Publikationer från Malmö universitet
Ändra sökning
Avgränsa sökresultatet
1 - 24 av 24
RefereraExporteraLänk till träfflistan
Permanent länk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Träffar per sida
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sortering
  • Standard (Relevans)
  • Författare A-Ö
  • Författare Ö-A
  • Titel A-Ö
  • Titel Ö-A
  • Publikationstyp A-Ö
  • Publikationstyp Ö-A
  • Äldst först
  • Nyast först
  • Skapad (Äldst först)
  • Skapad (Nyast först)
  • Senast uppdaterad (Äldst först)
  • Senast uppdaterad (Nyast först)
  • Disputationsdatum (tidigaste först)
  • Disputationsdatum (senaste först)
  • Standard (Relevans)
  • Författare A-Ö
  • Författare Ö-A
  • Titel A-Ö
  • Titel Ö-A
  • Publikationstyp A-Ö
  • Publikationstyp Ö-A
  • Äldst först
  • Nyast först
  • Skapad (Äldst först)
  • Skapad (Nyast först)
  • Senast uppdaterad (Äldst först)
  • Senast uppdaterad (Nyast först)
  • Disputationsdatum (tidigaste först)
  • Disputationsdatum (senaste först)
Markera
Maxantalet träffar du kan exportera från sökgränssnittet är 250. Vid större uttag använd dig av utsökningar.
  • 1.
    Alawadi, Sadi
    et al.
    Uppsala University, Sweden.
    Kebande, Victor R.
    Umeå University, Sweden.
    Dong, Yuji
    School of Internet of ThingsXi’an Jiaotong-Liverpool UniversitySuzhouChina.
    Bugeja, Joseph
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Persson, Jan A.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Olsson, Carl Magnus
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    A Federated Interactive Learning IoT-Based Health Monitoring Platform2021Ingår i: New Trends in Database and Information Systems, Springer, 2021, s. 235-246Konferensbidrag (Refereegranskat)
    Abstract [en]

    Remote health monitoring is a trend for better health management which necessitates the need for secure monitoring and privacy-preservation of patient data. Moreover, accurate and continuous monitoring of personal health status may require expert validation in an active learning strategy. As a result, this paper proposes a Federated Interactive Learning IoT-based Health Monitoring Platform (FIL-IoT-HMP) which incorporates multi-expert feedback as ‘Human-in-the-loop’ in an active learning strategy in order to improve the clients’ Machine Learning (ML) models. The authors have proposed an architecture and conducted an experiment as a proof of concept. Federated learning approach has been preferred in this context given that it strengthens privacy by allowing the global model to be trained while sensitive data is retained at the local edge nodes. Also, each model’s accuracy is improved while privacy and security of data has been upheld.

  • 2. Al-Dhaqm, Arafat
    et al.
    Abd Razak, Shukor
    Dampier, David A.
    Choo, Kim-Kwang Raymond
    Siddique, Kamran
    Ikuesan, Richard Adeyemi
    d.
    Alqarni, Abdulhadi
    Kebande, Victor R.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Categorization and Organization of Database Forensic Investigation Processes2020Ingår i: IEEE Access, E-ISSN 2169-3536, Vol. 8, s. 112846-112858Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    Database forensic investigation (DBFI) is an important area of research within digital forensics. It & x2019;s importance is growing as digital data becomes more extensive and commonplace. The challenges associated with DBFI are numerous, and one of the challenges is the lack of a harmonized DBFI process for investigators to follow. In this paper, therefore, we conduct a survey of existing literature with the hope of understanding the body of work already accomplished. Furthermore, we build on the existing literature to present a harmonized DBFI process using design science research methodology. This harmonized DBFI process has been developed based on three key categories (i.e. planning, preparation and pre-response, acquisition and preservation, and analysis and reconstruction). Furthermore, the DBFI has been designed to avoid confusion or ambiguity, as well as providing practitioners with a systematic method of performing DBFI with a higher degree of certainty.

    Ladda ner fulltext (pdf)
    fulltext
  • 3. Al-Dhaqm, Arafat
    et al.
    Razak, Shukor Abd
    Ikuesan, Richard Adeyemi
    Kebande, Victor R.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Siddique, Kamran
    A Review of Mobile Forensic Investigation Process Models2020Ingår i: IEEE Access, E-ISSN 2169-3536, Vol. 8, s. 173359-173375Artikel, forskningsöversikt (Refereegranskat)
    Abstract [en]

    Mobile Forensics (MF) field uses prescribed scientific approaches with a focus on recovering Potential Digital Evidence (PDE) from mobile devices leveraging forensic techniques. Consequently, increased proliferation, mobile-based services, and the need for new requirements have led to the development of the MF field, which has in the recent past become an area of importance. In this article, the authors take a step to conduct a review on Mobile Forensics Investigation Process Models (MFIPMs) as a step towards uncovering the MF transitions as well as identifying open and future challenges. Based on the study conducted in this article, a review of the literature revealed that there are a few MFIPMs that are designed for solving certain mobile scenarios, with a variety of concepts, investigation processes, activities, and tasks. A total of 100 MFIPMs were reviewed, to present an inclusive and up-to-date background of MFIPMs. Also, this study proposes a Harmonized Mobile Forensic Investigation Process Model (HMFIPM) for the MF field to unify and structure whole redundant investigation processes of the MF field. The paper also goes the extra mile to discuss the state of the art of mobile forensic tools, open and future challenges from a generic standpoint. The results of this study find direct relevance to forensic practitioners and researchers who could leverage the comprehensiveness of the developed processes for investigation.

