Development of site investigation and remediation strategies at petroleum- hydrocarbon contaminated site

Yang, Jui-Hsin

13 February 2012

Soil and groundwater is the final receptor environment of contamination on land, especially easy to contaminate groundwater aquifers, because of the underground environment often obscure, it is difficult to clarify the scope of pollution, in addition, the transport and chemical transformation process are also difficult to evaluate. Resulting that although consumes on huge cost and materials, and times on oil contaminated site investigation and remediation, obtaining the solution of the problem is still hard. In this study, it combines with the environmental site assessment and the triad rapid investigation, the establishment of site contamination conceptual model, the key designated contaminated area, collect samples of the implementation for laboratory analysis, Moreover, use cyclic evaluation process, continuously updated site conceptual model, to clarify the distribution of contaminated sites, impact of pollution, hydro-geological characteristics and pollution sources. It also discussed the effective reduction of pollution critical area, to obtain high-density results, in order to improve sampling and analysis to make the efficiency of the case of site investigation, and using environmental forensic techniques to determine and provide the evidence of pollution sources. ESA phase I implements the key results of the preliminary delineation of contaminated areas, soil and groundwater pollution concerns and possible sources of material. ESA phase II evaluates preliminary assessment of sites contaminated soil contamination is a high carbon number of oil and contaminants move to the surface to deeper soil 9 m at the lower, deeper pollution range is unknown. Groundwater test results garnered less than control standards, but the detection of trace gas station in MTBE, it is included in the possible sources of pollution. Taking ESA phase II assessment in a further analysis, the soil contaminants are TPHC10-C40 based, contamination depth of 8m, gas station area within the tank and pipeline testing values are low, there is no sign of oil leakage. Pollution more than 5m in depth the most serious, TPH concentrations in general are 10,000 mg/kg or more, the depth of 5m and the following have been significantly reduced, TPH concentrations than in the 5,000 mg/kg or less. Interviews showed that the specific relationship between the people, suspected underground oil refining line set 40 years ago, suspected of shipping oil from the waste obtained after the hull, after the system by then resold for profit. Identification of pollution sources than the results, TPHC10-C40 carbon number distribution or pattern of the peak are more similar to diesel. TIC illustration showed that the distillate oil mixture for two, than the peak apex, suggesting that the low-carbon should be diesel fuel, and the high-carbon would be fuel. Pr/Ph ratio than, presumably with the CPC diesel from different sources. Alkyl bicyclic sesquiterpene class fingerprint comparison results, the shape of the fingerprint sample slightly different, but the main features of the same types of compounds. Analysis of aromatic compounds, indicators showed that the samples compound ratio of methyl phenanthrene and methyl dibenzothiophene isomers, dibenzothiophene, and phenanthrene isomers are closer. Integrated fingerprint analysis (fingerprinting) results, similar to the site characteristics of pollutants, for the same pollution source. The site is semi-volatile pollutants, substances insoluble in water, more stored in the main pollution silt/clay layer, subject to geological conditions, ground remediation techniques are more difficult to grasp in the transmission path, remediation systems that require high density, break through the bottleneck transmission path, but a majority of sites on private land, during the remediation process it is difficult to obtain the burgage, therefore, it would be fit the inappropriate comprehensive ground handling. Subsequent remediation plan can be removed towards the high pollution of soil pollution, and long-term monitoring of permeable reactive barrier type with natural degradation. Recommendations for the future studies can be dust inhalation and skin contact with soil, groundwater ingestion, inhalation and skin contact exposure pathways for risk assessment, site management provided a basis for administrative control.

