Skip to main content

Research Repository

Advanced Search

A Bibliometric Analysis and Systematic Review of a Blockchain-Based Chain of Custody for Digital Evidence (2024)
Conference Proceeding
Onyeashie, B. I., Leimich, P., McKeown, S., & Russell, G. (2024). A Bibliometric Analysis and Systematic Review of a Blockchain-Based Chain of Custody for Digital Evidence. In Big Data Technologies and Applications. BDTA 2023. https://doi.org/10.1007/978-3-031-52265-9_8

The effective management of digital evidence is critical to modern forensic investigations. However, traditional evidence management approaches are often prone to security and integrity issues. In recent years, the use of blockchain technology has em... Read More about A Bibliometric Analysis and Systematic Review of a Blockchain-Based Chain of Custody for Digital Evidence.

An Auditable Framework for Evidence Sharing and Management using Smart Lockers and Distributed Technologies: Law Enforcement Use Case (2024)
Conference Proceeding
Onyeashie, B., Leimich, P., McKeown, S., & Russell, G. (2024). An Auditable Framework for Evidence Sharing and Management using Smart Lockers and Distributed Technologies: Law Enforcement Use Case. In Big Data Technologies and Applications (156-167). https://doi.org/10.1007/978-3-031-52265-9_11

This paper presents a decentralised framework for sharing and managing evidence that uses smart lockers, blockchain technology, and the InterPlanetary File System (IPFS). The system incorporates Hyperledger Fabric blockchain for immutability and tamp... Read More about An Auditable Framework for Evidence Sharing and Management using Smart Lockers and Distributed Technologies: Law Enforcement Use Case.

A stacking ensemble of deep learning models for IoT intrusion detection (2023)
Journal Article
Lazzarini, R., Tianfield, H., & Charissis, V. (2023). A stacking ensemble of deep learning models for IoT intrusion detection. Knowledge-Based Systems, 279, Article 110941. https://doi.org/10.1016/j.knosys.2023.110941

The number of Internet of Things (IoT) devices has increased considerably in the past few years, which resulted in an exponential growth of cyber attacks on IoT infrastructure. As a consequence, the prompt detection of attacks in IoT environments thr... Read More about A stacking ensemble of deep learning models for IoT intrusion detection.

FitForensics: A Tool to Acquire Data from FIT-Compatible Wearables via the USB Mass Storage Interface (2023)
Journal Article
Perry, S., Levick, D., & Mckeown, S. (in press). FitForensics: A Tool to Acquire Data from FIT-Compatible Wearables via the USB Mass Storage Interface. Journal of Digital Forensics, Security and Law,

Wearable and fitness tracking devices are commonplace, with global shipments forecast to continue rising in the future. These devices store a wealth of personal data that is useful to the forensic examiner. However, due to device fragmentation, acqui... Read More about FitForensics: A Tool to Acquire Data from FIT-Compatible Wearables via the USB Mass Storage Interface.

Hamming Distributions of Popular Perceptual Hashing Techniques (2023)
Journal Article
McKeown, S., & Buchanan, W. J. (2023). Hamming Distributions of Popular Perceptual Hashing Techniques. Forensic Science International: Digital Investigation, 44(Supplement), Article 301509. https://doi.org/10.1016/j.fsidi.2023.301509

Content-based file matching has been widely deployed for decades, largely for the detection of sources of copyright infringement, extremist materials, and abusive sexual media. Perceptual hashes, such as Microsoft's PhotoDNA, are one automated mechan... Read More about Hamming Distributions of Popular Perceptual Hashing Techniques.

Independent review – Independent advisory group on new and emerging technologies in policing: final report (2023)
Report
Aston, E. (2023). Independent review – Independent advisory group on new and emerging technologies in policing: final report. Edinburgh: Scottish Government

This report explores a rights based, transparent, evidence-based, legal, ethical and socially responsible approach to adopting emerging technologies in policing, in a manner that upholds public confidence and safety. Alongside the importance of legal... Read More about Independent review – Independent advisory group on new and emerging technologies in policing: final report.

A forensic analysis of streaming platforms on Android OS (2022)
Journal Article
Murias, J. G., Levick, D., & McKeown, S. (2023). A forensic analysis of streaming platforms on Android OS. Forensic Science International: Digital Investigation, 44, Article 301485. https://doi.org/10.1016/j.fsidi.2022.301485

This work builds on existing research in streamed video reconstruction on the Android OS, which previously demonstrated that caching occurs in most cases for the Chrome and Firefox Web browsers. Prior work also outlined that streaming application cac... Read More about A forensic analysis of streaming platforms on Android OS.