    Ladda ner fulltext (pdf)
    fulltext
  • 4. Al-Dhaqm, Arafat
    et al.
    Razak, Shukor Abd
    Siddique, Kamran
    Ikuesan, Richard Adeyemi
    Kebande, Victor R.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Towards the Development of an Integrated Incident Response Model for Database Forensic Investigation Field2020Ingår i: IEEE Access, E-ISSN 2169-3536, Vol. 8, s. 145018-145032Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    For every contact that is made in a database, a digital trace will potentially be left and most of the database breaches are mostly aimed at defeating the major security goals (Confidentiality, Integrity, and Authenticity) of data that reside in the database. In order to prove/refute a fact during litigation, it is important to identify suitable investigation techniques that can be used to link a potential incident/suspect to the digital crime. As a result, this paper has proposed suitable steps of constructing and Integrated Incident Response Model (IIRM) that can be relied upon in the database forensic investigation field. While developing the IIRM, design science methodology has been adapted and the outcome of this study has shown significant and promising approaches that could be leveraged by digital forensic experts, legal practitioners and law enforcement agencies. This is owing to the fact, that IIRM construction has followed incident investigation principles that are stipulated in ISO guidelines.

    Ladda ner fulltext (pdf)
    fulltext
  • 5. Al-Dhaqm, Arafat
    et al.
    Shukor, Razak
    Ikuesan, Richard
    Kebande, Victor R.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP). Luleå University of Technology.
    Othman, Siti
    Face Validation of Database Forensic Investigation Metamodel2021Ingår i: Infrastructues, ISSN 2412-3811, Vol. 6, nr 2, s. 1-20, artikel-id 13Artikel i tidskrift (Övrigt vetenskapligt)
    Abstract [en]

    Using a face validity approach, this paper provides a validation of the Database Forensic Investigation Metamodel (DBFIM). The DBFIM was developed to solve interoperability, heterogeneity, complexity, and ambiguity in the database forensic investigation (DBFI) field, where severalmodels were identified, collected, and reviewed to develop DBFIM. However, the developedDBFIM lacked the face validity-based approach that could ensure DBFIM’s applicability in the DBFIfield. The completeness, usefulness, and logic of the developed DBFIM needed to be validated byexperts. Therefore, the objective of this paper is to perform the validation of the developed DBFIMusing the qualitative face validity approach. The face validity method is a common way of validating metamodels through subject expert inquiry on the domain application of the metamodel to assess whether the metamodel is reasonable and compatible based on the outcomes. For this purpose,six experts were nominated and selected to validate the developed DBFIM. From the expert review,the developed DBFIM was found to be complete, coherent, logical, scalable, interoperable, and useful for the DBFI field. 

    Ladda ner fulltext (pdf)
    fulltext
  • 6.
    Al-Ghushami, Abdullah
    et al.
    Edith Cowan Univ, Cyber Secur Cooperat Res Ctr, Perth, WA, Australia.
    Karie, Nlckson
    Edith Cowan Univ, Cyber Secur Cooperat Res Ctr, Perth, WA, Australia.
    Kebande, Victor R.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Detecting Centralized Architecture-Based Botnets using Travelling Salesperson Non-Deterministic Polynomial-Hard problem-TSP-NP Technique2019Ingår i: 2019 IEEE CONFERENCE ON APPLICATION, INFORMATION AND NETWORK SECURITY (AINS), IEEE, 2019, s. 77-81Konferensbidrag (Refereegranskat)
    Abstract [en]

    The threats posed by botnets in the cyber-space continues to grow each day and it has become very hard to detect or infiltrate bots given that the botnet developers each day keep changing the propagation and attack techniques. Currently, most of these attacks have been centered on stealing computing energy, theft of personal information and Distributed Denial of Service (DDoS attacks). In this paper, the authors propose a novel technique that uses the Non-Deterministic Polynomial-Time Hardness (NP-Hard Problem) based on the Traveling Salesperson Person (TSP) that depicts that a given bot, b(j), is able to visit each host on a network environment, NE, and then it returns to the botmaster in form of instruction(command) through optimal minimization of the hosts that are or may be attacked. Given that b(j) represents a piece of malicious code and based on TSP-NP Hard Problem which forms part of combinatorial optimization, the authors present an effective approach for the detection of the botnet. It is worth noting that the concentration of this study is basically on the centralized botnet architecture. This holistic approach shows that botnet detection accuracy can be increased with a degree of certainty and potentially decrease the chances of false positives. Nevertheless, a discussion on the possible applicability and implementation has also been given in this paper.

