International Journal of Electronic Security and Digital Forensics (21 papers in press)
Security and Privacy of Adolescents in Social Applications and Networks: Legal Practice of Developing Countries
by Ahmad Ghandour, Viktor Shestak, Konstantin Sokolovskiy
Abstract: The article aims to study the developed countries experience on the legal regulation of cyberbullying among adolescents, to identify existing shortcomings in the developing countries laws, and to develop recommendations for improving the regulatory framework. To do this, the authors have studied the state regulatory practice of the UK, USA, Canada, Malaysia, South Africa and Turkey and analysed the statistics of 2018 on the manifestation of cyberbullying among adolescents in these countries. It turns out that in the countries under review there is either no separate. The percentage of cyber aggression cases among adolescents in developing countries is higher than in developed countries. For example, in South Africa, it is 85%, and in Canada 33%. The results of this study can encourage countries to create separate cyberbullying legislation if they do not have it yet and periodically review and modify already existing legislation.
Keywords: adolescent protection; cyberbullying; depression; regulations; social networks; suicide.
Management of Electronic Ledger: A Constraint Programming Approach for Solving Curricula Scheduling Problems
by Aftab Ahmed Shaikh, Abdullah Ayub Khan
Abstract: Curricula timetabling belongs to the scheduling and planning domain of artificial intelligence, the problem largely recognised by its key importance for initiating and afterward regulating the curricula events. In the literature the issue is reflected as a resources management job against puzzling constraints. The group of hard constraints requires the vital priority and must be removed, whereas the degree of solving of soft constraints upraises the quality scale and leads to optimal solution at the end. Constraint programming is one of the contemporary techniques that shape the research work presented in this article. The research investigates a constraint programming framework to examine over the various datasets. The study proposes and implements three incremental low-level heuristics operated by min-conflict algorithm approach for solving identical but unequal benchmark scheduling instances. The framework is designed in such way to provide fair chance of randomisation and incremental calculation to parameters in order to keep up the accuracy. The acquired prominent results validated the effectiveness and correctness of proposed methodology.
Keywords: heuristic scheduling; constraints programming; problem solving; electronic ledger management.
Cyber Terrorism and its Role in the Outbreak of International Crisis
by Abedalrzag Aldalbeeh, Ahmad Alsharqawi
Abstract: Cyber-terrorism is an important issue that concerns the local and international communities. So that terrorist acts have developed due to the evolution of societies and the scientific and technological progress that societies are witnessing, where they have developed in terms of style and concepts. Therefore, cyber-terrorism has become one of the sources of threat and outbreak of the crisis, whether local, regional or international. One of the most important reasons for developing the concept of cyber-terrorism is the technological revolution. Despite the many advantages offered by the age of technology in facilitating human life, it has become a fertile environment for terrorists to spread their extremist ideology, thus causing. Therefore, this study came to explain the phenomenon of cyber-terrorism and its role in the outbreak of crisis through social media and electronic programs.
Keywords: cyber; terrorism; crisis; technological; revolution; social media; electronic.
Cloud Forensics and Digital Ledger Investigation: A New Era of Forensics Investigation
by Abdullah Ayub Khan, Aftab Ahmed Shaikh, Asif Ali Laghari, M. Malook Rind
Abstract: Nowadays, cloud computing has gained popularity because it provides a platform for pay-as-you-go services, including hardware, software, and operating environment. However, technological resources cannot only be shared; but allocated on-demand to various users. The emerged rate of inevitable vulnerabilities and network crime activities all over the globe. Cybercriminals targets cloud environments. So, the demand for digital investigation is increased drastically. These extreme challenges pose serious issues for the cloud investigation. It has an impact on the researcher community of digital forensics as well. The cloud service providers and customers have yet to establish adequate forensics capacity and support digital forensics investigations on cybercrime activities in the cloud. In this paper, we present a digital forensics-enabled cloud investigation framework. In addition, we survey previous related works based on existing cloud forensics practices, fog forensics, edge forensics, and law and highlight the significant role of cloud computing in digital forensics. Finally, we discuss the technical challenges and limitations along with the future directions.
Keywords: cloud forensics; digital ledger investigation; cybercrime; cloud computing; edge computing; fog applications.
