Global ETD Search

111	Porovnání výuky informační a kybernetické bezpečnosti v České republice a Jižní Koreji s návrhy na zlepšení / Comparison of education information and cybernetic security in Czech republic and South Korea with suggestions for improvement Šisler, Marcel January 2020 (has links) This diploma thesis deals with a suggestions to improve the current state of education information and cyber security in the Czech Republic. These suggestions are from a comparison of education at the Brno University of Technology - Faculty of Business and Hallym University in South Korea. Another part is the analysis of trends in the field of cyber attacks and comparison of this area between the Czech Republic and South Korea.
112	Går det att köpa personuppgifter på bilskroten? : Ett arbete om digital forensik på begagnade bildelar Börjesson, Holme, Lindskog, Filiph January 2020 (has links) I moderna bilar lagras ofta data från användaren av bilen då en mobiltelefon eller annan enhet parkopplas genom Bluetooth- eller USB-anslutning. I de fall dessa data innehåller personuppgifter kan de vara intressanta i en utredning samt vara värda att skydda ur ett integritetsperspektiv. Vad händer med dessa data då bilen skrotas? När en bil skrotas monteras den ner och de delar som går att tjäna pengar på säljs av bildemonteringsföretaget. Det kan gälla allt från stötdämpare, hjul och rattar, till elektroniska komponenter och multimediaenheter. I detta arbete utvanns personuppgifter ur tre sådana begagnade multimediaenheter som köpts från bildemonteringar. Den mest framgångsrika metoden var att avlägsna rätt lagringskrets från multimediaenhetens kretskort och utvinna dess data genom direkt anslutning. I samtliga fall har informationen varit strukturerad i ett bekant filsystem vilket kunnat monteras. I alla tre undersöka multimediaenheter utvanns personuppgifter. Resultatet visar att det finns brister i hanteringen av personuppgifter då en bil skrotas. / In modern vehicles, data from the user of the vehicle is often stored when a mobile phone or other device is paired through Bluetooth or USB connection. In cases where this data contains personal data, they may be of interest in an investigation and may be worth protecting from a privacy perspective. What happens to this data when the car is scrapped? When a car is scrapped, it is dismantled and the parts that can be made money from are sold by the scrap company. This can be anything from shock absorbers, wheels and steering wheels, to electronic components and infotainment devices. In this report, personal data was extracted from three such infotainment devices purchased from scrap companies. The most successful method was to remove the correct storage circuit from the infotainment device circuit board and extract its data by direct connection. In all cases, the information has been structured in a familiar file system which could be mounted. In all three investigated infotainment devices, personal data were extracted. The result shows that there are deficiencies in the handling of personal data when a car is scrapped. digital forensics vehicle forensics embedded systems forensics personal integrity chip-off IT-forensik bilforensik forensik på inbäddade system personlig integritet chip-off Computer Systems Datorsystem Embedded Systems Inbäddad systemteknik
113	New and Emerging Mobile Apps Among Teens - Are Forensic Tools Keeping Up? Kelsey Billups (8800973) 06 May 2020 (has links) Mobile applications are an important but fast changing piece of the digital forensics’ world. For mobile forensics researchers and field analysts, it is hard to keep up with the pace of the ever-changing world of the newest and most popular applications teens are using. Mobile forensic tools are quickly becoming more and more supportive of new applications, but with how quickly apps are changing and new ones being released, it is still difficult for the tools to keep up. The research question for this project examines to what extent digital forensic tools support new and emerging applications seen recently in investigations involving teenagers? For this research, a survey was conducted asking digital forensic analysts, and others who investigate digital crimes, what applications they are coming across most frequently during investigations involving teens and whether those applications are being supported by forensic tools. The top three applications from the survey that were not supported by mobile forensic tools, Monkey, Houseparty, and Likee were populated onto a test device and then evaluated and analyzed to see what forensic artifacts were found in those applications. The mobile application artifacts were then compared on two different forensic tools to see which tool obtains the most forensic artifacts from the applications. Through the examination and analysis of the applications and data contained within the apps, it was determined that 61% of the populated forensic artifacts were recovered manually and only 45% were recovered by a forensic tool for the Monkey application. 