Digital forensics

Computing operates in an almost universally networked environment, but the technical aspects of information protection have not kept up. As a result, the success of information security programs has increasingly become a function of our ability to make prudent management decisions about organizational activities. Managing Network Security takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.     

Digital forensics of printed source identification for Chinese characters

Recently, digital forensics, which involves the collection and analysis of the origin digital device, has become an important issue. Digital content can play a crucial role in identifying the source device, such as serve as evidence in court. To achieve this goal, we use different texture feature extraction methods such as graylevel co-occurrence matrix (GLCM) and discrete wavelet transform (DWT), to analyze the Chinese printed source in order to find the impact of different output devices. Furthermore, we also explore the optimum feature subset by using feature selection techniques and use support vector machine (SVM) to identify the source model of the documents. The average experimental results attain a 98.64 % identification rate which is significantly superior to the existing known method of GLCM by 1.27 %. The superior testing performance demonstrates that the proposed identification method is very useful for source laser printer identification.     

Digital image forensics: a booklet for beginners

Digital visual media represent nowadays one of the principal means for communication. Lately, the reliability of digital visual information has been questioned, due to the ease in counterfeiting both its origin and content. Digital image forensics is a brand new research field which aims at validating the authenticity of images by recovering information about their history. Two main problems are addressed: the identification of the imaging device that captured the image, and the detection of traces of forgeries. Nowadays, thanks to the promising results attained by early studies and to the always growing number of applications, digital image forensics represents an appealing investigation domain for many researchers. This survey is designed for scholars and IT professionals approaching this field, reviewing existing tools and providing a view on the past, the present and the future of digital image forensics.     

Digital forensics of microscopic images for printed source identification

Multimedia Tools and Applications - When trying to identify a printed forged document, examining digital evidence can prove to be a challenge. In this study, microscopic images are used for printed...     

Digital multimedia audio forensics: past,present and future

Multimedia Tools and Applications - Digital audio forensics is used for a variety of applications ranging from authenticating audio files to link an audio recording to the acquisition device (e.g.,...     

基于身份的数字签名方案研究

基于身份的密码系统简化了公钥钥证书的管理,目前基于身份的数字签名已成为公钥加密的的一个研究热点,而安全性是构建基于身份的数字签名方案的重要因素。介绍了基于身份的数字签名技术,并给出了方案模型和安全模型。应用该模型可构建安全而又高效的基于身份的数字签名方案。     

Ergonomics issues in national identity card for homeland security

Ever since the 9/11 terrorist attack, many countries are considering the use of smart national identity card (SNIC) which has the ability to identify terrorists due to its biometric verification function. However, there are many ergonomics issues in the use of SNIC, e.g. card credibility. This research presents a case study survey of Malaysian users. Although most citizens (>96%) own MyKad (Malaysia SNIC), many do not carry it around and use its applications. This defeats one of its main purposes, i.e. combating terrorism. Thus, the research investigates ergonomics issues affecting the citizens’ Intention to Use (ITU) MyKad for homeland security by using an extended technology acceptance model. Five hundred questionnaires were collected and analysed using structural equation modelling. Results show that perceived credibility and performance expectancy are the key issues. The findings provide many countries with insights into methods of addressing ergonomics issues and increasing adoption of SNIC for homeland security.     

计算机取证及其证据链形成

分析计算机取证的技术基点,微格细化计算机证据形成证据链的技术流程,归纳出证据链形成过程中的获取与固化、鉴定与研判,存档与呈现等主要阶段的工作内容,为开展相关研究提供参考.     

数字取证趋向及特点研究

将从数字取证的定义、发展趋向、本质特点等方面对已有的研究成果进行总结归纳,以使读者对于数字取证的研究方法、研究特点和发展方向等能有一个比较全面的了解,为开展相关研究提供参考。     

云计算反取证的关键技术及其应用

云计算技术的迅猛发展,其带来的商业运营和信息服务模式的变化,为越来越多的企业所接受后,作为信息系统核心的数据中心也开始一步步地朝着云计算数据中心发展。在云计算环境下,云计算信息系统主要由云计算数据中心和用户端组成。数据中心是核心,是大脑,是所有资源汇集之处,是信息的枢纽,它通过网络向企业或公众提供信息服务。本文将结合云计算关键技术,对计算机反取证技术进行研究,有利于计算机取证人员的取证有效性。     

浅析当前网络犯罪特点及取证对策

本文介绍了当前网络犯罪打击的难点以及提出了一系列的思考与对策,给公安机关执法人员在对待各种新的网络犯罪时,提供了新的启示和策略。     

Honeypot forensics part 1: analyzing the network

A major goal of honeypot research is to improve our knowledge of blackhats from two perspectives: technical and ethnological. For the former we want new ways to discover rootkits, Trojans, and potential zero-day exploits. For the latter, we want a better understanding of the areas of interest and hidden links between blackhat teams. One way to achieve these goals is to increase the verbosity of our honeypot logs and traces so that we learn every single action the intruder made. The most common tools for doing this are Sebek for system events and Snort for network activity. Unfortunately, there is no easy way to correlate information from these sources, which complicates honeypot forensics. Although computer forensics focuses on analyzing a system once we suspect it has been compromised, we expect honeypots to be compromised. Thus, honeypot forensics focuses on understanding the blackhat's techniques and tools, before and after its intrusion on the honeypot. The article looks at: network activity analysis; building the network timeline; and tools and techniques.