environmental site assessments

environmental forensics

triad system

fingerprinting

Analytical inverse model for post-event attribution of plutonium

Miller, James Christopher

15 May 2009

An integral part of deterring nuclear terrorism is the swift attribution of any event to a particular state or organization. By quickly being able to identify the responsible party after a nuclear event, appropriate people may be held accountable for their actions. Currently, there is a system in place to determine the origin of nuclear devices and materials from post-event data; however, the system requires significant time to produce an answer within acceptable error margins. Described here is a deterministic approach derived from first principles to solve the inverse problem. The derivation starts with the basic change rate equation and ends in relationships for important nuclear concentrations and device yield. This results in a computationally efficient and timely method for producing an estimate of the material attributes. This estimate can then be used as a starting point for other more detailed methods and reduce the overall computation time of the post-event forensics. This work focused on a specific type of nuclear event: a plutonium improvised nuclear device (IND) explosion. From post-event isotopic ratios, this method determines the device’s pre-event isotopic concentrations of special nuclear material. From the original isotopic concentrations, the field of possible origins for the nuclear material is narrowed. In this scenario, knowing where the nuclear material did not originate is as important as knowing where it did. The derived methodology was tested using several cases of interest including simplified and realistic cases. For the simplistic cases, only two isotopes comprised the material being fissioned. In the realistic cases, both Weapons Grade and Reactor Grade plutonium were used to cover the spectrum of possible fissile material to be used by terrorists. The methodology performed very well over the desired energy range. Errors were under two percent from the expected values for all yields under 50 kT. In the realistic cases, competing reactions caused an increase in error; however, these stayed under five percent. As expected, with an increased yield, the error continued to rise, but these errors increased linearly. A sensitivity analysis was performed on the methodology to determine the impact of uncertainty in various physical constants. The result was that the inverse methodology is not overly sensitive to perturbations in these constants.

nuclear attribution

nuclear forensics

improvised nuclear device

inverse problem

Network Monitoring on Large Networks

Wei, Chuan-pi

06 July 2004

There seems to be more security events happening on the network nowadays, so the administrators have to be able to find the malicious activities in progress as soon as possible in order to launch effective and efficient countermeasures. The Network administrators need to monitor the networks through collecting real time traffic measurement data on their networks, but they might find that the data gathered seems to be too little or too much detail. SNMP-based tools traditionally adopted most often give too little. However, packet sniffing tools investigate too much, so that the performance is sacrificed, especially on a large network with heavy traffic. Flows are defined as a series of packets traveling between the two communicating end hosts. Flow profiling functionality is built into most networking devices today, which efficiently provide the information required to record network and application resource utilization. Flow strikes a balance between detail and summary. NetFlow is the de facto standard in flow profiling. We introduce¡A describe¡Aand investigate its features, advantages, and strengths. Many useful flow-related tools are freely available on the Internet. A mechanism is proposed to make use of the flow logs to monitor the network effectively and efficiently. Through verification, it is believed that using flow logs can benefit the network administrator so much. The administrators can use them for timely monitoring, DoS and worm propagation detection, forensics et al.

NetFlow

worm propagation

flow profiling

network monitoring

DoS

security forensics

Nuclear forensics: attributing the source of spent fuel used in an RDD event

Scott, Mark Robert

29 August 2005

An RDD attack against the U.S. is something America needs to prepare against. If such an event occurs the ability to quickly identify the source of the radiological material used in an RDD would aid investigators in identifying the perpetrators. Spent fuel is one of the most dangerous possible radiological sources for an RDD. In this work, a forensics methodology was developed and implemented to attribute spent fuel to a source reactor. The specific attributes determined are the spent fuel burnup, age from discharge, reactor type, and initial fuel enrichment. It is shown that by analyzing the post-event material, these attributes can be determined with enough accuracy to be useful for investigators. The burnup can be found within a 5% accuracy, enrichment with a 2% accuracy, and age with a 10% accuracy. Reactor type can be determined if specific nuclides are measured. The methodology developed was implemented into a code call NEMASYS. NEMASYS is easy to use and it takes a minimum amount of time to learn its basic functions. It will process data within a few minutes and provide detailed information about the results and conclusions.

RDD

Forensics

Nuclear

Dirty Bomb

Attribute

Attribution

Spent Fuel

The simultaneous quantification of fissile U and Pu nuclides using delayed neutron activation analysis

Kapsimalis, Roger James, 1985-

14 October 2013

The ability to quickly and accurately quantify fissile constituents in bulk materials remains essential to many aspects of nuclear forensics and for safeguarding nuclear materials and operations. This often entails the analysis of trace quantities of nuclear debris or effluents, and typically requires bulk sample digestion followed by actinide separation and mass spectrometry. Because destructive methods are time and labor intensive, efforts have been made to develop alternative nondestructive methods for this type of analysis. This work, performed at Oak Ridge National Laboratory at the High Flux Isotope Reactor (HFIR), seeks to utilize delayed neutron activation analysis on samples of interest containing multiple fissile constituents. Based on the variances in the fission product yields of individual fissile nuclides, this work utilizes methods of linear regression to derive a technique that allows for such analysis, forgoing chemical separation and using only a single irradiation and counting step. / text

Uranium

Plutonium

Delayed neutron activation analysis

Nondestructive assay

Nuclear forensics

Transmission genetics of pancreatic acinar atrophy in the German Shepherd Dog and development of microsatellite DNA-based tools for canine forensics and linkage analysis