100% of the populated forensic artifacts were recovered manually and only 29% were recovered by a forensic tool for the Houseparty application. 42% of the populated forensic artifacts were recovered manually and only 3% were recovered by a forensic tool for the Likee application. It was found that the extent of support from digital forensic tools for these types of applications depends greatly on how the application stores the artifacts, but the artifact extraction support was limited for all applications. This research benefits in helping researchers and analysts by understanding the data and artifacts contained within the applications, what forensic artifacts are recoverable, and where to find those important artifacts. This research can help in finding important evidence for future investigations.<br> Computer System Security Mobile Technologies cyber forensics Digital Forensics computer forensics Mobile Forensics mobile applications mobile app Social media use Android forensic toolkits
114	Uppe bland molnen : Tvångsmedlet genomsökning på distans RB 28:10 och utvinning av molndata tillhörande Googletjänster Dahlstrand, Elsa, Dahl, Moa January 2023 (has links) Det sker en kontinuerlig digitalisering i världen vilket innebär en utmaning för samhällets lagstiftning, till följd av att lagstiftning är tids- och resurskrävande. Detta är något som kriminella utnyttjar i och med att deras verksamhet har flyttats alltmer till den digitala världen. Kriminell verksamhet som genomförs med hjälp av molntjänster har varit svårt att bekämpa, då det inte är säkert att den data som skapas i molntjänster också lagras i samma land. Arbetet att samla in denna data har för svenska myndigheter därför varit krångligt, och i vissa fall, omöjligt. Det var först i juni 2022 som en lag trädde i kraft, RB 28:10 genomsökning på distans, som gjorde det möjligt för utredare att gå in i molntjänster och leta efter bevismaterial. I denna uppsats har semi-strukturerade intervjuermed IT-forensiker och åklagare genomförtsoch analyserats.Resultatet visar att upplevelsen av lagen är positiv; att den kom hastigt men att den var behövlig. Däremot har den skapat mer arbete för IT-forensiker som en konsekvens. Kompletterande har ett experiment av molndata tillhörande ett Google-konto undersökts med hjälp av två IT-forensiska verktyg, vilket resulterat i att en skillnad i verktygens identifiering av raderad data uppmärksammats. Slutligen påvisar uppsatsen och dess resultat att lagen,genomsökning på distans, och utvinning av molndata försett brottsbekämpningen med data av högt bevisvärde och möjliggjort utredningar som tidigare inte var möjligt enligt lag. / The constant digitalization of our world poses a challenge to our governments in developing laws correspondingly. This divergence is something cybercriminals exploit. Criminal activity taking place in the cyberspace, specifically through cloud platforms, has been difficult for law enforcement to regulate and prosecute, partially due to the information needed is kept in servers outside of jurisdiction. In Swedish law enforcement this has caused the acquisition of valuable cloud data, in some cases, impossible, consequently leading to unsolved cases. As of June 2022, a new law regarding means of coercion took effect which enabled the recovery of account specific cloud data. In this work semi-structured interviews, with IT-forensics and prosecutors, were conductedand analyzed. The result shows that the experience of the law is positive, that it came abruptlybut that it was necessary. However, it has created more work for IT-forensics as a consequence. In addition, an experiment involving cloud data belonging to a Google account has been investigated with the help of two IT-forensic tools, which resulted in the observation of a variation in the tools' identification of deleted data. Finally, the paper and its findings demonstrate that the law and cloud data mining have provided law enforcement with high probative value data and enabled investigations previously not lawfully possible. IT-forensics Digital Forensics Means of Coercion Cloud Forensics Magnet AXIOM Cellebrite UFED Cloud Google services Tvångsmedel RB 28:10 Genomsökning på distans Digital forensik Molnforensik Magnet AXIOM Cellebrite UFED Cloud Googletjänster Computer and Information Sciences Data- och informationsvetenskap
