Learn More
—Kernel modules are an integral part of most operating systems (OS) as they provide flexible ways of adding new functionalities (such as file system or hardware support) to the kernel without the need to recompile or reload the entire kernel. Aside from providing an interface between the user and the hardware, these modules maintain system security and(More)
Keywords: Digital forensics Memory analysis Operating system fingerprinting Approximate matching sdhash a b s t r a c t The correct identification of operating system kernel versions is the first critical step in deep memory analysiseit enables the precise parsing of the kernel data structures and the correct interpretation of the observed system state.(More)
We develop and analyze an ARQ (Automatic Repeat reQuest) initialized transmit diversity protocol for cooperative communications. Medium access control (MAC) layer packet retransmission limit (similar to aShortRetryLimit or aLongRetryLimit [802.11-1997]) has been used as an actuator for transmit cooperative diversity initialization. We take the channel state(More)
Digital forensic examiners often need to identify the type of a file or file fragment based on the content of the file. Content-based file type identification schemes typically use a byte frequency distribution with statistical machine learning to classify file types. Most algorithms analyze the entire file content to obtain the byte frequency distribution,(More)
Given the recent emergence of the smart grid and smart grid related technologies, their security is a prime concern. Intrusion detection provides a second line of defence. However, conventional intrusion detection systems (IDSs) are unable to adequately address the unique requirements of the smart grid. This paper presents a gap analysis of contemporary(More)
Identifying the file type (TXT, EXE, JPEG, etc.) is important for computer security applications such as computer forensics, steganalysis, and antivirus programs. The common approach for this is to use file extensions , magic numbers, or other header information. However, these are susceptible to tampering or corruption ; for instance, the file extension(More)
SCADA systems run 24/7 to control and monitor industrial and infrastructure processes. In case of potential security incidents, several challenges exist for conducting an effective forensic investigation. This paper discusses these challenges and investigates potential solutions. It shows the limitations of traditional IT-based approaches and also presents(More)