Color image encryption based on an improved Fractional-order logistic map
by Ismail Haddad, Djamel Herbadji, Aissa Belmeguenai, Selma Boumerdassi
Abstract: In this work, we use an improved fractional-order logistic map to introduce a new colour image encryption algorithm. By analysing the Lyapunov exponent and the bifurcation diagram, the map provides a wider range and a uniform distribution of data compared to its classical. It also has additional parameters and thus a larger key space, which makes it better in protection and safety against hacker attacks. Our algorithm relies on random input of pixels in order to obtain a different image in each encryption round to ensure greater protection. The algorithm also provides great permutation and diffusion features. The simulation results and security analysis indicate that our scheme has a good impact on encryption and can withstand various attacks, such as statistical attack, differential attack and data loss and noise attacks.
Keywords: fractional-order; logistic map; image encryption; security analysis.
A New Encryption System for IoT Devices using Embedded Key Cryptosystem
by Shadi Masadeh
Abstract: IoT constrained devices have special phenomena of constrained resources such as power source, memory and processing power. Besides, it is vital to achieve an acceptable level of security and privacy while preserving the IoT device resources. In this paper, a new cryptographic algorithm is developed that would be suitable for securing IoT devices using embedded key cryptosystem. The encryption/decryption processes are achieved by segmenting the message into blocks of certain length. Each block is encrypted/decrypted using a key that is generated according to the segment itself, i.e., the keys are embedded into the blocks. The algorithm adopts two tables; one for the intended character set and the other for the key elements generation. The secrecy of these tables is responsible for securing the key strength. Experimental implementation proves the algorithm feasibility and strength against hackers and intruders.
Keywords: symmetric cryptosystems; key embedding; IoT security; network security.
An Improved Region-based Embedding Technique for Data Hiding and Image Recovery using Multiple ROI and RONI
by Bijay Paikaray, Debabala Swain, Sujata Chakravarty
Abstract: To preserve the sensitive contents of the digital images during their transmission, it is essential to hide them with maximum imperceptibility so that the intruders will not be able to identify visually. The image recovery at the receiver end is equally significant because of the sensitive images, like medical diagnosis images, satellite images, etc. This paper proposes an improved image hiding technique where the sensitive contents of the image are located in multiple regions. These regions get embedded based on histogram analysis of the region of interest (ROI) pixels then hidden in the region of non-interest (RONI). Further, the reverse operations can be applied to the embedded regions and the hidden data are retrieved from RONI. Using this technique, the embedded regions can be easily extracted and recovered with the fully restored without any loss. The proposed work is on multiple ROI with the reliability, integrity, and confidentiality of transmitted images.
Keywords: multiple ROI; region of non-interest; RONI; medical image; image embedding; hiding; imperceptibility; recovery.
Forensics of a Rogue Base Transceiver Station
by Ahmed Landry Sankara, Ramya Shah, Digvijaysinh Rathod
Abstract: GSM represents the most used telecommunication technology by mobile users in various countries. Recent incidence shows that the cyber criminals exploited vulnerabilities in telecommunication by the use of rogue BTS (Base Station Transceiver). The numbers of attacks using rogue BTS surprisingly increases in recent years and mostly in countries where GSM remains the primary telecommunication system. We reproduce an attack scenario such as IMSI catcher, calls/SMS spoofing and calls/SMS interception using YateBTS as the BTS software. We analyzed Raspberry OS (Linux based OS) and YateBTS using forensic softwares such as EnCase and FTK analyzer. We collected and recovered important artifacts related to user activity, user authentication activity, system calls messages from Blade RF, call logs, internet traffic log, custom SMS and BTS configurations which are valuable in a court of law. The recovered artifacts allow us to recreate the truth of the crime.
Keywords: GSM; Rogue BTS; SDR; YateBTS; BladeRF; BTS forensics; Digital Forensics; IMSI catcher; SMS spoofing; FTK; Encase.
