Learn More
Keywords: Digital forensics Memory analysis Operating system fingerprinting Approximate matching sdhash a b s t r a c t The correct identification of operating system kernel versions is the first critical step in deep memory analysiseit enables the precise parsing of the kernel data structures and the correct interpretation of the observed system state.(More)
Given the recent emergence of the smart grid and smart grid related technologies, their security is a prime concern. Intrusion detection provides a second line of defence. However, conventional intrusion detection systems (IDSs) are unable to adequately address the unique requirements of the smart grid. This paper presents a gap analysis of contemporary(More)
We develop and analyze an ARQ (Automatic Repeat reQuest) initialized transmit diversity protocol for cooperative communications. Medium access control (MAC) layer packet retransmission limit (similar to aShortRetryLimit or aLongRetryLimit [802.11-1997]) has been used as an actuator for transmit cooperative diversity initialization. We take the channel state(More)
Digital forensic examiners often need to identify the type of a file or file fragment based on the content of the file. Content-based file type identification schemes typically use a byte frequency distribution with statistical machine learning to classify file types. Most algorithms analyze the entire file content to obtain the byte frequency distribution,(More)
SCADA systems run 24/7 to control and monitor industrial and infrastructure processes. In case of potential security incidents, several challenges exist for conducting an effective forensic investigation. This paper discusses these challenges and investigates potential solutions. It shows the limitations of traditional IT-based approaches and also presents(More)
Identifying the file type (TXT, EXE, JPEG, etc.) is important for computer security applications such as computer forensics, steganalysis, and antivirus programs. The common approach for this is to use file extensions , magic numbers, or other header information. However, these are susceptible to tampering or corruption ; for instance, the file extension(More)
Types of files (text, executables, Jpeg images, etc.) can be identified through file extension, magic number, or other header information in the file. However, they are easy to be tampered or corrupted so cannot be trusted as secure ways to identify file types.In the presence of adversaries, analyzing the file content may be a more reliable way to identify(More)