115	The Challenges Facing Law Enforcement In Live-Streamed Child Sexual Abuse Cases Daniel Dale Spencer III (16642371) 07 August 2023 (has links) <p>The live streaming of child sexual abuse is a serious problem that demands urgent attention from law enforcement, legislature, and the platforms that it occurs on. While child sexual exploitation and abuse crimes have been occurring for decades, the growing number of internet users combined with the recent Covid-19 outbreak has shifted a lot of these crimes online. Crimes that occur over live streams are particularly difficult to investigate. Previous research has highlighted four main types of challenges associated with these types of cases: legislative, social, technical, and investigative. While studies have been conducted that explored these challenges individually, this study fills a research gap by exploring which of these challenges affect law enforcement personnel that work live-streamed child sexual abuse cases post-Covid-19. For this study, an anonymous online survey was sent out to law enforcement individuals and agencies nationwide. The survey was actively distributed for one month. Out of the 29 responses received, 13 participants qualified to take the survey and were asked about the challenges they faced working these types of cases and about any solutions to these challenges. After collecting the data, descriptive statistics identified the challenges, and a thematic analysis was conducted. Following a grounded theory process, the analysis identified five main themes that encompassed multiple types of challenges and solutions. These themes were: a lack of consensus, education, the role of application service providers and platforms, a need for better technology, and out-of-jurisdiction challenges. These themes explored in-depth the participants’ responses and further identified the challenges facing law enforcement that work live-streamed child sexual abuse cases, as well as any current solutions to these challenges. Two main challenges frequently mentioned by the participants were end-to-end encryption and anonymizing services, and one of the main solutions to many of the challenges was the education of parents, children, and legislators. For future research, the author recommends exploration of the following topics: the investigation of the factors that play strong roles in determining the time it takes to investigate live-streamed child sexual abuse cases, research related to how AI could assist law enforcement working these cases, further exploration of a framework for the education of parents and children about social media usage and the risks of live streaming, how social platforms can be used in many ways, and research that examines how often law enforcement encounters live-streamed child sexual abuse cases/whether these cases are common or not. </p> Causes and prevention of crime Cybercrime Victims Digital forensics Law, science and technology live stream abuse online child sexual abuse online child sexual exploitation live-streamed child sexual abuse law enforcement survey live stream challenges
116	MIXED-METHODS ANALYSIS OF SOCIAL-ENGINEERING INCIDENTS Grusha Ahluwalia (13029936) 29 April 2023 (has links) <p> </p> <p>The following study is a research thesis on the subject matter of Social Engineering (SE) or Social Engineering Information Security Incidents (SEISI). The research evaluates the common features that can be used to cover a social engineering scenario from the perspectives of all stakeholders, at the individual and organizational level in terms of social engineering Tactics, Techniques, and Procedures (TTP). The research utilizes extensive secondary literary sources for understanding the topic of Social Engineering, highlights the issue of inconsistencies in the existing frameworks on social engineering and, addresses the research gap of availability of reliable dataset on past social engineering incidents by information gathered on the common themes of data reported on these. The study annotates salient features which have been identified in several studies in the past to develop a comprehensive dataset of various social engineering attacks which could be used by both computational and social scientists. The resulting codebook or the features of a social engineering are coded and defined based on Pretext Design Maps as well as industry standards and frameworks like MITRE ATT&CK, MITRE CVE, NIST, etc. Lastly, Psychological Theories of Persuasion like Dr. Cialdini’s principles of persuasion, Elaboration Likelihood Model, and Scherer’s Typology of Affective Emotional States guides the psychological TTPs of social engineering evaluated in this study. </p> Digital forensics Information security management Social psychology Social Engineering attacks Threat Modelling Principles of Influence & Persuasion MITRE ATT&CK framework