Forensic Considerations for the High Efficiency Image File Format (HEIF) (2020)
Conference Proceeding
Mckeown, S., & Russell, G. (2020). Forensic Considerations for the High Efficiency Image File Format (HEIF). . https://doi.org/10.1109/CyberSecurity49315.2020.9138890

The High Efficiency File Format (HEIF) was adopted by Apple in 2017 as their favoured means of capturing images from their camera application, with Android devices such as the Galaxy S10 providing support more recently. The format is positioned to re... Read More about Forensic Considerations for the High Efficiency Image File Format (HEIF).

Fast Forensic Triage Using Centralised Thumbnail Caches on Windows Operating Systems (2020)
Journal Article
Mckeown, S., Russell, G., & Leimich, P. (2020). Fast Forensic Triage Using Centralised Thumbnail Caches on Windows Operating Systems. Journal of Digital Forensics, Security and Law, 14(3), Article 1

A common investigative task is to identify known contraband images on a device, which typically involves calculating cryptographic hashes for all the files on a disk and checking these against a database of known contraband. However, modern drives ar... Read More about Fast Forensic Triage Using Centralised Thumbnail Caches on Windows Operating Systems.

Sub-file Hashing Strategies for Fast Contraband Detection (2018)
Conference Proceeding
McKeown, S., Russell, G., & Leimich, P. (2018). Sub-file Hashing Strategies for Fast Contraband Detection. In 2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). https://doi.org/10.1109/CyberSecPODS.2018.8560680

Traditional digital forensics processes do not scale well with the huge quantities of data present in a modern investigation, resulting in large investigative backlogs for many law enforcement agencies. Data reduction techniques are required for fast... Read More about Sub-file Hashing Strategies for Fast Contraband Detection.

Reducing the Impact of Network Bottlenecks on Remote Contraband Detection (2018)
Conference Proceeding
McKeown, S., Russell, G., & Leimich, P. (2018). Reducing the Impact of Network Bottlenecks on Remote Contraband Detection. In 2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). https://doi.org/10.1109/CyberSecPODS.2018.8560671

Cloud based storage is increasing in popularity, with large volumes of data being stored remotely. Digital forensics investigators examining such systems remotely are limited by bandwidth constraints when accessing this kind of data using traditi... Read More about Reducing the Impact of Network Bottlenecks on Remote Contraband Detection.

Fingerprinting JPEGs With Optimised Huffman Tables (2018)
Journal Article
McKeown, S., Russell, G., & Leimich, P. (2018). Fingerprinting JPEGs With Optimised Huffman Tables. Journal of Digital Forensics, Security and Law, 13(2), Article 7. https://doi.org/10.15394/jdfsl.2018.1451

A common task in digital forensics investigations is to identify known contraband images. This is typically achieved by calculating a cryptographic digest, using hashing algorithms such as SHA256, for each image on a given medium, and comparing indiv... Read More about Fingerprinting JPEGs With Optimised Huffman Tables.

Fast Filtering of Known PNG Files Using Early File Features (2017)
Conference Proceeding
McKeown, S., Russell, G., & Leimich, P. (2017). Fast Filtering of Known PNG Files Using Early File Features. In Proceedings of the Conference on Digital Forensics, Security and Law

A common task in digital forensics investigations is to identify known contraband images. This is typically achieved by calculating a cryptographic digest, using hashing algorithms such as SHA256, for each image on a given media, comparing individual... Read More about Fast Filtering of Known PNG Files Using Early File Features.

Dynamic fine-grained access control in e-Health using: The secure SQL server system as an enabler of the future Internet (2016)
Conference Proceeding
Paulin, A., & Thuemmler, C. (2016). Dynamic fine-grained access control in e-Health using: The secure SQL server system as an enabler of the future Internet. In 2016 IEEE 18th International Conference on e-Health Networking, Applications and Services (Healthcom), (245-248). https://doi.org/10.1109/HealthCom.2016.7749462

This paper describes the use of the Secure SQL Server system (SecSQL) – a system for dynamic fine-grained access control, in the context of e-Health. The system was used in two heterogeneous use-cases of a European project, namely: to govern drugs al... Read More about Dynamic fine-grained access control in e-Health using: The secure SQL server system as an enabler of the future Internet.