Opensource Intelligence and Dark Web User De-anonymisation
by Tashi Wangchuk, Digvijaysinh Rathod
Abstract: The dark web has emerged as a platform where cybercriminals carry out illegal activities. Attempts to investigate and de-anonymise the suspicious dark web users have not been able to keep up with the pace of the dark webs flourishment coupled with dysfunctional tools and techniques. This study proposes and evaluates a dark web investigation framework using a Python-based tool to harvest data from the dark web to derive intelligence for further investigation using the available opensource intelligence (OSINT) tools. In the experimental implementation of the framework and the tool (Dark2Clear), the tool successfully scraped the hidden service URLs, harvested the e-mail addresses of the dark web users, and suspicious e-mail addresses were used as input to the OSINT tools for gathering intelligence to de-anonymise. It was observed that the framework and tool can be effectively used by the investigators to investigate and de-anonymise suspicious dark web users.
Keywords: hidden services; opensource intelligence; dark web; investigation framework; de-anonymisation.
Discover and Safe (DaS): an automated Security Management System for Educational Institutions
by Irfan Ali Kandhro, Umer Khan, Shahrukh Memon, Mohammad Yasir
Abstract: In this paper, we proposed (DaS) automatic security system by the help of Face Recognition. The focus of this automated system is to provide high level security to manage the people entries with face detection. this paper proposes haar cascade algorithm with dip libraries to create a camera-based real-time security management system through face detection and recognition. Haar cascade algorithm is an object detection algorithm which is mainly used in identifying face of any image or a real-time video (by webcam or building camera). The DaS framework worked on two phases: 1) to locate whether the VM is an unintended security; 2) to secure mission critical applications. The DaS access system implemented the face encoding scheme to detect the face and eye which works effectively on light and illumination changes. The results shows that DaS framework can Armor the VM from obscured security problems and steal hidden doors against the attackers.
Keywords: face detection; face recognition; security; haar Face detection; geometrical approach; pictorial approach.
Safe and Secure (SaS): An Automated Library Management System for Monitoring Book Rotation using Face Recognition
by Irfan Ali Kandhro, Fayyaz Ali, Asif Ali Wagan, Iqra Tabassum M, Farhan Afzal
Abstract: The automated safe and secure library management system have proposed using human face recognition for monitoring library activities. The manual monitoring task very difficult and the devices are gaining more importance as the amount of its clients is developing. The automated process reduces the manual efforts and duplication work, and saved energy and time and brings the accurate results. The linear binary pattern histogram (LBPH)system works with face detection and recognition for helping to record the information of end users and consumers. The end-consumers of the software are librarians, students, and teachers. With the help of application, the books get issued to the end-consumer through figuring out the consumer with the assist of face recognition. The system captures the face of the consumer and additionally checks the information of the consumer.
Keywords: Safe and Secure System; Face recognition; computerized / automated library management; information factors; security factors; artificial intelligence; security level.
Policing Perspective on Pre-emptive and Probative Value of CCTV Architecture in Security of Smart City- Gandhinagar, Gujarat, India
by Surbhi Mathur, Krittika Sood
Abstract: Closed circuit television system is the set of hardware and software combined to record the videos, transmit the recorded signals to the video management system and monitor the footages with the intention of providing protection and surveillance. CCTV is now known to be an important part of every persons life, whether at home, office or the roads connecting them. Therefore, it is necessary to analyse the present scenario of the working of CCTV and suggesting effective changes that can be implemented for the successful and more impactful outcomes from it. The targeted experimented group included the individuals employed for the CCTV monitoring and handling, in one of the cities of Gujarat. The survey using a questionnaire was conducted, which gave an explicit result about the effectiveness of CCTV towards the prevention, detection and investigation of crimes along with the current scenario about the awareness of the CCTV and its working among individuals marked as subjects in the current study. The study was funded by the National Forensic Sciences University in collaboration with Bureau of Research and Development in order to gauge and assess the value of CCTV architecture in the security of the smart city.
Keywords: closed circuit television; CCTV; camera; crime; prevention; detection; investigation; awareness; security; privacy.