  • 7.
    Alkhabbas, Fahed
    et al.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Alsadi, Mohammed
    Department of Computer Science, Norwegian University of Science and Technology, 7491 Trondheim, Norway.
    Alawadi, Sadi
    Department of Information Technology, Uppsala University, 75105 Uppsala, Sweden; Center for Applied Intelligent Systems Research, School of Information Technology, Halmstad University, 30118 Halmstad, Sweden.
    Awaysheh, Feras M
    Institute of Computer Science, Delta Research Centre, University of Tartu, 51009 Tartu, Estonia.
    Kebande, Victor R.
    Department of Computer Science (DBlekinge Institute of Technology, 37179 Karlskrona, Sweden.
    Moghaddam, Mahyar T
    The Maersk Mc-Kinney Moller Institute (MMMI), University of Southern Denmark, 5230 Odense, Denmark.
    ASSERT: A Blockchain-Based Architectural Approach for Engineering Secure Self-Adaptive IoT Systems.2022Ingår i: Sensors, E-ISSN 1424-8220, Vol. 22, nr 18, artikel-id 6842Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    Internet of Things (IoT) systems are complex systems that can manage mission-critical, costly operations or the collection, storage, and processing of sensitive data. Therefore, security represents a primary concern that should be considered when engineering IoT systems. Additionally, several challenges need to be addressed, including the following ones. IoT systems' environments are dynamic and uncertain. For instance, IoT devices can be mobile or might run out of batteries, so they can become suddenly unavailable. To cope with such environments, IoT systems can be engineered as goal-driven and self-adaptive systems. A goal-driven IoT system is composed of a dynamic set of IoT devices and services that temporarily connect and cooperate to achieve a specific goal. Several approaches have been proposed to engineer goal-driven and self-adaptive IoT systems. However, none of the existing approaches enable goal-driven IoT systems to automatically detect security threats and autonomously adapt to mitigate them. Toward bridging these gaps, this paper proposes a distributed architectural Approach for engineering goal-driven IoT Systems that can autonomously SElf-adapt to secuRity Threats in their environments (ASSERT). ASSERT exploits techniques and adopts notions, such as agents, federated learning, feedback loops, and blockchain, for maintaining the systems' security and enhancing the trustworthiness of the adaptations they perform. The results of the experiments that we conducted to validate the approach's feasibility show that it performs and scales well when detecting security threats, performing autonomous security adaptations to mitigate the threats and enabling systems' constituents to learn about security threats in their environments collaboratively.

    Ladda ner fulltext (pdf)
    fulltext
  • 8. Hungwe, Taurai
    et al.
    Venter, Hein. S.
    Kebande, Victor R.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Scenario-Based Digital Forensic Investigation of Compromised MySQL Database2019Ingår i: 2019 Ist-Africa Week Conference (Ist-Africa), IEEE, 2019Konferensbidrag (Refereegranskat)
    Abstract [en]

    Insider and outsider database threats have more often than not posed a greater challenge as far as integrity and investigation of databases is concerned. Database forensic investigation is a process through which scientifically proven methods can be used to create a hypothesis that can prove or disprove the occurrence of a potential security incident. This paper explores the techniques that can be used to conduct forensic investigations of a compromised MySQL database. The authors have simulated investigative scenarios that have aided to conduct forensic investigative processes and the results are promising.

  • 9.
    Karie, Nickson M.
    et al.
    Edith Cowan Univ, Dept Comp Sci, Joondalup, Australia..
    Kebande, Victor R.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Ikuesan, Richard A.
    Qatar Community Coll, Dept Comp Sci, Doha, Qatar..
    Sookhak, Mehdi
    Illinois State Univ, Sch Informat Technol, Normal, IL 61761 USA..
    Venter, H. S.
    Univ Pretoria, Dept Comp Sci, Pretoria, South Africa..
    Hardening SAML by Integrating SSO and Multi-Factor Authentication (MFA) in the Cloud2020Ingår i: 3RD INTERNATIONAL CONFERENCE ON NETWORKING, INFORMATION SYSTEM & SECURITY (NISS'20) / [ed] Mohamed, B Abdelhakim, BA Said, R Dirss, LM Alaoui, EA, ACM Digital Library, 2020, artikel-id 56Konferensbidrag (Refereegranskat)
    Abstract [en]

    Even though the cloud paradigm and its associated services has been adopted in various enterprise applications, there has been major issues with regard to authenticating users' critical data. Single Sign on (SSO) is a user authentication technique through which a server authenticates and allows a user to use a single aspect of login credentials, for example, to access multiple services in the cloud. Even though SSO reduces the number of logins that are needed over heterogeneous environments, the risk that might be associated with the security of SSO might be detrimental if, for example, a Man-in-the Middle (MITM) attacker manages to gain control of the SSO credentials. It is also possible to get the identity of the users who have logged into Active Directory or intranet and this identity can easily be used to log into other web-based applications, and this requires the use of the Security Assertion Mark-up Language (SAML). SAML is basically a standard that allows users to be logged into applications as per their sessions. The problem that this paper addresses is the lack of a proactive technique of hardening cloud-based SAML while combining SSO with a Multi-Factor Authentication (MFA) at the time of writing this paper. The authors have, therefore, proposed an effective approach that unifies SSO with MFA in this context. Based on the base score index conducted over Common Vulnerability Scoring System (CVSS), the architecture proves to be reliable, feasible and with better performance.

