Daniel A. Ray

Learn More
OBJECTIVE To profile patients with upper respiratory tract infection (URI) presenting to a walk-in clinic, to quantify their perspectives on the need for antibiotic therapy, and to find out their predictions of future behavior for similar illnesses. PATIENTS AND METHODS In the spring of 1998, previsit and postvisit questionnaires were distributed at the(More)
There are numerous and diverse digital forensics models for driving digital investigative processes. To encompass these diverse models we argue that there is need for two integrated Domain-Specific Languages (DSLs) [5]: a static one and a dynamic one. We attempt to motivate some research directions involving DSLs, digital forensics, and the creation of two(More)
This paper gives an online algorithm for generating Jakobsson's fractal hash chains [14]. Our new algorithm compliments Jakobsson's fractal hash chain algorithm for preimage traversal since his algorithm assumes the entire hash chain is precomputed and a particular list of ⌈log n⌉ hash elements or pebbles are saved. Our online algorithm for hash chain(More)
A digital chain of custody is an account documenting digital data at a particular place and time. This paper gives a method of validating and authenticating a digital chain of custody using an algorithm by Jakobsson and by providing a new algorithm that compliments Jakobsson's algorithm. Our method assumes specialized hardware. The physical hardware is(More)
This paper reviews details around the motivation for creating a domain-specific language that allows the easy design of software tools that support digital investigation. These tools will enable the specification of security requirements, support the activities of various investigations, certify security properties, and formulate security claims.(More)
This paper describes a proof-of-concept system for detecting insider threats. The system measures insider behavior by observing a user's processes and threads, information about user mode and kernel mode time, network interface statistics, etc. The system is built using Mi-crosoft's Windows Management Instrumentation (WMI) implementation of the Web Based(More)
This paper reports the results of our experimentation with modeling worm behavior on a large scale, fully adaptable network simu-lator. Our experiments focused on areas of worm scanning methods, IP address structure, and wireless links that, to the best of our knowledge, have been mostly neglected or abstracted away in prior worm simulations. Namely, our(More)
  • 1