Clark, Leigh Anne

30 September 2004

The domestic dog, Canis lupus familiaris, has emerged as a model system for the study of human hereditary diseases. Of the approximately 450 hereditary diseases described in the dog, half have clinical presentations that are quite similar to specific human diseases. Understanding the genetic bases of canine hereditary diseases will not only complement comparative genetics studies but also facilitate selective breeding practices to reduce incidences in the dog. Whole genome screens have great potential to identify the marker(s) that segregate with canine hereditary diseases for which no reasonable candidate genes exist. The Minimal Screening Set-1 (MSS-1) was the first set of microsatellite markers described for linkage analysis in the dog and was, until recently, the best tool for genome screens. The MSS-2 is the most recently described screening set and offers increased density and more polymorphic markers. The first objective of this work was to develop tools to streamline genomic analyses in the study of canine hereditary diseases. This was achieved through the development of 1) multiplexing strategies for the MSS-1, 2) a multiplex of microsatellite markers for use in canine forensics and parentage assays and 3) chromosome-specific multiplex panels for the MSS-2. Multiplexing is the simultaneous amplification and analysis of markers and significantly reduces the expense and time required to collect genotype information. Pancreatic acinar atrophy (PAA) is a disease characterized by the degeneration of acinar cells of the exocrine pancreas and is the most important cause of exocrine pancreatic insufficiency (EPI) in the German Shepherd Dog (GSD). Although the prognosis for dogs having EPI is typically good with treatment, many dogs are euthanized because the owners are unable to afford the expensive enzyme supplements. The second objective of this work was to determine the mode of transmission of EPI in the GSD and conduct a whole genome screen for linkage. Two extended families of GSDs having PAA were assembled and used to determine the pattern of transmission. The results of this indicate that PAA is an autosomal recessive disease. The multiplexed MSS-1 was used to conduct an initial whole genome screen, although no markers were suggestive of linkage.

canine genetics

pancreatic acinar atrophy

hereditary diseases

linkage

microsatellite

forensics

Proactive System for Digital Forensic Investigation

Alharbi, Soltan Abed

07 April 2014

Digital Forensics (DF) is defined as the ensemble of methods, tools and techniques used to collect, preserve and analyse digital data originating from any type of digital media involved in an incident with the purpose of extracting valid evidence for a court of law. DF investigations are usually performed as a response to a digital crime and, as such, they are termed Reactive Digital Forensic (RDF). An RDF investigation takes the traditional (or post-mortem) approach of investigating digital crimes after incidents have occurred. This involves identifying, preserving, collecting, analyzing, and generating the final report. Although RDF investigations are effective, they are faced with many challenges, especially when dealing with anti-forensic incidents, volatile data and event reconstruction. To tackle these challenges, Proactive Digital Forensic (PDF) is required. By being proactive, DF is prepared for incidents. In fact, the PDF investigation has the ability to proactively collect data, preserve it, detect suspicious events, analyze evidence and report an incident as it occurs. This dissertation focuses on the detection and analysis phase of the proactive investigation system, as it is the most expensive phase of the system. In addition, theories behind such systems will be discussed. Finally, implementation of the whole proactive system will be tested on a botnet use case (Zeus). / Graduate / 0984 / 0537 / soltanalharbi@hotmail.com

Digital Forensics

Reactive Digital Forensic

Proactive Digital Forensic

Proactive System for Digital Forensic Investigation

Alharbi, Soltan Abed

07 April 2014

Digital Forensics (DF) is defined as the ensemble of methods, tools and techniques used to collect, preserve and analyse digital data originating from any type of digital media involved in an incident with the purpose of extracting valid evidence for a court of law. DF investigations are usually performed as a response to a digital crime and, as such, they are termed Reactive Digital Forensic (RDF). An RDF investigation takes the traditional (or post-mortem) approach of investigating digital crimes after incidents have occurred. This involves identifying, preserving, collecting, analyzing, and generating the final report. Although RDF investigations are effective, they are faced with many challenges, especially when dealing with anti-forensic incidents, volatile data and event reconstruction. To tackle these challenges, Proactive Digital Forensic (PDF) is required. By being proactive, DF is prepared for incidents. In fact, the PDF investigation has the ability to proactively collect data, preserve it, detect suspicious events, analyze evidence and report an incident as it occurs. This dissertation focuses on the detection and analysis phase of the proactive investigation system, as it is the most expensive phase of the system. In addition, theories behind such systems will be discussed. Finally, implementation of the whole proactive system will be tested on a botnet use case (Zeus). / Graduate / 0984 / 0537 / soltanalharbi@hotmail.com

Digital Forensics

Reactive Digital Forensic

Proactive Digital Forensic

Moving toward stasis the desirability of a rhetoric revival in contemporary american legal training /

Canup, Jeffrey A. Poster, Carol.

