Digital Forensics and Cyber Crime: 12th EAI International Conference, ICDF2C 2021, Virtual Event, Singapore, December 6-9, 2021, Proceedings (Lecture ... and Telecommunications Engineering, 441)
معرفی کتاب «Digital Forensics and Cyber Crime: 12th EAI International Conference, ICDF2C 2021, Virtual Event, Singapore, December 6-9, 2021, Proceedings (Lecture ... and Telecommunications Engineering, 441)» نوشتهٔ Pavel Gladyshev (editor), Sanjay Goel (editor), Joshua James (editor), George Markowsky (editor), Daryl Johnson (editor)، منتشرشده توسط نشر Springer International Publishing AG در سال 2022. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.
This book constitutes the refereed proceedings of the 12th International Conference on Digital Forensics and Cyber Crime, ICDF2C 2021, held in Singapore in December 2021. Due to COVID-19 pandemic the conference was held virtually. The 22 reviewed full papers were selected from 52 submissions and present digital forensic technologies and techniques for a variety of applications in criminal investigations, incident response and information security. The focus of ICDS2C 2021 was on various applications and digital evidence and forensics beyond traditional cybercrime investigations and litigation. Preface Organization Contents Quantifying Paging on Recoverable Data from Windows User-Space Modules 1 Introduction 2 Background 3 Related Work 4 Quantification and Characterization of the Windows Paging Mechanism 4.1 Description of Experiments 4.2 Discussion of Results 5 Detection of Malware in Memory Forensic Analysis: Current Problems and Solutions Issue 1. Content Discrepancy Between an Image File and Its Module Image Issue 2. Lack of Data in a Memory Dump Issue 3. Inaccuracy of a Memory Dump Issue 4. Stealthy Malware 6 Conclusions and Future Directions References Forensic Investigations of Google Meet and Microsoft Teams – Two Popular Conferencing Tools in the Pandemic 1 Introduction 2 Literature Review 3 Experimental Setup 4 Experimental Findings on MS Teams 4.1 Disk Forensics for MS Teams 4.2 Memory Forensics for MS Teams 4.3 Network Forensics for MS Teams 4.4 Registry Forensics for MS Teams 4.5 Evaluation of Findings for MS Teams 5 Experimental Findings on Google Meet 5.1 Memory Forensics for Google Meet 5.2 Network Forensics for Google Meet 5.3 Browser Forensics for Google Meet 5.4 Evaluation of Findings in Google Meet 6 Conclusions References On Exploring the Sub-domain of Artificial Intelligence (AI) Model Forensics 1 Introduction 2 Background and Motivation 2.1 Principles of Digital Forensics Overview 2.2 Model Generation and Deployment Overview 3 Literature Review 3.1 Cloud Forensics 3.2 Software Forensics 3.3 Network Forensics 4 Case Study: Model Forensics of an Autonomous Need-for-Surgery Classifier 5 Blockchain and AI Model Forensics 6 AI Model Ballistics 7 Challenges of AI Model Forensics 8 Conclusion References Auto-Parser: Android Auto and Apple CarPlay Forensics 1 Introduction 2 Related Work 2.1 Vehicular Forensics 2.2 Mobile and Application Forensics 3 Methodology 3.1 Setup and Scenario Creation 3.2 Data Acquisition 4 Experimental Results 4.1 Major Artifacts Found - Apple CarPlay 4.2 Major Artifacts Found - Android Auto 5 Tool Creation and Usage 6 Conclusion and Future Work A Appendix - Sample Tool Reports B Appendix - Table2 - Relevant Artifacts References Find My IoT Device – An Efficient and Effective Approximate Matching Algorithm to Identify IoT Traffic Flows 1 Introduction 2 Related Work 3 Approximate Matching and IoT Device Datasets 3.1 Approximate Matching Algorithms 3.2 IoT Device Datasets 4 Suitable Approximate Matching Algorithms 5 Evaluation 5.1 Evaluation Setup of the First and Third Dataset 5.2 Evaluation Setup of the Second Dataset 5.3 Evaluation Methodology 5.4 Evaluation Results on Active Data 5.5 Evaluation Results on Setup Data 5.6 Evaluation Results on Idle Data 6 Conclusion and Future Work References Accessing Secure Data on Android Through Application Analysis 1 Introduction 2 Related Work 3 Proposed Approach 4 Experiment Results 4.1 Safe Notes 4.2 Private Notepad 4.3 Secure Notes 4.4 Memory Artifacts 5 Discussion 6 Conclusion References Research on the Method of Selecting the Optimal Feature Subset in Big Data for Energy Analysis Attack 1 Introduction 1.1 Relevant Work 1.2 Our