117	Hfs Plus File System Exposition And Forensics Ware, Scott 01 January 2012 (has links) The Macintosh Hierarchical File System Plus, HFS +, or as it is commonly referred to as the Mac Operating System, OS, Extended, was introduced in 1998 with Mac OS X 8.1. HFS+ is an update to HFS, Mac OS Standard format that offers more efficient use of disk space, implements international friendly file names, future support for named forks, and facilitates booting on non-Mac OS operating systems through different partition schemes. The HFS+ file system is efficient, yet, complex. It makes use of B-trees to implement key data structures for maintaining meta-data about folders, files, and data. The implementation of what happens within HFS+ at volume format, or when folders, files, and data are created, moved, or deleted is largely a mystery to those who are not programmers. The vast majority of information on this subject is relegated to documentation in books, papers, and online content that direct the reader to C code, libraries, and include files. If one can’t interpret the complex C or Perl code implementations the opportunity to understand the workflow within HFS+ is less than adequate to develop a basic understanding of the internals and how they work. The basic concepts learned from this research will facilitate a better understanding of the HFS+ file system and journal as changes resulting from the adding and deleting files or folders are applied in a controlled, easy to follow, process. The primary tool used to examine the file system changes is a proprietary command line interface, CLI, tool called fileXray. This tool is actually a custom implementation of the HFS+ file system that has the ability to examine file system, meta-data, and data level information that iv isn’t available in other tools. We will also use Apple’s command line interface tool, Terminal, the WinHex graphical user interface, GUI, editor, The Sleuth Kit command line tools and DiffFork 1.1.9 help to document and illustrate the file system changes. The processes used to document the pristine and changed versions of the file system, with each experiment, are very similar such that the output files are identical with the exception of the actual change. Keeping the processes the same enables baseline comparisons using a diff tool like DiffFork. Side by side and line by line comparisons of the allocation, extents overflow, catalog, and attributes files will help identify where the changes occurred. The target device in this experiment is a two-gigabyte Universal Serial Bus, USB, thumb drive formatted with Global Unit Identifier, GUID, and Partition Table. Where practical, HFS+ special files and data structures will be manually parsed; documented, and illustrated. Hfs+ digital forensics filexray apple forensics mac forensics guid partition table gpt scheme hfs+ volume winhex apple data structure mac partitions apple partitions hfs+ journal hfs+ format Computer Sciences Engineering Forensic Science and Technology
118	<b>Forensic Analysis of Images and Documents</b> Ruiting Shao (18018187) 23 February 2024 (has links) <p dir="ltr">This thesis involves three topics related to forensic analysis of media data. The first topic is the analysis of images and documents that have been created with a scanner. The goal is to detect and identify scanner model from the scanned images/documents. We propose a deep learning system that can automatically learn the inherent features of the scanned images. This system will produce a scanner model identification and a reliability map for a scanned image. The proposed system has shown promising results in the forensic analysis of scanned images. The second topic is related to forensic integrity of scientific papers. The project is divided into multiple tasks, data collection, image extraction, and manipulation detection. We have constructed a dataset of retracted scientific papers that have been verified to have issues with integrity. We design and maintain a web-based Scientific Integrity System for forensic analysis of the images within scientific publications. The third topic is related to media document analysis. Our goal is to identify the publication style for media document, aiding in the potential document manipulation. We are mainly focusing on image-text consistency check, and synthetic tweets analysis. For image-text inconsistency check, we describe a system that can examine an image in document and the corresponding text caption (or other associated text with the image) to check the image/text consistency. For synthetic tweets analysis, we propose a system to detect and identify the text generation models and paraphrase attack models.</p> Natural language processing Computer vision Image processing Multimodal analysis and synthesis Digital forensics Deep learning scanner detection synthetic text analysis media forensics natural language generation (NLG) author attribution image-text consistency social media misinformations scientific integrity Person of Interest