January 2004

Thesis (M.A.)--Florida State University, 2004. / Advisor: Dr. Carol Poster, Florida State University, College of Arts and Sciences, Dept. of English. Title and description from dissertation home page (viewed Sept. 22, 2004). Includes bibliographical references.

Ανάλυση μεθόδων και ανάπτυξη εργαλείου για αυτοματοποίηση διαδικασιών ανάλυσης αποδεικτικών στοιχείων υπολογιστών

Σερέτης, Δημήτριος

07 April 2011

H τεράστια ανάπτυξη του διαδικτύου οδηγεί καθημερινά στην μετατροπή των δεδομένων του φυσικού κόσμου σε ψηφιακή - ηλεκτρονική μορφή. Καθώς σχεδόν οποιαδήποτε υπηρεσία ή οργανισμός, ιδρύματα, εταιρείες και ιδιώτες χρησιμοποιούν υπολογιστές με πρόσβαση στο διαδίκτυο τις περισσότερες φορές για την διαχείριση των δεδομένων τους, η αξία της πληροφορίας που συγκεντρώνεται στο διαδίκτυο αποκτά τεράστιες διαστάσεις και γίνεται ένα θέμα που ολοένα και περισσότερο συζητιέται. Σε πολλές περιπτώσεις μάλιστα, ολόκληρη η πληροφορία είναι αποθηκευμένη σε ψηφιακά μέσα, χωρίς να υπάρχει σε έντυπη ή αναλογική μορφή. Ο πληθυσμός του Internet αν και έχει ακουστά πολλές περιπτώσεις παραβίασης της ασφάλειας συστημάτων και κλοπής δεδομένων, δεν έχει δεχτεί μια ολοκληρωμένη εκπαίδευση σε θέματα που αφορούν την δικτυακή ασφάλεια. Οι περισσότεροι χρήστες βρίσκονται σε σύγχυση όσον αφορά την ασφάλεια των δεδομένων τους, μην γνωρίζοντας τους κινδύνους και τις απειλές που αντιμετωπίζουν, ενώ οι εταιρείες παροχής υπηρεσιών -είτε πρόκειται για email, είτε για υποβολή φορολογικών δηλώσεων και web banking- εθίζουν τους χρήστες σε πρακτικές χαμηλής ασφάλειας και παρέχουν μια αίσθηση ότι ασχολούνται αποτελεσματικά με την ασφάλεια των δεδομένων τους. Στην διπλωματική αυτή εργασία προσπαθήσαμε να κατανοήσουμε τα προβλήματα ασφαλείας που υπάρχουν και τις επιπτώσεις τους. Λαμβάνουμε υπόψη θέματα ασφαλείας που σχετίζονται με το TCP/IP και περιγράφουμε το μοντέλο OSI. Αναλύουμε την εξέλιξη των επιθέσεων και τα τρωτά σημεία που εκμεταλλεύονται συνήθως οι εισβολείς. Περιγράφουμε την μεθοδολογία με την οποία δρα ένας εισβολέας καθώς και εργαλεία που χρησιμοποιεί. Στην συνέχεια επικεντρωνόμαστε στις δυνατότητες που έχουν οι διαχειριστές συστημάτων για την προστασία των σταθμών εργασίας, των εξυπηρετητών και στην προστασία του δικτύου στο σύνολό του. Δώσαμε έμφαση στην διαδικασία παραβίασης ενός εξυπηρετητή του διαδικτύου και προτείναμε τρόπους θωράκισης. Αναφέραμε επίσης συστήματα ανίχνευσης εισβολών που υπάρχουν και τα κατηγοριοποιήσαμε. Τέλος αναπτύξαμε μια σειρά από εργαλεία που χρησιμοποιούνται στις εγκληματολογικές έρευνες, για συλλογή και ανάλυση των δεδομένων που υπήρξαν σε κάποιο συμβάν. Συνοψίζοντας, η διπλωματική εργασία έχει ως κύριο στόχο να ενημερώσει για θέματα ασφάλειας που απασχολούν τόσο έναν διαχειριστή ενός υπολογιστικού συστήματος, όσο και τον απλό χρήστη που αναζητά προστασία στον κόσμο της πληροφορίας και της δικτύωσης. / -

005.8

Computer forensics