Contribution 1.3 Structure of This Paper 2 Selection of Attack Points 2.1 SBOX Output Hamming Weight Model 2.2 SBOX Output Bit-by-Bit Attack Model 3 The Optimal Feature Subset Selection Method in Big Data 3.1 Feature Point Selection Strategy 3.2 First Feature Point Selection Based on F-test 3.3 Second Feature Point Selection Based on Recursive Feature Elimination and Cross Validation 4 Experimental Results and Analysis 4.1 Comparison of Feature Selection Between F-test and PCC Method 4.2 Comparison of Feature Selection Between Recursive Feature Elimination Plus Cross Validation (RFECV) and Principal Component Analysis (PCA) 5 Summary References Cheating Sensitive Security Quantum Bit Commitment with Security Distance Function 1 Introduction 2 Preliminaries 2.1 Definition of Security Distance Function 2.2 Construction of Security Distance Function 3 Quantum Bit Commitment with Security Distance Function 3.1 QBC with SDF in Ideal Case 3.2 QBC with SDF in Defective Case 4 Security Analysis 4.1 Concealing 4.2 Binding 4.3 Error Rate Introduced by Alice's Cheating 5 Comparison 6 Conclusion References Towards Mitigation of Data Exfiltration Techniques Using the MITRE ATT&CK Framework 1 Introduction 2 Related Work 3 Cyber Threat Intelligence 4 MITRE ATT&CK Framework 5 Information Security Management Systems 6 Concept and Example to Integrate CTI with ISMS 6.1 Concept to Integrate CTI with ISMS 6.2 Example to Apply Our Concept 7 Conclusion References PCWQ: A Framework for Evaluating Password Cracking Wordlist Quality 1 Introduction 2 Background and Related Work 2.1 Password Cracking Techniques 2.2 Analysis of Password Trends 2.3 Password Strength Meter 3 How Can Quality Be Measured? 3.1 Final Percentage of Passwords Cracked 3.2 Number of Guesses Until Target 3.3 Progress over Time 3.4 Size of Wordlist 3.5 Better Performance with Stronger Passwords 3.6 Compound Metric 4 Methodology 5 Preliminary Analysis 5.1 Dataset Selection and Creation 5.2 Example Use Case 5.3 Breakdown of Comb4 6 Discussion 7 Conclusion and Future Work References No Pie in the Sky: The Digital Currency Fraud Website Detection 1 Introduction 2 Background and Related Work 2.1 Digital Currency 2.2 Ponzi Scheme 2.3 Smart Ponzi Schemes Detection 2.4 Phishing Scam Detection 3 Methodology 3.1 Data Collection and Preprocessing 3.2 Website Feature Extraction 3.3 Digital Currency Fraud Website Detection Model 4 Experiment 4.1 Dataset 4.2 Experimental Environment and Evaluation Metrics 4.3 Experimental Settings 4.4 Results and Discussion 4.5 Case Study 5 Conclusion References Understanding the Brains and Brawn of Illicit Streaming App 1 Introduction 2 Background 3 Our Methodology 3.1 Detection of Illicit Streaming Libraries and Potential ISAs 3.2 Network Traffic Analysis 4 Findings 4.1 Data Collection 4.2 Key Findings on Illicit Streaming Libraries 4.3 Key Findings on Detection of Potential ISA 4.4 Network Analysis Result 4.5 Case Studies 5 Related Work and Discussions 5.1 Illicit Streaming Services 5.2 Mobile Application Similarity 5.3 Limitations and Future Developments 6 Conclusion References Fine-Grained Obfuscation Scheme Recognition on Binary Code 1 Introduction 2 Background 3 Overview of Our Approach 3.1 Function Abstraction 3.2 Instruction Embedding 3.3 The BiGRU-CNN Model 4 Experiments and Evaluation 4.1 Dataset Construction 4.2 Implementation and Experimental Setup 4.3 Experimental Results 5 Related Work 6 Conclusion References Backdoor Investigation and Incident Response: From Zero to Profit 1 Background 2 Challenge in Analyzing Backdoor and Incident Response 2.1 Limitation of Behavioral Analysis 2.2 Emerging Backdoor Threat 2.3 Lack of Practical Backdoor-Specific Incident Response Methodology 3 Incident Response Model 3.1 Static Analysis of Backdoor 3.2 Similarity Comparison with published Backdoor 3.3 Scanning Potential Backdoors 3.4 Deobfuscation of Binary and Network Traffic Content 3.5 Backdoor Entropy Analysis 4 Related Work 5 Discussion 6 Conclusion References Automated Software Vulnerability Detection via Pre-trained Context Encoder and Self Attention 1 Introduction 2 Related Work 3 The Methodology 3.1 Pre-processing 3.2 Fine-Tuning 3.3 Embedding 3.4 Classifier Training 4 Experiment and Results 4.1 Datasets 4.2 Evaluation Metrics 4.3 Implementation Details 4.4 Results Analysis 5 Conclusion References A CNN-Based HEVC Video Steganalysis Against DCT/DST-Based Steganography 1 Introduction 2 Analysis of Pixel Change in DCT/DST-Based HEVC Steganographic Video 2.1 Analysis on Intra-frame Distortion of DCT/DST-Based HEVC Steganography 2.2 Analysis of Pixel Value Changes in DCT/DST-Based Steganography 3 Proposed Steganalysis Network 3.1 High Pass Filter Convolution Layer 3.2 Steganalysis Residual Block 3.3 Squeeze-and-Excitation (SE) Block 4 Experiment Results and Analysis 4.1 Data Set and Experimental Setup 4.2 Experimental Results 4.3 Comparative Analysis 5 Conclusion References Do Dark Web and Cryptocurrencies Empower Cybercriminals? 