up to £40 million. The grid will include over 1400 nodes which is spread across more than eight sites, linked using Fujitsu’s middleware technology SynfiniWay which will deliver an aggregated performance of more than 190 petaflops. Knowledge Grids are self-explanatory; their purpose is to share knowledge. At this day and age we have come to a point where we are using computers to create vast amount of data. The information overload is so big that human beings are not able to analyse that data in a timely manner and extract the much seeked knowledge that will allow to further science and better our lives. We are at a point where we now have to teach computers how to extract knowledge from raw data

Security through Deception

For each layer of information security there is a number of techniques and tools that can be used to ensure information superiority. Indeed some experts would argue that you can not have the former without the later. In today’s technological & interconnected world though, information superiority is very hard to achieve and almost impossible to maintain. This paper will argue that the art of deception is a reliable and cost effective technique that can assure the security of an infrastructure. The paper will conclude by presenting a technical solution of the above statement

A Survey on Layer-Wise Security Attacks in IoT: Attacks, Countermeasures, and Open-Issues

© 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).Security is a mandatory issue in any network, where sensitive data are transferred safely in the required direction. Wireless sensor networks (WSNs) are the networks formed in hostile areas for different applications. Whatever the application, the WSNs must gather a large amount of sensitive data and send them to an authorized body, generally a sink. WSN has integrated with Internet-of-Things (IoT) via internet access in sensor nodes along with internet-connected devices. The data gathered with IoT are enormous, which are eventually collected by WSN over the Internet. Due to several resource constraints, it is challenging to design a secure sensor network, and for a secure IoT it is essential to have a secure WSN. Most of the traditional security techniques do not work well for WSN. The merger of IoT and WSN has opened new challenges in designing a secure network. In this paper, we have discussed the challenges of creating a secure WSN. This research reviews the layer-wise security protocols for WSN and IoT in the literature. There are several issues and challenges for a secure WSN and IoT, which we have addressed in this research. This research pinpoints the new research opportunities in the security issues of both WSN and IoT. This survey climaxes in abstruse psychoanalysis of the network layer attacks. Finally, various attacks on the network using Cooja, a simulator of ContikiOS, are simulated.Peer reviewe