119	<strong>TOWARDS A TRANSDISCIPLINARY CYBER FORENSICS GEO-CONTEXTUALIZATION FRAMEWORK</strong> Mohammad Meraj Mirza (16635918) 04 August 2023 (has links) <p>Technological advances have a profound impact on people and the world in which they live. People use a wide range of smart devices, such as the Internet of Things (IoT), smartphones, and wearable devices, on a regular basis, all of which store and use location data. With this explosion of technology, these devices have been playing an essential role in digital forensics and crime investigations. Digital forensic professionals have become more able to acquire and assess various types of data and locations; therefore, location data has become essential for responders, practitioners, and digital investigators dealing with digital forensic cases that rely heavily on digital devices that collect data about their users. It is very beneficial and critical when performing any digital/cyber forensic investigation to consider answering the six Ws questions (i.e., who, what, when, where, why, and how) by using location data recovered from digital devices, such as where the suspect was at the time of the crime or the deviant act. Therefore, they could convict a suspect or help prove their innocence. However, many digital forensic standards, guidelines, tools, and even the National Institute of Standards and Technology (NIST) Cyber Security Personnel Framework (NICE) lack full coverage of what location data can be, how to use such data effectively, and how to perform spatial analysis. Although current digital forensic frameworks recognize the importance of location data, only a limited number of data sources (e.g., GPS) are considered sources of location in these digital forensic frameworks. Moreover, most digital forensic frameworks and tools have yet to introduce geo-contextualization techniques and spatial analysis into the digital forensic process, which may aid digital forensic investigations and provide more information for decision-making. As a result, significant gaps in the digital forensics community are still influenced by a lack of understanding of how to properly curate geodata. Therefore, this research was conducted to develop a transdisciplinary framework to deal with the limitations of previous work and explore opportunities to deal with geodata recovered from digital evidence by improving the way of maintaining geodata and getting the best value from them using an iPhone case study. The findings of this study demonstrated the potential value of geodata in digital disciplinary investigations when using the created transdisciplinary framework. Moreover, the findings discuss the implications for digital spatial analytical techniques and multi-intelligence domains, including location intelligence and open-source intelligence, that aid investigators and generate an exceptional understanding of device users' spatial, temporal, and spatial-temporal patterns.</p> Spatial data and applications Knowledge representation and reasoning Digital forensics Data engineering and data science Knowledge and information management Digital curation and preservation Cyber Crime Cybersecurity Cyber Forensics DFIR Digital Forensics Incident Response Threat Intelligence Networking Mobile Forensics iOS Forensics Intelligence Open-source Intelligence (OSINT) Location Intelligence GIS Spatial Analysis Spatiotemporal Analysis UAV Forensics GeoDatabase Geodata
120	An Adversarial Approach to Spliced Forgery Detection and Localization in Satellite Imagery Emily R Bartusiak (6630773) 11 June 2019 (has links) The widespread availability of image editing tools and improvements in image processing techniques make image manipulation feasible for the general population. Oftentimes, easy-to-use yet sophisticated image editing tools produce results that contain modifications imperceptible to the human observer. Distribution of forged images can have drastic ramifications, especially when coupled with the speed and vastness of the Internet. Therefore, verifying image integrity poses an immense and important challenge to the digital forensic community. Satellite images specifically can be modified in a number of ways, such as inserting objects into an image to hide existing scenes and structures. In this thesis, we describe the use of a Conditional Generative Adversarial Network (cGAN) to identify the presence of such spliced forgeries within satellite images. Additionally, we identify their locations and shapes. Trained on pristine and falsified images, our method achieves high success on these detection and localization objectives. Image Processing Image Processing Machine Learning Electrical Engineering Computer Engineering Electrical and Computer Engineering ECE Satellite Imagery cGAN Media Forensics Digital Forensics Image Forensic Analysis Spliced Forgery Spliced Objects Splicing Doctored Images Image Manipulation Image Editing Falsified Imagery Forged Images Forgery Localization Forgery Detection

Search results