1 Introduction 2 Background: Dark Web and Cryptocurrencies 3 Cryptocurrency: A New Stage for Economic Globalization 4 Cryptocurrency Trustworthiness Analysis 4.1 Legitimacy Analysis of Cryptoasset Source 4.2 Price Explosiveness Analysis 4.3 Correlation of Price Changes with Other External Factors 5 Discussion and Future Suggestions 6 Concluding Remarks References Lightweight On-Demand Honeypot Deployment for Cyber Deception 1 Introduction 2 Related Work 3 Implementation 3.1 Including Real Networks 3.2 Ad-Hoc Virtual Machine Instantiation 3.3 Decision Node Configuration 4 Case Study 5 System-in-the-Middle Overhead Analysis 5.1 Static Connections 5.2 Dynamic Connections Using CDES 6 CDES System Utilization 7 CDES Performance Against Network Probes 8 Future Work References Gotta Catch'em All! Improving P2P Network Crawling Strategies 1 Introduction 2 Motivation 2.1 Churn 2.2 Random Address Responses 2.3 Unreachable Nodes 3 Related Work 3.1 Internet-Wide Scanning 3.2 Peer-to-Peer Crawler 3.3 Bitcoin Crawler 4 Design Considerations 4.1 Architecture 4.2 Bogon Filtering 4.3 Status Checking 4.4 Optimal Timeout 5 Data Gathering 5.1 Crawling Etiquette 5.2 Gathered Data 6 Evaluation 6.1 Increased Scan Rate 6.2 Increased Hit Rate 7 Conclusion References Parcae: A Blockchain-Based PRF Service for Everyone 1 Introduction 2 Related Work 3 Overview 4 Parcae Protocol 5 Implementation Details 5.1 Low Level API Details 6 Performance Evaluation 7 Conclusions References A Hybrid Cloud Deployment Architecture for Privacy-Preserving Collaborative Genome-Wide Association Studies 1 Introduction 2 Background Information 2.1 Genetic Association Tests 2.2 Intel's Software Guard Extensions (SGX) 2.3 Data Fragmentation and De-identification 2.4 Homomorphic Encryption 2.5 Watermarking of Homomorphically Encrypted Genetic Data 3 Privacy-Preserving GWAS Hybrid Cloud Deployment 3.1 System Infrastructure 3.2 Key Distribution 3.3 Attacker Model 3.4 Protocol Workflow 3.5 Deployment Choices 4 Experimental Results 4.1 Experimental Setup 4.2 Results 5 Conclusion References Understanding the Security of Deepfake Detection 1 Introduction 2 Background and Related Work 2.1 Face Synthesis 2.2 Face Manipulation 2.3 Detecting Deepfakes 2.4 Security of Deepfake Detection 3 Measurement Setup 3.1 Datasets 3.2 Training Face Classifiers 3.3 Evaluation Metrics 4 Security of Face Extractor 4.1 Experimental Setup 4.2 Experimental Results 5 Cross-Method Generalization of Face Classifier 5.1 Experimental Setup 5.2 Experimental Results 6 Security of Face Classifier Against Data Poisoning Attacks 6.1 Experimental Setup 6.2 Experimental Results 7 Discussion and Limitations 8 Conclusion References Author Index This book contains a selection of thoroughly refereed and revised papers from the Third International ICST Conference on Digital Forensics and Cyber Crime, ICDF2C 2011, held October 26-28 in Dublin, Ireland. The field of digital forensics is becoming increasingly important for law enforcement, network security, and information assurance. It is a multidisciplinary area that encompasses a number of fields, including law, computer science, finance, networking, data mining, and criminal justice. The 24 papers in this volume cover a variety of topics ranging from tactics of cyber crime investigations to digital forensic education, network forensics, and the use of formal methods in digital investigations. There is a large section addressing forensics of mobile digital devices.
دانلود کتاب Digital Forensics and Cyber Crime: 12th EAI International Conference, ICDF2C 2021, Virtual Event, Singapore, December 6-9, 2021, Proceedings (Lecture ... and Telecommunications Engineering, 441)