  • 10. Karie, Nickson M
    et al.
    Kebande, Victor R.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Venter, H S
    Diverging deep learning cognitive computing techniques into cyber forensics2019Ingår i: Forensic science international. Synergy, ISSN 2589-871X, Vol. 1, s. 61-67Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    More than ever before, the world is nowadays experiencing increased cyber-attacks in all areas of our daily lives. This situation has made combating cybercrimes a daily struggle for both individuals and organisations. Furthermore, this struggle has been aggravated by the fact that today's cybercriminals have gone a step ahead and are able to employ complicated cyber-attack techniques. Some of those techniques are minuscule and inconspicuous in nature and often camouflage in the facade of authentic requests and commands. In order to combat this menace, especially after a security incident has happened, cyber security professionals as well as digital forensic investigators are always forced to sift through large and complex pools of data also known as Big Data in an effort to unveil Potential Digital Evidence (PDE) that can be used to support litigations. Gathered PDE can then be used to help investigators arrive at particular conclusions and/or decisions. In the case of cyber forensics, what makes the process even tough for investigators is the fact that Big Data often comes from multiple sources and has different file formats. Forensic investigators often have less time and budget to handle the increased demands when it comes to the analysis of these large amounts of complex data for forensic purposes. It is for this reason that the authors in this paper have realised that Deep Learning (DL), which is a subset of Artificial Intelligence (AI), has very distinct use-cases in the domain of cyber forensics, and even if many people might argue that it's not an unrivalled solution, it can help enhance the fight against cybercrime. This paper therefore proposes a generic framework for diverging DL cognitive computing techniques into Cyber Forensics (CF) hereafter referred to as the DLCF Framework. DL uses some machine learning techniques to solve problems through the use of neural networks that simulate human decision-making. Based on these grounds, DL holds the potential to dramatically change the domain of CF in a variety of ways as well as provide solutions to forensic investigators. Such solutions can range from, reducing bias in forensic investigations to challenging what evidence is considered admissible in a court of law or any civil hearing and many more.

    Ladda ner fulltext (pdf)
    fulltext
  • 11.
    Kebande, Victor R.
    et al.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Alawadi, Sadi
    Uppsala Universitet.
    Awaysheh, Feras
    University of Tartu.
    Persson, Jan A.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Active Machine Learning Adversarial Attack Detection in the User Feedback Process2021Ingår i: IEEE Access, E-ISSN 2169-3536, E-ISSN 2169-3536, Vol. 9Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    Modern Information and Communication Technology (ICT)-based applications utilize currenttechnological advancements for purposes of streaming data, as a way of adapting to the ever-changingtechnological landscape. Such efforts require providing accurate, meaningful, and trustworthy output fromthe streaming sensors particularly during dynamic virtual sensing. However, to ensure that the sensingecosystem is devoid of any sensor threats or active attacks, it is paramount to implement secure real-timestrategies. Fundamentally, real-time detection of adversarial attacks/instances during the User FeedbackProcess (UFP) is the key to forecasting potential attacks in active learning. Also, according to existingliterature, there lacks a comprehensive study that has a focus on adversarial detection from an activemachine learning perspective at the time of writing this paper. Therefore, the authors posit the importance ofdetecting adversarial attacks in active learning strategy. Attack in the context of this paper through a UFPThreat driven model has been presented as any action that exerts an alteration to the learning system ordata. To achieve this, the study employed ambient data collected from a smart environment human activityrecognition from (Continuous Ambient Sensors Dataset, CASA) with fully labeled connections, where weintentionally subject the Dataset to wrong labels as a targeted/manipulative attack (by a malevolent labeler)in the UFP, with an assumption that the user-labels were connected to unique identities. While the dataset’sfocus is to classify tasks and predict activities, our study gives a focus on active adversarial strategies froman information security point of view. Furthermore, the strategies for modeling threats have been presentedusing the Meta Attack Language (MAL) compiler for purposes adversarial detection. The findings fromthe experiments conducted have shown that real-time adversarial identification and profiling during the UFPcould significantly increase the accuracy during the learning process with a high degree of certainty and pavesthe way towards an automated adversarial detection and profiling approaches on the Internet of CognitiveThings (ICoT).

    Ladda ner fulltext (pdf)
    fulltext
  • 12.
    Kebande, Victor R.
    et al.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Alawadi, Sadi
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Bugeja, Joseph
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Persson, Jan A.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Olsson, Carl Magnus
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Leveraging Federated Learning & Blockchain to counter Adversarial Attacks in Incremental Learning2020Ingår i: IoT '20 Companion: 10th International Conference on the Internet of Things Companion, ACM Digital Library, 2020, s. 1-5, artikel-id 2Konferensbidrag (Refereegranskat)
    Abstract [en]

