Skip to main content

Research Repository

Advanced Search

Browse


A forensic analysis of streaming platforms on Android OS (2022)
Journal Article
GarcĂ­a Murias, J., Levick, D., & Mckeown, S. (2023). A forensic analysis of streaming platforms on Android OS. Forensic Science International: Digital Investigation, 44, Article 301485. https://doi.org/10.1016/j.fsidi.2022.301485

This work builds on existing research in streamed video reconstruction on the Android OS, which previously demonstrated that caching occurs in most cases for the Chrome and Firefox Web browsers. Prior work also outlined that streaming application cac... Read More about A forensic analysis of streaming platforms on Android OS.

Hamming Distributions of Popular Perceptual Hashing Techniques (2022)
Journal Article
McKeown, S., & Buchanan, W. J. (in press). Hamming Distributions of Popular Perceptual Hashing Techniques. Forensic Science International: Digital Investigation,

Content-based file matching has been widely deployed for decades, largely for the detection of sources of copyright infringement, extremist materials, and abusive sexual media. Perceptual hashes, such as Microsoft's PhotoDNA, are one automated mechan... Read More about Hamming Distributions of Popular Perceptual Hashing Techniques.

Forensic Considerations for the High Efficiency Image File Format (HEIF) (2020)
Conference Proceeding
Mckeown, S., & Russell, G. (2020). Forensic Considerations for the High Efficiency Image File Format (HEIF). . https://doi.org/10.1109/CyberSecurity49315.2020.9138890

The High Efficiency File Format (HEIF) was adopted by Apple in 2017 as their favoured means of capturing images from their camera application, with Android devices such as the Galaxy S10 providing support more recently. The format is positioned to re... Read More about Forensic Considerations for the High Efficiency Image File Format (HEIF).

Fast Forensic Triage Using Centralised Thumbnail Caches on Windows Operating Systems (2020)
Journal Article
Mckeown, S., Russell, G., & Leimich, P. (2020). Fast Forensic Triage Using Centralised Thumbnail Caches on Windows Operating Systems. Journal of Digital Forensics, Security and Law, 14(3), Article 1

A common investigative task is to identify known contraband images on a device, which typically involves calculating cryptographic hashes for all the files on a disk and checking these against a database of known contraband. However, modern drives ar... Read More about Fast Forensic Triage Using Centralised Thumbnail Caches on Windows Operating Systems.

Reducing the Impact of Network Bottlenecks on Remote Contraband Detection (2018)
Conference Proceeding
McKeown, S., Russell, G., & Leimich, P. (2018). Reducing the Impact of Network Bottlenecks on Remote Contraband Detection. In 2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). https://doi.org/10.1109/CyberSecPODS.2018.8560671

Cloud based storage is increasing in popularity, with large volumes of data being stored remotely. Digital forensics investigators examining such systems remotely are limited by bandwidth constraints when accessing this kind of data using traditi... Read More about Reducing the Impact of Network Bottlenecks on Remote Contraband Detection.

Sub-file Hashing Strategies for Fast Contraband Detection (2018)
Conference Proceeding
McKeown, S., Russell, G., & Leimich, P. (2018). Sub-file Hashing Strategies for Fast Contraband Detection. In 2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). https://doi.org/10.1109/CyberSecPODS.2018.8560680

Traditional digital forensics processes do not scale well with the huge quantities of data present in a modern investigation, resulting in large investigative backlogs for many law enforcement agencies. Data reduction techniques are required for fast... Read More about Sub-file Hashing Strategies for Fast Contraband Detection.

Fingerprinting JPEGs With Optimised Huffman Tables (2018)
Journal Article
McKeown, S., Russell, G., & Leimich, P. (2018). Fingerprinting JPEGs With Optimised Huffman Tables. Journal of Digital Forensics, Security and Law, 13(2), Article 7. https://doi.org/10.15394/jdfsl.2018.1451

A common task in digital forensics investigations is to identify known contraband images. This is typically achieved by calculating a cryptographic digest, using hashing algorithms such as SHA256, for each image on a given medium, and comparing indiv... Read More about Fingerprinting JPEGs With Optimised Huffman Tables.

Fast Filtering of Known PNG Files Using Early File Features (2017)
Conference Proceeding
McKeown, S., Russell, G., & Leimich, P. (2017). Fast Filtering of Known PNG Files Using Early File Features. In Proceedings of the Conference on Digital Forensics, Security and Law

A common task in digital forensics investigations is to identify known contraband images. This is typically achieved by calculating a cryptographic digest, using hashing algorithms such as SHA256, for each image on a given media, comparing individual... Read More about Fast Filtering of Known PNG Files Using Early File Features.

Dynamic fine-grained access control in e-Health using: The secure SQL server system as an enabler of the future Internet (2016)
Conference Proceeding
Paulin, A., & Thuemmler, C. (2016). Dynamic fine-grained access control in e-Health using: The secure SQL server system as an enabler of the future Internet. In 2016 IEEE 18th International Conference on e-Health Networking, Applications and Services (Healthcom), (245-248). https://doi.org/10.1109/HealthCom.2016.7749462

This paper describes the use of the Secure SQL Server system (SecSQL) – a system for dynamic fine-grained access control, in the context of e-Health. The system was used in two heterogeneous use-cases of a European project, namely: to govern drugs al... Read More about Dynamic fine-grained access control in e-Health using: The secure SQL server system as an enabler of the future Internet.