Aural-Acoustic Analysis & Gender Identification of Morphed Male and Female Audios
by Palak Aneja, Sumit K. Choudhary, Surbhi Mathur
Abstract: Hiding the identity of the criminal is essential from their perspective to avoid getting caught. Crimes like kidnapping, threat calls, and ransom calls often involve the voice of criminals as a crucial piece of evidence. The persons voice is used in the biometric systems for identification as it is unique. Discriminating gender from the questioned audios helps shorten the list of suspects in any offence. In this paper, male voices were compared with morphed male audio and female voices were compared with morphed female audio. To disguise the identity and to study the reliability of the various speaker identification parameters, the female audios were morphed into male audios; and the male audios were morphed into female audios using the same morphing software. In this experiment, 50 female and 50 male voices samples were converted using morphing software, and auditory and acoustic analysis was done for forensic speaker identification. The aural parameters like speech rate, articulation, delivery of speech, dynamic loudness and acoustic parameters like pitch and formant frequency for five vowels were compared.
Keywords: audio; male; female; morphing; speaker; identification; disguise.
Face Recognition challenges due to aging: A Review
by Vernika Mehta, Surbhi Mathur
Abstract: This review paper aims for identifying the challenges faced in face recognition of a person who is seen after a large age gap, discussing about the factors affecting the facial changes during age progression and how to mitigate those challenges by incorporating various identifying, non-variable parameters basis which even a human can recognise a person after a progressed age. The paper intends to introduce the innate quality of persons known as super recognisers who are able to identify an individual even if they have only watched the childhood picture of the person to be found or identified, or even if only 50% of the face to be identified is visible.
Keywords: facial changes; face recognition; age progression; innate quality; super recognisers.
A Platform Independent and Forensically Sound Method to Extract WhatsApp Data from Mobile Phones
by Aritro Sengupta, AMIT SINGH, B.M. Vinjit
Abstract: With the increasing usage of WhatsApp worldwide, for text and media communication, WhatsApp data artefacts are prioritised by forensic investigators and LEAs to examine and prosecute crimes. Nowadays, the well-known conventional methods of extraction are failing to extract the required WhatsApp data due to updated security patches of the operating system and various other hardware updates. Investigation may end up to be intangible due to lack of production of WhatsApp data as evidence before the court of law. In this paper, a forensically sound method of extracting WhatsApp data is discussed which works irrespective of the hardware and software specifications of the mobile phone. Several parameters which detect the efficiency of WhatsApp data extraction have been discussed which are based on state-of-the-art technologies and recent field experience. In the later section, we have compared the proposed method with the other conventional methods of extraction.
Keywords: digital forensic technique; digital forensic tool; mobile forensics; WhatsApp forensics; law enforcement agency; chat crawling; court of law.
A comparative analysis of copy-move forgery detection algorithms
by Mohassin Ahmad, Farida Khursheed
Abstract: Copy-paste/copy-move image forgery is also known as image cloning, in which a portion of an image or entity is copied and pasted to another region of a certain picture. This category of image manipulation has the intent either to conceal the entity or to fabricate the image details. Thus, the authenticity of the photographs in different real-world implementations becomes challenging. The number of cases of image tampering is raising with the simple accessibility of image manipulation tools. Therefore, robust, precise and effective approaches to digital image forgery detection are increasingly required. A study on copy-move forgery detection (CMFD) is performed in this paper using three common schemes and their efficiency is checked and compared on images with rotation and scaling in the copied region. First, we will cover DCT-based CMFD, then adaptive over-segmentation and matching feature point. Finally, CMFD, based on PatchMatch, is addressed. The findings show the very good performance of each system.
Keywords: copy-move forgery detection; CMFD; digital image forensics; discrete cosine transform; DCT; scale invariant feature transform; SIFT; PatchMatch.
Electronic administrative contract: a comparative study
by Noor Issa Al-Hendi
Abstract: This study deals with the electronic administrative contract with the aim of clarifying the legal framework that governs it, by explaining the concept of the electronic administrative contract, its characteristics, the criteria that distinguish it from other contracts, and electronic administrative contract's practical importance. The study also clarifies the legal system for concluding electronic administrative contract, through a statement of rules that governs its conclusion, and the disclosure of modern methods of concluding the contract in Jordanian and French legislations. So, the study will depend on the descriptive and comparative method, as it provides the ability to describe legal texts, judicial decisions related to the subject. Therefore the spread of electronic administration has led to the emergence of contracts that are made through the Internet, so that the parties to the contract can dialogue through this network, and the administration apply the public law.
Keywords: electronic administrative contract; electronic public administration; public interest; public utility; electronic public tenders.