    Whereas data labelling in IoT applications is costly, it is also time consuming to train a supervised Machine Learning (ML) algorithm. Hence, a human oracle is required to gradually annotate the data patterns at run-time to improve the models’ learning behavior, through an active learning strategy in form of User Feedback Process (UFP). Consequently, it is worth to note that during UFP there may exist malicious content that may subject the learning model to be vulnerable to adversarial attacks, more so, manipulative attacks. We argue in this position paper, that there are instances during incremental learning, where the local data model may present wrong output, if retraining is done using data that has already been subjected to adversarial attack. We propose a Distributed Interactive Secure Federated Learning (DISFL) framework that utilizes UFP in the edge and fog node, that subsequently increases the amount of labelled personal local data for the ML model during incremental training. Furthermore, the DISFL framework addresses data privacy by leveraging federated learning, where only the model's knowledge is moved to a global unit, herein referred to as Collective Intelligence Node (CIN). During incremental learning, this would then allow the creation of an immutable chain of data that has to be trained, which in its entirety is tamper-free while increasing trust between parties. With a degree of certainty, this approach counters adversarial manipulation during incremental learning in active learning context at the same time strengthens data privacy, while reducing the computation costs.

  • 13.
    Kebande, Victor R.
    et al.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Baror, Stacey O.
    Department of Computer Science, University of Pretoria, South Africa.
    Parizi, Reza M.
    College of Computing and Software Engineering, Kennesaw State University, Marietta, GA, USA.
    Raymond Choo, Kim-Kwang
    Department of Information Systems and Cyber Security, University of Texas at San Antonio, San Antonio, TX 78249-0631, USA.
    Venter, H.S.
    Department of Computer Science, University of Pretoria, South Africa.
    Mapping digital forensic application requirement specification to an international standard2020Ingår i: Forensic Science International: Reports, ISSN 2665-9107, Vol. 2, artikel-id 100137Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    A potential security incident may go unsolved if standardized forensic approaches are not applied during lawfulinvestigations. This paper highlights the importance of mapping the digital forensic application requirementspecification to an international standard, precisely ISO/IEC 27043. The outcome of this work is projected tocontribute to the problem of secure DF tool creation, and in the process address Software Requirements Specification(SRS) as a process of digital evidence admissibility.

    Ladda ner fulltext (pdf)
    fulltext
  • 14.
    Kebande, Victor R.
    et al.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Ikuesan, Richard
    Karie, Nickson
    Edith Cowan University Australia.
    Alawadi, Sadi
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Kim-Kwang, Raymond Choo
    University of Texas at San Antonio.
    Al-Dhaqm, Arafat
    Universiti Teknologi Malysia.
    Quantifying the need for supervised machine learning in conducting liveforensic analysis of emergent configurations (ECO) in IoT environments2020Ingår i: Forensic Science International: Reports, ISSN 2665-9107, Vol. 2, artikel-id 100122Artikel i tidskrift (Övrigt vetenskapligt)
    Abstract [en]

    Machine learning has been shown as a promising approach to mine larger datasets, such as those that comprise datafrom a broad range of Internet of Things devices, across complex environment(s) to solve different problems. Thispaper surveys existing literature on the potential of using supervised classical machine learning techniques, such asK-Nearest Neigbour, Support Vector Machines, Naive Bayes and Random Forest algorithms, in performing livedigital forensics for different IoT configurations. There are also a number of challenges associated with the use ofmachine learning techniques, as discussed in this paper.

    Ladda ner fulltext (pdf)
    fulltext
  • 15.
    Kebande, Victor R.
    et al.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Karie, Nickson
    Edith Cowan University, Australia.
    Ikuesan, Richard
    Qatar Community college.
    Real-time monitoring as a supplementary security component of vigilantism in modern network environments2021Ingår i: International Journal of Information Technology, ISSN 2511-2104, Vol. 13, s. 5-17Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    The phenomenon of network vigilantism is autonomously attributed to how anomalies and obscure activities from adversaries can be tracked in real-time. Needless to say, in today’s dynamic, virtualized, and complex network environments, it has become undeniably necessary for network administrators, analysts as well as engineers to practice network vigilantism, on traffic as well as other network events in real-time. The reason is to understand the exact security posture of an organization’s network environment at any given time. This is driven by the fact that modern network environments do, not only present new opportunities to organizations but also a different set of new and complex cybersecurity challenges that need to be resolved daily. The growing size, scope, complexity, and volume of networked devices in our modern network environments also makes it hard even for the most experienced network administrators to independently provide the breadth and depth of knowledge needed to oversee or diagnose complex network problems. Besides, with the growing number of Cyber Security Threats (CSTs) in the world today, many organisations have been forced to change the way they plan, develop and implement cybersecurity strategies as a way to reinforce their ability to respond to cybersecurity incidents. This paper, therefore, examines the relevance of Real-Time Monitoring (RTM) as a supplementary security component of vigilantism in modern network environments, more especially for proper planning, preparedness, and mitigation in case of a cybersecurity incident. Additionally, this paper also investigates some of the key issues and challenges surrounding the implementation of RTM for security vigilantism in our modern network environments.

