Cyber Forensics Intelligence Center
Permanent URI for this collectionhttps://hdl.handle.net/20.500.11875/2423
Browse
Browsing Cyber Forensics Intelligence Center by Author "Andel, Todd R."
Now showing 1 - 2 of 2
- Results Per Page
- Sort Options
Item Cloud Forecasting: Legal Visibility Issues in Saturated Environments(Computer Law & Security Review, 2018) Brown, Adam J.; Glisson, William Bradley; Andel, Todd R.; Choo, Kim-Kwang RaymondThe advent of cloud computing has brought the computing power of corporate data pro- cessing and storage centers to lightweight devices. Software-as-a-service cloud subscribers enjoy the convenience of personal devices along with the power and capability of a service. Using logical as opposed to physical partitions across cloud servers, providers supply flexible and scalable resources. Furthermore, the possibility for multitenant accounts promises considerable freedom when establishing access controls for cloud content. For forensic analysts conducting data acquisition, cloud resources present unique challenges. Inherent proper- ties such as dynamic content, multiple sources, and nonlocal content make it difficult for a standard to be developed for evidence gathering in satisfaction of United States federal evidentiary standards in criminal litigation. Development of such standards, while essential for reliable production of evidence at trial, may not be entirely possible given the guarantees to privacy granted by the Fourth Amendment and the Electronic Communications Privacy Act. Privacy of information on a cloud is complicated because the data is stored on resources owned by a third-party provider, accessible by users of an account group, and monitored according to a service level agreement. This research constructs a balancing test for competing considerations of a forensic investigator acquiring information from a cloud.Item Detecting Repackaged Android Applications Using Perceptual Hashing(Proceedings of the 53rd Hawaii International Conference on System Sciences, 2020-01) Nguyen, Thanh; McDonald, J. Todd; Glisson, William Bradley; Andel, Todd R.The last decade has shown a steady rate of Android device dominance in market share and the emergence of hundreds of thousands of apps available to the public. Because of the ease of reverse engineering Android applications, repackaged malicious apps that clone existing code have become a severe problem in the marketplace. This research proposes a novel repackaged detection system based on perceptual hashes of vetted Android apps and their associated dynamic user interface (UI) behavior. Results show that an average hash approach produces 88% accuracy (indicating low false negative and false positive rates) in a sample set of 4878 Android apps, including 2151 repackaged apps. The approach is the first dynamic method proposed in the research community using image-based hashing techniques with reasonable performance to other known dynamic approaches and the possibility for practical implementation at scale for new applications entering the Android market.