Big data analysis and forensics
by Asia Othman Aljahdali, Ghalia Alluhaib, Rasha Alqarni, Majdah Alsharef, Amal Alsaqqaf
Abstract: This study provides an insight into one of digital forensics' needs by analysing big data. Digital forensics is one of the branches of forensic science specialised in recovering data from digital devices for investigation for purposes of computer crime or other goals. The study shows that the main challenges faced by digital investigators are those relating to the storage, management, and analysis of a large amount of data of various types, including organised and semi-organised. Investigators rely on specific tools to handle big data like Hadoop, Spark Apache, and SAS. Hadoop provides a system for storing massive files on distributed files and analysing their components, while Spark Apache provides quick analysis of distributed data without storing it. SAS visual analysis of big data provides fast support for data discovery and visualisation via a memory drive. An overview of these three big data technologies is reviewed through their components and the processes by which these features are compared and then compared. The study shows how the greatest benefit is achieved by bringing these tools together when using rather than relying on one and not the other.
Keywords: big data; digital forensics; Hadoop; Spark Apache; SAS.
A framework for evaluating cyber forensic tools
by Sunil Gupta, Pradeep Kumar Arya, Sri Vemuri Dwijesh Sai, Sri Sai Bhargav Nagandla
Abstract: Digital forensics has always been a versatile and high stress field. Perpetrators use various methods to commit crimes and find ways to evade the authorities. Forensic investigators use automated software tools to gather evidence to present in a court of law. Admissibility of evidence has always been questioned in the court. There have been many methods developed to validate and verify the forensics. But very often, forensic investigators lack resources to conduct some of these tests and as for some of them, they are outdated and do not apply to the current scenario. This study explores such methodologies and introduces a new paradigm which will complement the problems with previously proposed works. The proposed paradigm is not only a fast solution relatively, but it can also be easily used by beginners. We aimed to make the most time effective and cost-effective solution. We have also included a performance testing methodology to make our paradigm more tolerable and fail proof. The proposed algorithm will also specify the total number of observations that need to be taken to tolerate the errors.
Keywords: cyber forensic tools; testing; functional mapping; performance; accuracy.
Extracted rule-based technique for anomaly detection in a global network
by Nureni A. Azeez, Ogunlusi E. Victor, Sanjay Misra, Robertas Damaševičius, Rytis Maskeliunas
Abstract: Phishing attacks deceive internet users into revealing sensitive information over the internet to the cybercriminals. The disguise as a result of phishing involves the creation of fake websites that are look-alikes of reputable websites. In this paper, a rule-based method to detect phishing attacks in a global network is presented. Four machine learning models were trained on a dataset consisting of 14 features. The machine learning algorithms used are K-nearest neighbour (kNN), support vector machine (SVM), random forest (RF), and naïve Bayes (NB). With the random forest model, a true positive of 100% and an accuracy of 98.35% were achieved. Rules were then extracted from the random forest model and embedded in a web browser extension called PhishAlert for easy application. Evaluation of the rules shows PhishAlert as an efficient tool for phishing detection. With this technique, the internet users can be easily guided and protected against cybercriminals.
Keywords: phishing attack; machine learning; web browser; fake websites.
Detection of injections in API requests using recurrent neural networks and transformers
by A. Sujan Reddy, Bhawana Rudra
Abstract: Application programming interfaces (APIs) are playing a vital role in every online business. The objective of this study is to analyse the incoming requests to a target API and flag any malicious activity. This paper proposes a solution based on sequence models and transformers for the identification of whether an API request has SQL injections, code injections, XSS attacks, operating system (OS) command injections, and other types of malicious injections or not. In this paper, we observe that transformers outperform B-RNNs in detecting malicious activity which is present in API requests. We also propose a novel heuristic procedure that minimises the number of false positives. We observe that the RoBERTa transformer outperforms and gives an accuracy of 100% on our dataset. We observe that the heuristic procedure works well in reducing the number of false positives when a large number of false positives exist in the predictions of the models.
Keywords: vanilla recurrent neural networks; recurrent neural networks; RNNs; long short-term memory; gated recurrent units; GRU; security; application programming interfaces; API; bidirectional recurrent neural networks; BERT; structured query language; SQL.