    Ladda ner fulltext (pdf)
    fulltext
  • 16.
    Kebande, Victor R.
    et al.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Karie, Nickson
    ECU - Security Research Institute, Faculty of Science, Edith Cowan University, Joondalup Campus, Joondalup, Western Australia, Australia.
    Ikuesan, Richard
    Department of Cybersecurity and Networking, School of Information Technology, Community College of Qatar, Doha, Qatar.
    Venter, H S
    DigiFORs Research Group, Department of Computer Science, University of Pretoria, Pretoria, South Africa.
    Ontology-driven perspective of CFRaaS2020Ingår i: WIREs Forensics Science, ISSN 2573-9468, Vol. 2, nr 5Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    A Cloud Forensic Readiness as a Service (CFRaaS) model allows an environmentto preemptively accumulate relevant potential digital evidence (PDE) which maybe needed during a post-event response process. The benefit of applying a CFRaaSmodel in a cloud environment, is that, it is designed to prevent the modification/tampering of the cloud architectures or the infrastructure during the reactive pro-cess, which if it could, may end up having far-reaching implications. The authorsof this article present the reactive processasaverycostlyexercisewhentheinfra-structure must be reprogrammed every time the process is conducted. This mayhamper successful investigation from the forensic experts and law enforcementagencies perspectives. The CFRaaS model, in its current state, has not been pres-ented in a way that can help to classify or visualize the different types of potentialevidence in all the cloud deployable models, and this may limit the expectationsof what or how the required PDE may be collected. To address this problem, thearticle presents the CFRaaS from a holistic ontology-driven perspective, whichallows the forensic experts to be able to apply the CFRaaS based on its simplicityof the concepts, relationship or semantics between different form of potential evi-dence, as well as how the security of a digital environment being investigatedcould be upheld. The CFRaaS in this context follows a fundamental ontologyengineering approach that is based on the classical Resource Description Frame-work. The proposed ontology-driven approach to CFRaaS is, therefore, aknowledge-base that uses layer-dependencies, which could be an essential toolkitfor digital forensic examiners and other stakeholders in cloud-security. The imple-mentation of this approach could further provide a platform to develop otherknowledge base components for cloud forensics and security

    Ladda ner fulltext (pdf)
    fulltext
  • 17.
    Kebande, Victor R.
    et al.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Mlotshwa, Likhwa
    Karie, Nickson M.
    Botnet's Obfuscated C&C Infrastructure Take-down Approaches Based on Monitoring Centralized Zeus Bot Variant's Propagation Model2019Ingår i: 2019 Ist-Africa Week Conference (Ist-Africa), IEEE, 2019Konferensbidrag (Refereegranskat)
    Abstract [en]

    While botnets still pose a big threat, they have also developed to be the most dangerous dark applications over the web. They are able to compromise a multitude of computers under the Command and Control (C&C) infrastructure, that is mainly controlled by a botherder/botmaster. Normally, a botnet uses malicious code to achieve its objectives and usually the motivation is based on either financial gain or Denial of Service (DoS) attack. The problem that is being addressed in this paper is structured to explore how a botnet's C&C infrastructure can be taken down based on how the botnet propagates itself within a network. The authors have used Zeus Botnet (ZBot) propagation model as a basis for this study. The main objective is to identify ZBot propagation patterns in order to be able to propose the take down approaches of the C&C infrastructure which acts as botnet control point. It is imperative to note that, even though ZBot was mainly resilient to attacks because of its Peer-to-Peer (P2P) nature, still other Zeus variants were controlled or acted as centralized bots. The study is more inclined to exploring the centralized Zeus variants like GameOver Zeus (GOZ) and ICE-IX for purposes of identifying the approaches. Based on the ZBot attack study, the C&C infrastructure can effectively be infiltrated hence averting unwarranted botnet attacks.

  • 18.
    Kebande, Victor R.
    et al.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Mudau, Phathutshedzo P.
    DigiForS Research Group, Department of Computer Science, University of Pretoria, South Africa.
    Ikuesan, Richard A.
    Cyber and Network Security Department, Science and Technology Division, Community College of Qatar, Qatar.
    Venter, H.S.
    DigiForS Research Group, Department of Computer Science, University of Pretoria, South Africa.
    Choo, Kim-Kwang Raymond
    Department of Information Systems and Cyber Security, University of Texas at San Antonio, San Antonio, TX 78249-0631, USA.
    Holistic digital forensic readiness framework for IoT-enabled organizations2020Ingår i: Forensic Science International: Reports, ISSN 2665-9107, Vol. 2, s. 100117-100117, artikel-id 100117Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    Internet of Things (IoT) are becoming commonplace in homes, buildings, cities, and nations, and IoT networks are also getting more complex and interconnected. The complexity, interconnectivity, and heterogeneity of IoT systems, however, complicate digital (forensic) investigations. The challenge is compounded due to the lack of holistic and standardized approaches. Hence, building on the ISO/IEC 27043 international standard, we present a holistic digital forensic readiness (DFR) framework. We also qualitatively evaluate the utility of the proposed DFR framework.

    Ladda ner fulltext (pdf)
    fulltext
  • 19.
    Kebande, Victor R.
    et al.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Venter, H. S.
    CFRaaS: Architectural design of a Cloud Forensic Readiness as-a-Service Model using NMB solution as a forensic agent2019Ingår i: African Journal of Science, Technology, Innovation and Development (AJSTID), ISSN 2042-1338, E-ISSN 2042-1346, Vol. 11, nr 6, s. 749-769Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    The proliferation of cloud resources among organizations has had numerous benefits with regard to how business processes are conducted. However, despite the benefits, the cloud has not been very resilient due to how it is distributed and its open nature. Due to this, there have been numerous reports on how the security of organizational information has been compromised. In any organization, Digital Forensic Readiness (DFR) is employed as a pre-incident phase whose aim is to maximize the use of Potential Digital Evidence (PDE) while minimizing the cost of performing a Digital Forensic Investigation (DFI). Therefore, it is on this premise that this paper makes a contribution to the architectural design of a Cloud Forensic Readiness as-a-Service (CFRaaS) that uses a Non-Malicious Botnet (NMB) solution as a forensic agent. The authors argue that the architectural design of a CFRaaS is an important aspect, which brings out the requirements that are needed in order for the cloud to be forensically ready for digital investigations when a modified NMB acting as an Agent-Based Solution (ABS) is used. To support this claim, the authors have identified important dependencies and indicators that will provide a synergistic relationship while coming up with CFRaaS design decisions. The main objective of this paper is to present the requirements, design and implementation for achieving DFR in the cloud using a CFRaaS. This study complies with the ISO/IEC 27043: 2015 international standard which presents guidelines for Information Technology, Security Techniques and Incident Investigation Principles and Processes. The result of the study has indicated that it is possible to achieve DFR in the cloud environment using a botnet with modified functionalities.

    Ladda ner fulltext (pdf)
    fulltext
  • 20.
    Kebande, Victor Rigworo
    et al.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Venter, Hein S.
    Univ Pretoria, Dept Comp Sci, DigiFORs Res Grp, Pretoria, South Africa..
    A comparative analysis of digital forensic readiness models using cfraas as a baseline2019Ingår i: Wiley Interdisciplinary Reviews: Forensic Science, ISSN 2573-9468, Vol. 1, nr 6, artikel-id e1350Artikel, forskningsöversikt (Refereegranskat)
    Abstract [en]

    Digital forensic readiness (DFR) aims at maximizing the potential of conducting a digital forensic investigation while minimizing the cost of conducting postevent processes when a potential security incident is detected. Conducting digital forensic investigation (DFI) process and changing the functionality of software architectures and/or infrastructures while conducting these processes is a costly exercise; however, the availability of DFR processes can shorten and save the cost of these processes. A comparative analysis of the DFR process models is given that makes a strict comparison with the cloud forensic readiness as a service (CFRaaS) model. The main reason the CFRaaS model has been used as a basis for comparison is because it has been constructed by modifying the functionality of initially considered malicious botnets to allow the removal of potential digital evidence from the cloud without changing the architecture or the infrastructure of the cloud while conducting digital forensic processes. It is worth to note that the CFRaaS processes have been carefully developed based on the guidelines of ISO/IEC 27043:2015 international standards for information technology, security techniques, incident investigation principles and processes. Nevertheless, additional postevent response processes have also been incorporated in the CFRaaS like the reconstruction of the events and the Incident Response Procedures processes. The outcome of the comparison has shown promising results worth exploring. This article is categorized under: Digital and Multimedia Science > Cloud Forensics Digital and Multimedia Science > Cyber Threat Intelligence MoDigital and Multimedia Science > Forensic Visualization

  • 21.
    Khorashadizadeh, Saeed
    et al.
    Univ Teknol Malaysia, Fac Comp, Skudai, Malaysia..
    Ikuesan, Adeyemi Richard
    Community Coll Qatar, Sch Informat Technol, Dept Cybersecur & Networking, Doha, Qatar..
    Kebande, Victor R.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Generic 5G Infrastructure for IoT Ecosystem2020Ingår i: Emerging Trends in Intelligent Computing and Informatics: Data Science, Intelligent Information Systems and Smart Computing / [ed] Saeed, F Mohammed, F Gazem, N, Springer, 2020, s. 451-462Konferensbidrag (Refereegranskat)
    Abstract [en]

    While the Internet of Things (IoT) is still gaining rapid adoption in an upward trajectory means across many smart areas in recent years, still, there is a need to develop a scalable ecosystem that is able to support future IoT implementations, given the heterogeneity and increased information flow among IoT devices. The lack of effective interoperability, availability, reliability, and performance in IoT are a few challenges that hinder the effectiveness of IoT deployment and communication, and this has acted as a stumbling block for the optimisation of IoT platforms. That notwithstanding, the advent of the Fifth Generation (5G) networks, has seen a significant shift on how the IoT-paradigm operates. This article introduces a discussion on the generic 5G infrastructure for IoT environment that can support future deployments. The article begins by conducting a technical review of the evolution of the First generation (1G) through 5G cellular networks. Thereafter, an illustration of the Fourth Generation (4G) architecture, stating its features as a precedent that shows to what extent 5G network may thrive or support IoT ecosystems, is given. Furthermore, the paper explores both the architectural requirements and futuristic vision of 5G infrastructure in the perspective of IoT applications. Most importantly, the paper has also explored the IoT market share and forecast on growth and how it affects different industrial sectors. The authors believe that the conclusions that have been made in this paper will act as a pacesetter and give a direction worth exploring once the 5G infrastructure for IoT ecosystems is implemented.

  • 22.
    Makura, Sheunesu M.
    et al.
    Faculty of EBIT, University of Pretoria, Pretoria, South Africa.
    Venter, H. S.
    Faculty of EBIT, University of Pretoria, Pretoria, South Africa.
    Ikuesan, Richard Adeyemi
    School of Information Technology, Community College of Qatar, Doha, Qatar.
    Kebande, Victor R.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Karie, Nickson M.
    Security Research Institute, School of Science-Edith Cowan University, Joondalup, Australia.
    Proactive Forensics: Keystroke Logging from the Cloud as Potential Digital Evidence for Forensic Readiness Purposes2020Ingår i: 2020 IEEE International Conference on Informatics, IoT, and Enabling Technologies (ICIoT), IEEE, 2020Konferensbidrag (Refereegranskat)
    Abstract [en]

    The relationship between negative and positive connotations with regard to malware in the cloud is rarely investigated according to the prevailing literature. However, there is a significant relationship between the use of positive and negative connotations. A clear distinction between the two emanates when we use the originally considered malicious code, for positive connotation like in the case of capturing keystrokes in a proactive forensic purpose. This is done during the collection of digital evidence for Digital Forensic Readiness (DFR) purposes, in preparation of a Digital Forensic Investigation (DFI) process. The paper explores the problem of having to use the keystrokes for positive reasons as a piece of potential evidence through extraction and digitally preserving it as highlighted in ISO/IEC 27037: 2012 (security approaches) and ISO/IEC 27043: 2015 (legal connotations). In this paper, therefore, the authors present a technique of how DFR can be achieved through the collection of digital information from the originally considered malicious code. This is achieved without modifying the cloud operations or the infrastructure thereof, while preserving the integrity of digital information and possibly maintain the chain of custody at the same time. The paper proposes that the threshold of malicious code intrusion in the cloud can be transformed to an efficacious process of DFR through logical acquisition and digitally preserving keystrokes. The experiment-tested keystrokes have shown a significant approach that could achieve proactive forensics.

  • 23.
    Persson, Jan A.
    et al.
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Bugeja, Joseph
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Davidsson, Paul
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Holmberg, Johan
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Kebande, Victor R.
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Mihailescu, Radu-Casian
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Sarkheyli-Hägele, Arezoo
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Tegen, Agnes
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    The Concept of Interactive Dynamic Intelligent Virtual Sensors (IDIVS): Bridging the Gap between Sensors, Services, and Users through Machine Learning2023Ingår i: Applied Sciences, E-ISSN 2076-3417, Vol. 13, nr 11, artikel-id 6516Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    This paper concerns the novel concept of an Interactive Dynamic Intelligent Virtual Sensor (IDIVS), which extends virtual/soft sensors towards making use of user input through interactive learning (IML) and transfer learning. In research, many studies can be found on using machine learning in this domain, but not much on using IML. This paper contributes by highlighting how this can be done and the associated positive potential effects and challenges. An IDIVS provides a sensor-like output and achieves the output through the data fusion of sensor values or from the output values of other IDIVSs. We focus on settings where people are present in different roles: from basic service users in the environment being sensed to interactive service users supporting the learning of the IDIVS, as well as configurators of the IDIVS and explicit IDIVS teachers. The IDIVS aims at managing situations where sensors may disappear and reappear and be of heterogeneous types. We refer to and recap the major findings from related experiments and validation in complementing work. Further, we point at several application areas: smart building, smart mobility, smart learning, and smart health. The information properties and capabilities needed in the IDIVS, with extensions towards information security, are introduced and discussed.

    Ladda ner fulltext (pdf)
    fulltext
  • 24.
    Zawali, Bako
    et al.
    Federal University of Technology Minna, Nigeria.
    Ikuesan, Richard A.
    Community College of Qatar, Qatar.
    Kebande, Victor R.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Luleå University of Technology.
    Furnell, Steven
    University of Nottingham, UK.
    A-Dhaqm, Arafat
    Universiti Teknologi Malaysia, Malaysia.
    Realising a Push Button Modality for Video-Based Forensics2021Ingår i: Infrastructures, ISSN 2412-3811, Vol. 6, nr 4, artikel-id 54Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    Complexity and sophistication among multimedia-based tools have made it easy for perpetrators to conduct digital crimes such as counterfeiting, modification, and alteration without being detected. It may not be easy to verify the integrity of video content that, for example, has been manipulated digitally. To address this perennial investigative challenge, this paper proposes the integration of a forensically sound push button forensic modality (PBFM) model for the investigation of the MP4 video file format as a step towards automated video forensic investigation. An open-source multimedia forensic tool was developed based on the proposed PBFM model. A comprehensive evaluation of the efficiency of the tool against file alteration showed that the tool was capable of identifying falsified files, which satisfied the underlying assertion of the PBFM model. Furthermore, the outcome can be used as a complementary process for enhancing the evidence admissibility of MP4 video for forensic investigation.

    Ladda ner fulltext (pdf)
    fulltext
1 - 24 av 24
RefereraExporteraLänk till träfflistan
Permanent länk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf