international symposium on digital forensics...
TRANSCRIPT
-
INTERNATIONAL SYMPOSIUM ON
DIGITAL FORENSICS AND SECURITY
SYMPOSIUM PROGRAM AND ABSTRACTS
EDITED BY
PROF. DR. ASAF VAROL
ASSOC. PROF. DR. MURAT KARABATAK
ASSOC. PROF. DR. CİHAN VAROL
DR. SONGÜL KARABATAK
Consortium Members:
-
8TH INTERNATIONAL SYMPOSIUM ON DIGITAL
FORENSICS AND SECURITY
1-2 JUNE 2020
BEIRUT - LEBANON
SYMPOSIUM PROGRAM AND ABSTRACTS
EDITED BY
PROF. DR. ASAF VAROL
ASSOC. PROF. DR. MURAT KARABATAK
ASSOC. PROF. DR. CİHAN VAROL
DR. SONGÜL KARABATAK
BEIRUT - LEBANON
2020
-
WELCOME NOTE FROM GENERAL CHAIR
COVID-19 has been an unprecedented challenge for every nation in the world. While most of us moved to online/remote teaching to protect ourselves and our loved ones, we continue to cheer the heroics of nurses, physicians, and other essential personal who serves us. Once this pandemic started to show up in the headlines, we took a proactive approach, early in March, and got approved by IEEE to conduct this year’s symposium series remotely.
ISDFS has been held every year since its first occurrence in 2013. Therefore, as the organizers of the event we did not want to skip a year no matter what the circumstances were going to be. In the end, this new lifestyle increased the importance of cyber security and digital forensics as institutions/companies are moving more towards the online practice of their businesses. Therefore, the importance of sharing ideas about cyber security and digital forensics with research/teaching communities and technology companies is more vital than yesterday.
We truly hope we can physically get together for the 9th series of the event in 2021. However, it is evident that we will not able to go back to the lifestyle that we had before the pandemic and need to be ready for similar circumstances in future. That is why we know that this year’s event is not intended to be all-inclusive but will evolve over time as we learn more about this experience as it provides important questions and checklists to consider moving forward.
While originally scheduled to be held in Beirut, Lebanon, this year’s event, the 8th International Symposium on Digital Forensic and Security (ISDFS 2020) is held remotely/online. ISDFS (http://www.isdfs.org) is an International symposium originally initiated in May, 2013 by the Department of Software Engineering of College of Technology at Firat University, Turkey. ISDFS is organized by a consortium consists of Firat University (TR), Sam Houston State University (USA), Gazi University (TR), University of Arkansas at Little Rock (USA), San Diego State University (USA), Youngstown State University (US), Hacettepe University (TR), the University of Medicine, Pharmacy, Sciences and Technology of Tirgu Mures, Romania (RO), Polytechnic Institute of Cavado and Ave (PT), Balıkesir University (TR), Başkent University (TR), Association of Software and Cyber Security of Turkey, HAVELSAN, Lebanon Arab Open University (LB) and Singidunum University, Serbia (SRB).
Historically, the first symposium in the chain was hosted by Firat University in Elazig Turkey on May 20-21, 2013; the second at Sam Houston State University in Houston, Texas, USA on May 12-13, 2014; the third at the Gazi University in Ankara, Turkey on May 11-12, 2015; the fourth at the University of Arkansas at Little Rock in Little Rock, Arkansas, USA on April 25-27, 2016; the fifth at the University of Medicine, Pharmacy, Sciences and Technology of Tirgu Mures, Romania on April 26-28, 2017; the sixth one in Antalya, Turkey, on March 25-28, 2018; and the seventh one at the Polytechnic Institute of Cavado and Ave in Barcelos, Portugal, on June 10-12, 2019.
The symposium technical program organized into five tracks; Digital Forensics, Information Security, Data Privacy, Cryptography, and Computer Science in general.
Starting with the symposium in Arkansas, the conference has been sponsored by the IEEE Society and scholarly works disseminated in the symposium have been cited by Xplore Scientific Index.
I would like to express my sincere gratitude and appreciation to all of the consortium members for helping ISDFS to grow each year. We have received 92 paper submissions this year even though the negative effects of Covid-19. I also would like to extend my appreciation to the IEEE Lebanon Section, and Dr. Yara Abdalla, Rector of Arab Open University in Beirut/Lebanon and Dr. Hassan Sbeyti for their generosity in support of ISDFS 2020, and I would like to take this opportunity to thank Scientific Committee Members for their help during the paper review process.
Sincerely Yours,
June 1st, 2020
Prof. Dr. Asaf Varol General Coordinator of ISDFS
-
II
ORGANIZING COMMITTEE
Term Chairs of ISDFS-2020
Assoc. Prof. Dr.-Eng. Hasan Sbeyti, Arab Open University, Beirut, LB
General Chair of ISDFS
Prof. Dr. Asaf Varol, Fırat University, TR
Co-Chairs and Program Chairs
Assoc. Prof. Dr. Cihan Varol, Sam Houston State University, USA
Assoc. Prof. Dr. Murat Karabatak, Firat University, TR
Dr. Bachar A. Elhassan – Lebanese University, LB
Dr. Nazih Mobayed – IEEE Lebanon Section, LB
Dr. Mohammad Awwad – IEEE Lebanon Section, LB
Dr. Jacques Demerjian – IEEE Lebanon Section, LB
Dr. Usama Farrukh – IEEE Lebanon Section, LB
Conference Registration and Arrangements Committee
Asst. Prof. Dr. Tamer Kavuran, Graphic Design, Firat University, TR
Asst. Prof. Dr. Mehmet KAYA, Conference Arrangements, Syracuse University, USA
Dr. Songül Karabatak, Conference Arrangements, Firat University, TR
Ahmet Çotur, Web Design and Programming, Firat University, TR
Publications Committee Members
Assoc. Prof. Dr. Murat Karabatak, Firat University, TR
Assoc. Prof. Dr. Cihan Varol, Sam Houston State University, USA
Consortium members
Prof. Dr. Asaf Varol, Firat University, TR
Prof. Dr. Peter Alan Cooper, Sam Houston State University, USA
Prof. Dr. Şeref Sağıroğlu, Gazi University, TR
Prof. Dr. Coşkun Bayrak, Youngstown State University, USA
Assoc. Prof. Dr. Haller Piroska, University of Medicine, Pharmacy, Sciences and Technology, RO
Prof. Dr. Maria Manuela Cruz-Cunha, Polytechnic Institute of Cávado and Ave, PT
Assoc. Prof. Dr. Hassan Sbeity, Arab Open University, LB
Prof. Dr. Yusuf Öztürk, San Diego State University, USA
Prof. Dr. Çetin Arslan, Hacettepe University, TR
Assoc. Prof. Dr. Ayhan İstanbullu, Balıkesir University, TR
Assoc. Prof. Dr. İzzet Gökhan Özbilgin, Havelsan Technology and Academy Director, TR
Prof. Dr. Milan Tuba, Singidunum University, RS
Association of Software and Cyber Security of Turkey, TR
-
III
SCIENTIFIC COMMITTEE MEMBERS First Name Middle Last Name Organization
Abdulsamet Hasiloglu Ataturk University, TR Ahmet Hamdi Atalay HAVELSAN, TR Ahmad Fadlallah USAL, LB Ahmet Hasan Koltuksuz Yasar University, TR Ali Aydin Selçuk TOBB ETU, TR Ali Yazici Atilim University, TR Antal Margit Sapientia University, RO Asaf Varol Firat University, TR Atila Bostan Atilim University, TR Ayhan Erdem Gazi University, TR Ayhan Istanbullu Balikesir University, TR Bachar Ahmed Elhassan Lebanese University, LB Baris Aksanli San Diego University, USA Bassem Haidar Public Lebanese University, LB Bedri Ozer Firat University, TR Bela Genge Univ. of Medicine, Pharmacy, Sciences and Techn. RO Bogdan Robu Grenoble Institute of Technology, FR Bünyamin Ciylan Gazi University, TR Cetin Kaya Koc Istinye University, TR Chia-Chu Chiang University of Arkansas at Little Rock, US Chris Bowerman University of Sunderland, UK Cihan Varol Sam Houston State University, USA Coskun Bayrak Youngstown State University, USA Dimitris Geneiatakis Aristotle University of Thessaloniki, GR Ecir Ugur Kucuksille Suleyman Demirel University, TR Enis Karaarslan Marmara University, TR Erkan Tanyildizi Firat University, TR Erkay Savas Sabanci University, TR Esref Adali ITU, TR Fahad Salamh Purdue University, USA Fakis Alexandros University of the Aegean, GR Fatih Ozkaynak Firat University, TR Ferruh Ozbudak METU, TR Georgios Kambourakis University of the Aegean, GR Georgios Karopoulos University of Athens, GR Gheorghe Sebestyen Technical University of Cluj-Napoca, RO Hamadou Saliah Hassane Teluq University, CA Hassan Noura Arab Open University, LB Hassan Sbeyti Arab Open University, LB Husrev Taha Sencar TOBB ETU, TR Ibrahim Halil Bulbul Ahmet Yesevi University, KZ Ibrahim Ozcelik Sakarya University, TR Ibrahim Sogukpinar Gebze Institute of Technology, TR Ioan Salomie Technical University of Cluj-Napoca, RO Ibrahim Turkoglu Firat University, TR Joao Vilaça Polytechnic Institute of Cávado and Ave, PT Jozsef Vssarhelyi University of Miskolc, HU Kenji Yoshigoe University of Arkansas at Little Rock, USA Lei Chen Georgia Southern University, USA Luis Ferreira Polytechnic Institute of Cávado and Ave, PT Maha Farouk Sabir King Abdulaziz University, SA Majed Sinane Public Lebanese University, LB Maria Manuela Cruz Cunha Polytechnic Institute of Cávado and Ave, PT
-
IV
Mehmet Kaya Syracuse University, USA Mohand Tahar Kechadi University College Dublin, IE Mohammad Awwad National Center of Remote Sensing, LB Mohammad Malli Arap Open University, LB Mohammad Sbeiti Deutsche Telecom, LB Muhammet Baykara Firat University, TR Muharrem Tolga Sakalli Trakya University, TR Murat Karabatak Firat University, TR Narasimha K. Shashidhar Sam Houston State University, USA Nazife Baykal METU-Cyprus, CY Nhien-An Le-Khac University College Dublin, IE Nuno Mateus Coelho Univ. of Trás os Montes e Alto Douro, PT Nuno Rodrigues Polytechnic Institute of Cávado and Ave, PT Ozgur Karaduman Firat University, TR Peter Alan Cooper Sam Houston State University, USA Raymond Choo University of South Australia, AU Razvan Deaconescu Univ. Politehnica of Bucharest, RO Resul Das Firat University, TR Sandro Carvalho Polytechnic Institute of Cávado and Ave, PT Sedat Akleylek Ondokuz Mayis University, TR Seethal Paluri San Diego State University, USA Selcuk Kavut Balikesir University, TR Sengul Dogan Firat University, TR Seref Sagiroglu Gazi University, TR Sheikh Ariful Islam University of South Florida, USA Songul Karabatak Firat University, TR Sundar Krishnan Sam Houston State University, USA Sunil Kumar San Diego State University, USA Suzanne McIntosh New York University, USA Sylvain Guilley Secure-IC S.A.S Rennes, FR Szabo Laszlo Sapientia University, RO Szanto Zoltan Sapientia University, RO Tolga Sakalli Trakya University, TR Tuncay Dincer Ege University, TR Turker Tuncer Firat University, TR Vajda Tamas Sapientia University, RO Yusuf Ozturk San Diego State University, USA Yusuf Tulgar Net Data Soft, TR Zisis Tsiatsikas University of the Aegean, GR
-
V
SYMPOSIUM PROGRAM
8TH INTERNATIONAL SYMPOSIUM ON DIGITAL FORENSICS AND SECURITY
1 JUNE 2020, BEIRUT – LEBANON (ONLINE)
14:00-14:45 OPENING CEREMONY (SESSION CHAIR: PROF. DR. ASAF VAROL)
ASSOC. PROF. DR.-ENG. HASSAN SBEYTI TERM CHAIR OF ISDFS-2020
PROF. DR. ASAF VAROL GENERAL CHAIR OF ISDFS
MRS. DR. YARA ABDALLAH RECTOR OF ARAB OPEN UNIVERSITY, BEIRUT-LB
14:45-16:00 ONLINE PRESENTATIONS
PAPER ID 33: MULTI-KEY HOMOMORPHIC ENCRYPTION CREATE NEW MULTIPLE LOGIC GATES AND ARITHMETIC
CIRCUIT
YAP, CHERN NAM*; CHONG, KOK SEEN; TEW, ZHENG HONG
PAPER ID 42: ON THE CYBER SECURITY OF LEBANON: A LARGE SCALE EMPIRICAL STUDY OF CRITICAL VULNERABILITIES
FADLALLAH, YASSER*; SBEITI, MOHAMAD; HAMMOUD, MOHAMAD; NEHME, MOHAMAD; FADLALLAH,
AHMAD
PAPER ID 26: CHALLENGES OF ACQUIRING MOBILE DEVICES WHILE MINIMIZING THE LOSS OF USABLE FORENSICS
DATA
HERRERA, LAZARO A
OFFLINE PRESENTATIONS
INFORMATION SECURITY
PAPER ID 21: CLOUD COMPUTING SECURITY CHALLENGES AND THREATS
BALANI, ZINA*; VAROL, HACER
PAPER ID 30: TESTING IOT SECURITY: THE CASE STUDY OF AN IP CAMERA
ABDALLA, PESHRAW AHMED*; VAROL, CIHAN
PAPER ID 31: QIM-BASED SEMI-FRAGILE WATERMARKING FOR H.264 VIDEO AUTHENTICATION
EGOROVA, ANNA*; FEDOSEEV, VICTOR
PAPER ID 38: MINO: THE CHROME WEB BROWSER ADD-ON APPLICATION TO BLOCK THE HIDDEN CRYPTOCURRENCY
MINING ACTIVITIES
AKTEPE, SAFA*; VAROL, CIHAN; SHASHIDHAR, NARASIMHA K
PAPER ID 41: INTRODUCING THE ‘UNIFIED SIDE CHANNEL ATTACK MODEL’ (USCA-M)
JOHNSON, ANDREW*; WARD, RICHARD
PAPER ID 47: CYBERSECURITY EVALUATION WITH POWERSHELL
ZAVALA, STEVEN*; SHASHIDHAR, NARASIMHA KARPOOR; VAROL, CIHAN
PAPER ID 48: USING ITIL 4 IN SECURITY MANAGEMENT
BERGER, DERRICK*; SHASHIDHAR, NARASIMHA KARPOOR; VAROL, CIHAN
-
VI
PAPER ID 49: ON-PREMISES VERSUS SECAAS SECURITY MODELS
PLA, LUIS*; SHASHIDHAR, NARASIMHA KARPOOR; VAROL, CIHAN
PAPER ID 58: CLASSIFYING SOFTWARE VULNERABILITIES BY USING THE BUGS FRAMEWORK
ADHIKARI, THAMALI MADHUSHANI; WU, YAN*
PAPER ID 78: EXPLOITING VULNERABILITIES OF MRI SCANNER MACHINE: LEBANON CASE STUDY
NABHA, REEM AKRAM*, HASSAN SBEYTI
PAPER ID 79: SIGNATURE RECOGNITION USING MACHINE LEARNING
MSHIR, SHALAW*; KAYA, MEHMET
PAPER ID 80: MIRAI BOTNET IN LEBANON
IDRISS, HASAN*
CRYPTOGRAPHY
PAPER ID 51: AN EFFICIENT IP CORE OF CONSULTATIVE COMMITTEE FOR SPACE DATA SYSTEMS (CCSDS)
RECOMMENDED AUTHENTICATED CRYPTOGRAPHIC ALGORITHM
MURALEEDHARAN, DEEPA*; DANIEL, SANIL K.
PAPER ID 81: OVERVIEW OF EFFICIENT SYMMETRIC CRYPTOGRAPHY: DYNAMIC VS STATIC APPROACHES
NOURA, HASSAN N.*; CHEHAB, ALI; COUTURIER, RAPHAËL
PAPER ID 88: CRITICAL ANALYSIS OF CRYPTOGRAPHIC ALGORITHMS
ALROUBIEI, MAZOON; ALYARUBI, THURAIYA; KUMAR, BASANT*;
DATA PRIVACY
PAPER ID 59: A STUDY ON CYBER SECURITY CHALLENGES IN E-LEARNING MANAGEMENT SYSTEM
IBRAHIM, HABIB*; KARABATAK, SONGÜL; ABDULLAHI, ABDULLAHI ABBA
DIGITAL FORENSICS
PAPER ID 05: AUGMENTED REALITY BASED CRIMINAL INVESTIGATION SYSTEM (ARCRIME)
EHSAN I HAQUE, SHAHERYAR *; SALEEM, SHAHZAD
PAPER ID 08: A ROBUST COPY-MOVE FORGERY DETECTION IN DIGITAL IMAGE FORENSICS USING SURF
BADR, ABDELHALIM*; YOUSSIF, ALIAA A. A.; WAFI, MAGED
PAPER ID 13: THE ROLE OF MACHINE LEARNING IN DIGITAL FORENSICS
QADIR, ABDALBASIT MOHAMMED*; VAROL, ASAF
PAPER ID 25: IMPORTANCE OF ROOTING IN AN ANDROID DATA ACQUISITION
BOUEIZ, MARY ROSE*
PAPER ID 29: AN ANDROID CASE STUDY ON TECHNICAL ANTI-FORENSIC CHALLENGES OF WHATSAPP APPLICATION
MIRZA, MOHAMMAD M.; SALAMH, FAHAD; KARABIYIK, UMIT*
PAPER ID 37: REMOTE SENSING IMAGE INPAINTING WITH GENERATIVE ADVERSARIAL NETWORKS
GASHNIKOV, MIKHAIL*; KUZNETSOV, ANDREY
PAPER ID 39: GRAPHICALLY DISPLAY DATABASE TRANSACTIONS TO ENHANCE DATABASE FORENSICS
OROSCO, CHRISTINE*; VAROL, CIHAN; SHASHIDHAR, NARASIMHA K
PAPER ID 43: PREDICTING CRIME SCENE LOCATION DETAILS FOR FIRST RESPONDERS
KRISHNAN, SUNDAR*; ZHOU, BING
-
VII
PAPER ID 46: ANALYSIS OF IOS SQLITE SCHEMA EVOLUTION FOR UPDATING FORENSIC DATA EXTRACTION TOOLS
SHIMMI, SAMIHA; DORAI, GOKILA; KARABIYIK, UMIT*; AGGARWAL, SUDHIR
PAPER ID 55: METHOD FOR IMAGE COPYRIGHT PROTECTION BASED ON CONSRUCTION OF HIGHLY ROBUST
WATERMARKS
VYBORNOVA, YULIYA*
PAPER ID 60: A CONCETUAL FRAMEWORK FOR DATABASE ANTI-FORENSICS IMPACT MITIGATION
ADAMU, BASHIR ZAK*; KARABATAK, MURAT; ERTAM, FATIH
PAPER ID 61: DISTRICT RANSOMWARE: STATIC AND DYNAMIC ANALYSIS
ANDES, NEIL*; WEI, MINGKUI
PAPER ID 63: Z GENERATION STUDENTS AND THEIR DIGITAL FOOTPRINT
KARABATAK, SONGÜL*; KARABATAK, MURAT
PAPER ID 83: OVERVIEW OF DIGITAL FORENSICS AND ANTI-FORENSICS TECHNIQUES
MAJED, HUSSEIN; NOURA, HASSAN N.*; CHEHAB, ALI
PAPER ID 84: INTELLIGENCE IN DIGITAL FORENSICS PROCESS
ADAM, ILIYASU YAHAYA*; VAROL, CIHAN
COMPUTER SCIENCE
PAPER ID 09: QOS PARAMETERS FOR VIABLE SLA IN CLOUD
RAZA, MUHAMMAD RAHEEL*; VAROL, ASAF
PAPER ID 10: CLOUD AND FOG COMPUTING: A SURVEY TO THE CONCEPT AND CHALLENGES
VAROL, ASAF; RAZA, MUHAMMAD RAHEEL*; VAROL, NURHAYAT
PAPER ID 16: A REVIEW OF IMAGE SEGMENTATION USING MATLAB ENVIRONMENT
ABDULRAHMAN, AWF*; VAROL, SERKAN
PAPER ID 17: COMPARISON OF THE IOT PLATFORM VENDORS, MICROSOFT AZURE, AMAZON WEB SERVICES, AND
GOOGLE CLOUD, FROM USERS’ PERSPECTIVES
MUHAMMED, AINA’U SHEHU *; UCUZ, DERYA
PAPER ID 18: DESIGN AND IMPLEMENTATION OF A SIMPLE ONLINE COURT CASE MANAGEMENT SYSTEM BASED ON
THE ANDROID PLATFORM
ALI, CHAWAN TAHA HAMA*; VAROL, ASAF
PAPER ID 20: CINEMA STATION APPLICATION (CSA): AN AUGMENTED REALITY APPLICATION FOR ACCESSING FILM
INFORMATION AND ONLINE CINEMA BOOKING
ALKHURAIJI, SAMAR M*
PAPER ID 22: PREDICTING STUDENT’S FINAL GRADUATION CGPA USING DATA MINING AND REGRESSION METHODS:
A CASE STUDY OF KANO INFORMATICS INSTITUTE
DANBATTA, SALIM JIBRIN*; VAROL, ASAF
PAPER ID 27: CLASSIFICATION OF LIVE/LIFELESS ASSETS WITH LASER BEAMS IN DIFFERENT HUMIDITY ENVIRONMENTS
OLGUN, NEVZAT*; TÜRKOĞLU, İBRAHIM
PAPER ID 28: A STUDY ON AUTOMATIC SPEECH RECOGNITION SYSTEMS
IBRAHIM, HABIB*; VAROL, ASAF
PAPER ID 32: DECISION-TREE-BASED INTERPOLATION FOR MULTIDIMENSIONAL SIGNAL COMPRESSION
GASHNIKOV, MIKHAIL*
-
VIII
PAPER ID 44: FILTERING TURKISH SPAM USING LSTM FROM DEEP LEARNING TECHNIQUES
ERYILMAZ, ERSIN ENES*; ŞAHIN, DURMUŞ ÖZKAN; KILIÇ, ERDAL
PAPER ID 50: IN-DEPTH ANALYSIS OF SPEECH PRODUCTION, AUDITORY SYSTEM, EMOTION THEORIES AND EMOTION
RECOGNITION
ÜLGEN SÖNMEZ, YEŞIM*; VAROL, ASAF
PAPER ID 52: TIME SERIES DATABASE PREPROCESSING FOR DATA MINING USING PYTHON
ALSAADAWI, HUSSEIN FAROOQ TAYEB*; KARABATAK, MURAT; VAROL, CIHAN
PAPER ID 54: GPS-BASED MOBILE CROSS-PLATFORM CARGO TRACKING SYSTEM WITH WEB-BASED APPLICATION
QADIR, ABDALBASIT MOHAMMED *; COOPER, PETER
PAPER ID 62: STUDENTS' USAGE OF SMARTPHONES IN THE CLASSES
KARABATAK, SONGÜL; ALANOĞLU, MÜSLIM*
PAPER ID 65: REMOTE MONITORING REAL TIME AIR POLLUTION - IOT (CLOUD BASED)
KARABATAK, MURAT; MUSTAFA, TWANA*; ALI, CHAWAN TAHA HAMA
PAPER ID 66: TO REVIEW AND COMPARE EVOLUTIONARY ALGORITHMS IN OPTIMIZATION OF DISTRIBUTED DATABASE
QUERY
ABDALLA, MOHAMMED HUSSEIN*; KARABATAK, MURAT
PAPER ID 68: DATABASE SECURITY THREATS AND CHALLENGES
SULAIMAN, ABDULAZEEZ MOUSA*; KARABATAK, MURAT; MUSTAFA, TWANA
PAPER ID 70: EFFECT OF MEAN FILTER ON FACE IMAGE FROM VIDEO FRAMES
OTHMAN, PAWAN; MARQAS, RIDWAN BOYA*; ABULQADER, DILER; ALMOFTY, SAMAN
PAPER ID 73: REVIEW OF THE INTERNET OF THINGS FOR HEALTHCARE MONITORING
VAROL, ASAF; MUSTAFA, TWANA*
PAPER ID 82: BIG DATA ARCHITECTURE: DESIGNING THE RIGHT SOLUTION FOR SOCIAL NETWORK ANALYSIS
AGBO, INNOCENT O*; KUPRIYANOV, ALEXANDER; RYTSAREV, IGOR
PAPER ID 92: EFFECTS OF HOMEWORK SUPPORTED DISTANCE EDUCATION ON ACADEMIC SATISFACTION, ACADEMIC
ACHIEVEMENT, AND ATTITUDE TOWARDS DISTANCE EDUCATION
SONGÜL KARABATAK*; MÜSLIM ALANOĞLU; MURAT KARABATAK
-
1
ABSTRACTS
Paper ID: 05
Augmented Reality Based Criminal Investigation System (ARCRIME)
Shaheryar Ehsan I. Haque*, Shahzad Saleem
*NUST, Islamabad, Pakistan
*Email: [email protected]
Abstract— Crime scene investigation and preservation are fundamentally the pillars of forensics. Numerous
cases have been discussed in this paper where mishandling of evidence or improper investigation leads to
lengthy trials and even worse incorrect verdicts. Whether the problem is lack of training of first responders or
any other scenario, it is essential for police officers to properly preserve the evidence. Second problem is the
criminal profiling where each district department has its own method of storing information about criminals.
ARCRIME intends to digitally transform the way police combat crime. It will allow police officers to create
a copy of the scene of crime so that it can be presented in courts or in forensics labs. It will be in the form of
wearable glasses for officers on site whereas officers during training will be wearing a headset. The trainee
officers will be provided with simulations of cases which have already been resolved. Officers on scene would
be provided with intelligence about the crime and the suspect they are interviewing. They would be able to
create a case file with audio recording and images which can be digitally sent to a prosecution lawyer. This
paper also explores the risks involved with ARCRIME and also weighs in their impact and likelihood of
happening. Certain contingency plans have been highlighted in the same section as well to respond to
emergency situations.
Paper ID: 08
Move Forgery Detection In Digital Image Forensics Using SURF
Abdelhalim Badr*, Aliaa A. A. Youssif, Maged Wafi
*Helwan University
*Email: [email protected]
Abstract—In recent years, due to the technological revolution in editing digital images, various advanced
image manipulating software has been used to build new unrealistic images without leaving traces of what
happens, therefore tampering will be hard to detect visually. Digital image forgeries have many forms but still
recognizing copy-move forgery is very challenging. Hence, this paper introduces a new robust algorithm to
detect copy-move forgery based on Speeded Up Robust Feature (SURF) descriptor, Approximate Nearest
Neighbor (ANN) as a feature matching, Simple Linear Iterative Clustering (SLIC) used as a clustering
algorithm to divide the whole image into superpixel blocks. The doubted regions are determined by replacing
the matched feature points with corresponding superpixel blocks then the neighboring blocks have been
merged based on similar Local Color Features (LCF). Finally, morphological close operation applied to elicit
the doubted forged regions. Proposed algorithm recorded a running time of 3.84 seconds with 91.95%
localization accuracy applied on various datasets such as CoMoFoD, MICC-F2000, MICC-F220, and MICC-
F600 for detecting tampered plain copy-move, duplicate regions, post-processing and pre-processing attacks
like color reduction, blurring, brightness modifications, noise addition, geometric attacks, and JPEG
compression as an evaluation of robustness.
-
2
Paper ID: 09
QoS Parameters for Viable SLA in Cloud
Muhammad Raheel Raza*, Asaf Varol
*Fırat University
*Email: [email protected]
Abstract— Quality of Service (QoS) is a key factor for a viable Service Level Agreement (SLA) which ensures
the formation of a reliable provider-consumer relationship in cloud computing. SLA ties up a service provider
with a service consumer on agreed upon terms and conditions so that the provider’s promised services and the
consumer’s requirements are fulfilled which results in a trustful relationship between them. In this paper, an
analysis of the existing literature is made to identify the gaps needed to be filled for establishing a trustful
relationship. The literature is classified w.r.t the QoS potential attributes i.e. trust, resource management, risk
management, security, task scheduling and performance etc. contributing to maintain a feasible SLA.
Paper ID: 10
Cloud and Fog Computing: A Survey to the Concept and Challenges
Asaf Varol, Muhammad Raheel Raza*, Nurhayat Varol
* Fırat University
*Email: [email protected]
Abstract— Cloud Computing is one of the most emerging technologies that has transformed the macro world.
The advent of cloud computing is not less than an evolution and miracle to the technology. It has made the
on-demand availability of various scalable software resources possible over the internet. Although its
extraordinary services and advantages like reduction of computing and storage resources as well as reducing
cost, there are some barriers that limits and challenges the usability of cloud computing. On the
other hand, Fog Computing, another computing paradigm, is an extended and advanced version of cloud
computing. Having distributed nature, Fog Computing tries to address the limitations faced by cloud
computing. The paper provides a general study of the challenges faced by cloud computing and how fog
computing infrastructure serves to be an emerging technology to those limitations.
Paper ID: 013
The Role of Machine Learning in Digital Forensics
Abdalbasit Mohammed Qadir*, Asaf Varol
* Firat University
*Email: [email protected]
Abstract— Digital forensics, as a branch of the forensic sciences, is facing new challenges from the aspect that potential digital evidence is growing and expanding. Rapid development in the fields of computer science
and information technology provides innovative techniques for digital investigations. In this paper, the
important role of machine learning is explained as an application of artificial intelligence, and how it can be
used to analyse large amounts of diverse data-sets in order to reveal any criminal behavior and intent through
learning from previous and historical activities to predict criminal behaviors in the future.
-
3
Paper ID: 16
A Review of Image Segmentation Using MATLAB Environment
Awf Abdulrahman*, Serkan Varol
* Dohuk Polytechnic University
*Email: [email protected]
Abstract—Image segmentation is of great importance in understanding and analyzing objects within images.
The process involves dividing vague images into meaningful and useful ones by segmenting them and
subsequently evaluating them based on color density. This process is used in the medical, cultural and
industrial fields, among others. There are many functions used in image segmentation, including edge and
threshold functions. This paper will review these techniques, provide examples, and illustrate the types of
applicable images
Paper ID: 17
Comparison of the IoT Platform Vendors, Microsoft Azure, Amazon Web Services, and Google
Cloud, from Users’ Perspectives
Aina’u Shehu Muhammed*, Derya Ucuz
* Kano State College Of Education & Preliminary Studies
*Email: [email protected]
Abstract— The largest Internet of Things (IoT) cloud platform vendors are Microsoft Azure, Amazon Web Services, and Google Cloud. These companies are known as the big three, and have all agreed to join the IoT
domain and concentrate on improving the services on their IoT platforms. While these platform descriptions
are extensive, users are constantly experiencing difficulties in making the right choice of which platform to
use, between the three. This paper presents a comparison of the big three, using the constraints of hubs,
analytics, and security. The study also provides some recommendations as to which IoT cloud platform vendor
is more ideal, notwithstanding the limitations of the study. In view of these results, users will be able to more
confidently select vendors, based on their demands and goals.
Paper ID: 18
Design and Implementation of a Simple Online Court Case Management System Based on the
Android Platform
Chawan Taha Hama Ali*, Asaf Varol
* University of Sulaimany
*Email: [email protected]
Abstract The main purpose of this research is to create a new application in Android Operating System for a complainant who cannot visit his/her lawyer regularly or unable to go out due to fear of his/her life. Thanks
to this research, a new application was established to make a bridge between a complainant and his/her lawyer.
Everything is done automatically after necessary data entered into the application. So, costs are reduced and
wasting of the time is diminished.
-
4
Paper ID: 20
Cinema Station Application (CSA): An Augmented Reality Application for Accessing Film
Information and Online Cinema Booking
Samar Alkhuraiji
King Abdulaziz University
Email: [email protected]
Abstract— Cinema is an effective medium for education and recreation, as it plays a crucial social, political, educational, and moral role in life. Reopening cinemas in Saudi Arabia has garnered much attention from
cinema operators, moviemakers, and Saudi citizens who are eager to watch movies in cinemas. The main
problem that cinemas will face when they reopen will be the overwhelming demand for tickets, as it will be
difficult to reserve a ticket on a regular day and almost impossible for movie premieres. This paper describes
a Cinema Station Application (CSA), which is a mobile application for cinemas that allows users to search for
movies and cinema operators quickly and easily. Users have the opportunity to book a ticket anywhere and
anytime. Furthermore, the application uses augmented reality technology to display a movie trailer directly on
the poster and view reviews, the overall rating, and the cast.
Paper ID: 21
Cloud Computing Security Challenges and Threats
Zina Balani, Hacer Varol*
* Sam Houston State University
*Email: [email protected]
Abstract— In today’s sophisticated life, technology covers all aspects of our daily life, and that creates an environment for the attackers to access and attack a targeted organization easily with the lowest cost. However,
it is difficult for the organization to detect it easily. Cloud computing, users can store data across the network
in an online environment. Moreover, the data can be accessed everywhere across the world. Most people,
especially users who do not know enough about the increasing number of attacks and the development of
technology, are concerned about keeping their data in clouds because security is a critical issue. In the study
of this paper, some methods and techniques are provided to protect data in an online environment. These
methods and techniques have the lowest costs and can be employed by every user as an easy way to defend
themselves against attackers.
-
5
Paper ID: 22
Predicting Student’s Final Graduation CGPA Using Data Mining and Regression Methods: A Case
Study of Kano Informatics Institute
Salim Danbatta*, Asaf Varol
*Fırat University
*Email: [email protected]
Abstract— Data mining and regression techniques are important methods that we can use to predict students’ performance to inform decision making. This study uses five regression techniques to analyse students’ first-
year cumulative grade point average (CGPA) and predict their final graduation CGPA. The data set used in
this study is that of programming and software development students at Kano Informatics Institute. The results
and the grades obtained by 163 students forms the sample data used in the study. The forecast error, mean
forecast error and mean absolute forecast error are all calculated. Dickey–Fuller’s stationary t-test is performed
for all the regressions analysis values using the Python programming language to determine the mean and if
the data is centred on the mean. We use the stationary t-test to test the null and alternative Dickey–Fuller’s
hypotheses to compare our P-values and critical values for all regressions analyses done. The results show
that the P-values obtained for all the regressions are small and less than the critical value. However, linear
regression is the model with the mean closest to zero, and, according to Dickey–Fuller’s statistics, it is the
model that best fits our data.
Paper ID: 25
Importance of Rooting in an Android Data Acquisition
Mary Rose Boueiz
Arab Open University
Email: [email protected]
Abstract— Since Android became the leading handheld devices operating system worldwide, the probability increases of an Android device being subject to usage in a criminal case making Android data acquisition a
necessity in investigations. However, with the increasing security level and complexity of each new model
and operating system released, forensic acquisition is getting more and more difficult. Special tools and
techniques are needed in criminal investigation in order to acquire data from an android device. This paper
explores various tools, technique available in order to perform logical, physical acquisition and conducts a
data acquisition followed by an analysis of the extracted data.
Paper ID: 26
Challenges of Acquiring Mobile Devices While Minimizing the Loss of Usable Forensics Data
Lazaro A. Herrera
Nova Southeastern University
Email: [email protected]
Abstract— The move from computers to mobile devices has placed forensic professionals in a tough spot
when performing analysis of seized hardware. Forensics specialists must contend with hardware that is
designed to be secure (as it is highly mobile), is capable of receiving commands from a suspect after it has
been seized (which could include commands that are capable of destroying evidence remotely), obsolescence
of certain forensics methods (such as deleted file recovery from block storage) while having to purchase
expensive software and hardware packages to extract any usable data.
-
6
Paper ID: 27
Classification of Live/Lifeless Assets with Laser Beams in Different Humidity Environments
Nevzat Olgun*, İbrahim Türkoğlu
* Bülent Ecevit University *Email: [email protected]
Abstract—Detecting the vitality of a certain distance person is important in natural disasters, search and rescue
activities, urban warfare environments and in the fight against terrorism. In this study, a system is proposed
that targets located at a certain distance are marked with a low-power laser beam, allowing them to be detected
as live/lifeless. In addition, the performance of the proposed system in different relative humidity
environments is analyzed. In this study, in a laboratory environment with 32%, 60%, 70% and 80% relative
humidity, laser marks are obtained from the arms of 10 volunteer male subjects and 17 different objects, for
each humidity rate. The signals obtained are trained in the developed deep learning network. In the literature,
it is known that the performance of electronic devices at high relative humidity rates has decreased. The
performance of the proposed system in different relative humidity environments is an average of 99.57%. As
a result of experimental studies, it can be seen that the proposed system has a high classification performance
even in the low humidity and very high humidity range. The fact that assets at a certain distance can be
classified as live/lifeless with a high-performance rate, regardless of the humidity rate, demonstrates the
applicability of the proposed system.
Paper ID: 28
A Study on Automatic Speech Recognition Systems
Habib Ibrahim*, Asaf Varol
* Gana University *Email: [email protected]
Abstract— Speech recognition is a technique that enables machines to automatically identify the human voice through speech signals. In other words, it helps create a communication link between machines and humans.
Speech recognition uses an acoustic and modeling algorithm to execute its task. It allows interaction between
computer interfaces and a natural human voice. Speech recognition is one of the current topics of discussion
in the twenty-first century. The advent of technological gadgets in modern society has become rampant
through vigorous efforts made by scientists in realizing their aim of developing an algorithm that will allow
machines to interact with human beings. It is obvious that this situation, previously thought of as fiction, has
been achieved. Hence, there are several applications that enhance speech recognition. This paper aims to study
some models of the speech recognition system, its classification of speech, its significance and its application.
-
7
Paper ID: 29
An Android Case Study on Technical Anti-Forensic Challenges of WhatsApp Application
Mohammad Mirza, Fahad Salamh, Umit Karabiyik*
* Purdue University *Email: [email protected]
Abstract— Cyberbullying has become a serious concern in this Internet era with the availability of various communication technologies. While no one wishes to be a victim of cyberbullying, some of the electronic
platforms, specifically Instant Messaging Applications (IMAs) such as WhatsApp, have created a safe haven
for cyberbullying. As the use of WhatsApp application is globally increasing, it is extremely important to
consider it being misused as a tool of cybercrime. This paper investigates some of the technical issues with
WhatsApp application that could open the door to cybercrimes and pose anti-forensic challenges. In addition,
we also highlight possible anti-forensic techniques for WhatsApp application through two hypothetical case
scenarios. Moreover, we propose a validated solution to the `delete for everyone' feature of WhatsApp by
presenting a demo mobile application that recovers any deleted messages even after block status.
Paper ID: 30
Testing IoT Security: The Case Study of an IP Camera
Peshraw Ahmed Abdalla*; Cihan Varol
* University of Halabja *Email: [email protected]
Abstract— While the Internet of Things (IoT) applications and devices expanded rapidly, security and privacy of the IoT devices emerged as a major problem. Current studies reveal that there are significant weaknesses
detected in several types of IoT devices moreover in several situations there are no security mechanisms to
protect these devices. The IoT devices' users utilize the internet for the purpose of control and connect their
machines. IoT application utilization has risen exponentially over time and our sensitive data is captured by
IoT devices continuously, unknowingly or knowingly. The motivation behind this paper was the
vulnerabilities that exist at the IP cameras. In this study, we undertake a more extensive investigation of IP
cameras' vulnerabilities and demonstrate their effect on users' security and privacy through the use of the Kali
Linux penetration testing platform and its tools. For this purpose, the paper performs a hands-on test on an IP
camera with the name (“Intelligent Onvif YY HD”) to analyze the security elements of this device. The results
of this paper show that IP cameras have several security lacks and weaknesses which these flaws have multiple
security impacts on users.
Paper ID: 31
QIM-Based Semi-Fragile Watermarking for H.264 Video Authentication
Anna Egorova*, Victor Fedoseev
* Samara University *Email: [email protected]
Abstract— The paper presents a semi-fragile watermarking system designed for H.264 video authentication. The proposed system embeds a semi-fragile watermark into integer DCT coefficients of each keyframe of a
video at the H.264 quantization step. The system localizes modified video regions of size 4×4 with high
accuracy. The experimental part demonstrates the influence of the embedding process on the visual quality of
the protected video and the watermark extraction error for different H.264 quality parameter values.
-
8
Paper ID: 32
Decision-Tree-Based Interpolation for Multidimensional Signal Compression
Mikhail Gashnikov
Samara National Research University
Email: [email protected]
Abstract— We investigate a decision-tree-based interpolator as part of multidimensional signal compression methods. This interpolator selects the interpolating function at each signal point through a decision tree. We
propose a learning algorithm for this decision tree. This algorithm is based on a recursive procedure for
calculating the entropy of quantized interpolation errors. We adapt the decision-tree-based interpolator for the
hierarchical compression method. We propose a multidimensional local feature and a set of interpolating
functions for this compression method. We research the decision-tree-based interpolator for compression of
natural multi-dimensional signals. The experimental results prove that this interpolator can significantly (up
to 30%) increase the efficiency of the hierarchical compression method.
Paper ID: 33
Multi-Key Homomorphic Encryption Create new Multiple Logic Gates and Arithmetic Circuit
Kok Seen Chong, Chern Nam Yap*, Zheng Hong Tew
* Temasek Polytechnic
*Email: [email protected]
Abstract— This is a feasibility study on homomorphic encryption using the MK-TFHE library in daily
computing using cloud services. Logic gates OR, AND, XOR, XNOR, NOR were created. A basic set of
arithmetic operations namely -addition, subtraction, multiplication and division were also created. This
research is a continuation of previous work and this peeks into the newly created logic gates on these arithmetic
operations.
Paper ID: 37
Remote Sensing Image Inpainting with Generative Adversarial Networks
Mikhail Gashnikov*, Andrey Kuznetsov
* Samara National Research University *Email: [email protected]
Abstract— we investigate generative adversarial neural networks (GAN) for remote sensing image inpainting.
We are considering a generative neural network with a contour predictor. We use this neural network to
inpainting of the natural remote sensing images obtained by ”Canopus”, ”Meteor”, ”AIST”, “Resurs” aircrafts,
as well as Google Earth images. As a basis for comparison, we use an exemplar-based algorithm. We
experimentally prove the effectiveness of the generative neural network with the contour predictor for remote
sensing image inpainting, in particular for generation forgery Earth remote sensing data.
-
9
Paper ID: 38
MiNo: The Chrome Web Browser Add-on Application to Block the Hidden Cryptocurrency Mining
Activities
Safa Aktepe*, Cihan Varol, Narasimha Shashidhar
* Sam Houston State University *Email: [email protected]
Abstract— Cryptocurrencies are the digital currencies designed to replace the regular cash money while taking
place in our daily lives especially for the last couple of years. Mining cryptocurrencies are one of the popular
ways to have them and make a profit due to unstable values in the market. This attracts attackers to utilize
malware on internet users’ computer resources, also known as cryptojacking, to mine cryptocurrencies.
Cryptojacking started to be a major issue in the internet world. In this case, we developed MiNo, a web browser
add-on application to detect these malicious mining activities running without the user’s permission or
knowledge. This add-on provides security and efficiency for the computer resources of the internet users.
MiNo designed and developed with double-layer protection which makes it ahead of its competitors in the
market.
Paper ID: 39
Graphically Display Database Transactions to Enhance Database Forensics
Christine Orosco*, Cihan Varol, Narasimha Shashidhar
*Sam Houston State University
*Email: [email protected]
Abstract— Database forensics presents a set of unique challenges and these may contribute to the reason for
the lack of available tools and methods for database forensics. Yet considering the pervasiveness of databases
in society, the amount of sensitive data stored within these repositories, and the number of data breaches, it is
perplexing why there are not more database forensic software applications. This paper contains a discussion
of a design for the graphical display of database transactions from a MySQL database. Using tools such as
Elasticsearch and Kibana to aggregate the log files and pre-process the data into an intelligent format facilitates
the expedient analysis of volumes of database transactions. The capability to search through terabytes of data
within mere seconds and visually display this data is invaluable and considered as the vital contribution of this
work.
Paper ID: 41
Introducing The ‘Unified Side Channel Attack Model’ (USCA-M)
Andrew Johnson*, Richard Ward
* University of South Wales *Email: [email protected]
Abstract— This paper presents a ‘Unified Side Channel Attack Model’ (USCA-M). The USCA-M model is
compiled by the research undertaken of side-channel attacks (SCAs) from published journal articles and
conference papers between 2015-2019. The research found that SCAs can be categorised into three main areas:
SCA types, SCA methods and SCA techniques. By using this categorisation as a foundation, the USCA-M
was compiled. USCA-M has three main contributions to the research field:
1. A unified model that can categorize present and future SCA vulnerabilities and exploit techniques found;
2. A reference point for organisations to be able to identify and place a found SCA within a common or
unified categorisation;
3. The decomposition of SCA methods and techniques into identifiable components to assist in the defence
of SCAs, such as code pattern recognition.
-
10
Paper ID: 42
On the Cyber Security of Lebanon: A Large Scale Empirical Study of Critical Vulnerabilities
Yasser Fadlallah*, Mohamad Sbeiti, Mohamad Hammoud, Mohamad Nehme, Ahmad Fadlallah
* University of Sciences and Arts in Lebanon *Email: [email protected]
Abstract— In this paper, we uncover 1645 critical vulnerabilities in the perimeter of Lebanon affecting the
majority of its sectors, including critical infrastructure. Given the enormous economic and personal damage
imposed by critical vulnerabilities, we use a novel framework to regularly identify these vulnerabilities in time
on a large scale. We show that the root cause of the uncovered vulnerabilities is the lack of a core security best
practice, namely, patch management. All the 1645 vulnerable systems had a patch offered by the vendor at
the time they were found vulnerable. In addition to that, the poor reaction to our notification efforts to the
owners of vulnerable systems underlines another lack of a proper incident handling process.
To this end, this research shall be considered as a first step towards continuous attack surface evaluation of
Lebanon, which shall involve different parties from public and private sectors in order to better perform risk
analysis and mitigation.
Paper ID: 43
Predicting Crime Scene Location Details for First Responders
Sundar Krishnan*, Bing Zhou
*Sam Houston State University
*Email: [email protected]
Abstract— Responding to an emergency or crime can be challenging especially when one does not fully know the location details. Often first responders arrive a crime scene with little information and then make
their way around. During an emergency, when seconds count and first responder units need to locate
individuals requiring immediate assistance, they simply don’t have the time to figure out the location details
at the facility or residence. In this experiment, the author’s leverage statistical predictive modeling and
machine learning techniques to analyze a public dataset to predict premise/location details for first
responders with reasonable accuracy.
Paper ID: 44
Filtering Turkish Spam using LSTM from Deep Learning Techniques
Ersin Eryılmaz*, Durmuş Şahin, Erdal Kılıç
* Ondokuz Mayıs University *Email: [email protected]
Abstract— E-mails are used effectively by people or communities who want to do propaganda, advertisement,
and phishing because of their ease of use and low cost. People or communities who want to achieve their goals
send unnecessary and spam to the e-mail accounts they never knew. These mails cause serious financial and
moral damages to internet users and also engage in internet traffic. Unsolicited e-mails (spam) are a method
sent to the recipient without their consent and generally for malicious or promotional purposes. In this study,
spam was detected with Keras deep learning library on the Turkish dataset. TurkishEmail dataset contains 800
e-mails, half of which are spam e-mails. With the deep learning algorithm long short term memory (LSTM),
a 100% accuracy rate has been achieved in the Turkish e-mail dataset.
-
11
Paper ID: 46
Analysis of iOS SQLite Schema Evolution for Updating Forensic Data Extraction Tools
Samiha Shimmi, Gokila Dorai, Umit Karabiyik*, Sudhir Aggarwal
* Purdue University *Email: [email protected]
Abstract— Files in the backup of iOS devices can be a potential source of evidentiary data. Particularly, the iOS backup (obtained through a logical acquisition technique) is widely used by many forensic tools to sift
through the data. A significant challenge faced by several forensic tool developers is the changes in the data
organization of the iOS backup. This is due to the fact that the iOS operating system is frequently updated by
Apple Inc. Many iOS application developers release periodical updates to iOS mobile applications. Both these
reasons can cause significant changes in the way user data gets stored in the iOS backup files. Moreover,
approximately once every couple years, there could be a major iOS release which can cause the reorganization
of files and folders in the iOS backup. Directories in the iOS backup contain SQLite databases, plist files,
XML files, text files, and media files. Android/iOS devices generally use SQLite databases since it is a
lightweight database. Our focus in this paper is to analyze the SQLite schema evolution specific to iOS and
assist forensic tool developers in keeping their tools compatible with the latest iOS version. Our
recommendations for updating the forensic data extraction tools is based on the observation of schema changes
found in successive iOS versions.
Paper ID: 47
Cybersecurity Evaluation with PowerShell
Steven Zavala*, Narasimha Shashidhar, Cihan Varol
* Sam Houston State University
*Email: [email protected]
Abstract— An organization’s cybersecurity posture is trending as one of the most highly regarded areas of
focus. As more companies fall victim to breaches and exploits, we find more cases where corporations are
falling victim to this and we find they attribute to improper defined security practices, failure to have a policy
to address breaches or even comply with their existing strategies. It comes as no surprise that the effects of
breaches and the eventual compromise of data continues to impact every level from large corporations down
to the individuals. Therefore, it is imperative to provide individuals with a comparative method to retrieve a
common baseline of their cybersecurity posture versus an acceptable established standard. Existing audit
measures are quite cumbersome and introduce room for errors. Using PowerShell provides a method to
automate parsing information into a company’s existing policy and expose any cybersecurity vulnerabilities.
PowerShell audit process used here will provide an organization with the method to self-check without having
to incorporate the use of software from third-party tools. Because of PowerShell’s flexibility of parsing
information using from the OS environment. CSET as designed by the collaborative efforts from Department
Homeland Security (DHS) and the National Cybersecurity and Communications Integration Center (NCCIC)
provides a very thorough method of producing an evaluation of the organization’s Cybersecurity posture.
Their tool achieves this through various means which may require an auditor participant to produce the
necessary information by manually extracting values, such as whether software firewall rules are enabled or
not. Our research focuses on executing query commands and automating much of the manual process of
gathering data to eliminate the human component by combining PowerShell functions which can give the
auditor another method to tailor their audit experience to what is relevant in their area of concern.
-
12
Paper ID: 48
Using ITIL 4 in Security Management
Derrick Berger*, Narasimha Shashidhar, Cihan Varol
* Sam Houston State University *Email: [email protected]
Abstract— Organizations of any size are tasked with managing security and risks of varying degrees of impact
and complexity. Managing security can be one of the most intricate yet pervasive aspects of Information
Technology Management. The service management philosophy that many organizations use is Information
Technology Service Management (ITSM). Within ITSM, Information Technology Infrastructure Library
(ITIL) is a set of best practices that can be used to manage security. The unique aspect of security incidents
can be their sensitive nature. This sensitivity can complicate the management of security but does not preclude
it from being managed in a way that is appropriate and effective for the organization. Due to the novelty of
ITIL 4, there is a lack of research for effectively managing security incidents within an ITIL 4 framework.
ITIL 4 represents a change in some of the core components of ITIL. This paper will examine how ITIL 4 can
provide a framework for managing security.
Paper ID: 49
On-Premises Versus SECaaS Security Models
Luis Pla*, Narasimha Shashidhar, Cihan Varol
* Sam Houston State University
*Email: [email protected]
Abstract— The overarching aim of our research project was to determine whether replacing the traditional
on-premises IT security model with SECaaS is a sensible decision in the context of small to medium-sized
organizations. To accomplish this goal, a comparative analysis of the two cybersecurity models was conducted
whereby relevant evidence was extracted from existing information. Findings revealed that the IT security
management function is too sensitive to be left in the hands of a third-party cloud services provider. Rather,
the function ought to be managed internally to minimize the potential attack vector as much as possible.
However, despite our primary finding, we note that when cloud-based apps, operations, and data are involved,
the SECaaS model is considered to be the most suitable IT security management approach. In particular,
SECaaS outperforms the premise-based security model in the following core dimensions: cost-savings, ease
of management, scalability and agility, expertise, constant updates, and cost-effective compliance. In our
current research, we document the differences between the on-premises IT security and SECaaS models, and
justify the case for SECaaS as the most suitable approach primarily focusing on the suite of cloud-based
cybersecurity tools packaged with Microsoft 365 Business.
-
13
Paper ID: 50
In-Depth Analysis of Speech Production, Auditory System, Emotion Theories and Emotion
Recognition
Yeşim Ülgen Sönmez*, Asaf Varol
* Firat University *Email: [email protected]
Abstract— Artificial intelligence and machine learning are used to make machines more intelligent. SER
emotion recognition from speech signals is a difficult problem for machine learning which artificial
intelligence method is. The speech signal is difficult to analyze because it contains different frequencies and
features. Speech is digitized by signal processing methods and sound characteristics are obtained by acoustic
analysis. These features vary by emotions such as sadness, fear, anger, happiness, boredom and surprise.
Analysis methods emerged by modeling the features of speech production system and human hearing system.
In this study, speech production system, hearing system, emotion production system, emotion definition and
theories, emotion recognition models are examined.
Paper ID: 51
An efficient IP Core of Consultative Committee for Space Data Systems (CCSDS) Recommended
Authenticated Cryptographic Algorithm
Deepa Muraleedharan*, Sanil K. Daniel
College of Engineering, Trivandrum
Email: [email protected]
Abstract— Data mining is an important method that we use for extracting meaningful information from data. Data preprocessing lays the groundwork for data mining yet most researchers unfortunately, ignore it. Before
getting to the data mining stage, the target data set must be properly prepared. This paper describes steps
followed for time series data preprocessing for data mining processes. The data that was used in the study is
that of the minimum daily temperatures over 10 years (1981-1990) in the city of Melbourne, Australia. Python
programming language is used to read the data and decompose it into trend, seasonality, and residue
components. These components were plot and analyzed by removing the trend and seasonality to make the
series stationary. Dicky Fuller’s stationary test was done on the data. The test statistics results show that Dicky
Fuller’s null hypothesis can be rejected and the data is stationary. Hence, ready for the next step of data mining
modeling processes.
Paper ID: 52
Time Series Database Preprocessing for Data Mining Using Python
Hussein Farooq Tayeb Alsaadawi, Murat Karabatak, Cihan Varol*
*Sam Houston State University
*Email: [email protected]
Abstract— Data mining is an important method that we use for extracting meaningful information from data.
Data preprocessing lays the groundwork for data mining yet most researchers unfortunately, ignore it. Before
getting to the data mining stage, the target data set must be properly prepared. This paper describes steps
followed for time series data preprocessing for data mining processes. The data that was used in the study is
that of the minimum daily temperatures over 10 years (1981-1990) in the city of Melbourne, Australia. Python
programming language is used to read the data and decompose it into trend, seasonality, and residue
components. These components were plot and analyzed by removing the trend and seasonality to make the
series stationary. Dicky Fuller’s stationary test was done on the data. The test statistics results show that Dicky
Fuller’s null hypothesis can be rejected and the data is stationary. Hence, ready for the next step of data mining
modeling processes.
-
14
Paper ID: 54
GPS-based Mobile Cross-platform Cargo Tracking System with Web-based Application
Abdalbasit Mohammed Qadir, Peter Cooper*
*Sam Houston University
*Email: [email protected]
Abstract— Cross-platform development is becoming widely used by developers, and writing for separate
platforms is being replaced by developing a single code base that will work across multiple platforms
simultaneously, while reducing cost and time. The purpose of this paper is to demonstrate cross-platform
development by creating a cargo tracking system that will work on multiple platforms with web application
by tracking cargo using Global Positioning System (GPS), since the transport business has played a vital role
in the evolution of human civilization. In this system, Google Flutter technology is used to create a mobile
application that works on both Android and iOS platforms at the same time, by providing maps to clients
showing their cargo location using Google Map API, as well as providing a web-based application.
Paper ID: 55
Method for Image Copyright Protection Based on Consruction of Highly Robust Watermarks
Yuliya Vybornova
Samara National Research University
Email: [email protected]
Abstract— In this paper, a new approach to multimedia data watermarking is proposed. The key idea of the
method is to embed a specially constructed protective information instead of a simple bitmap or a bit sequence.
A two-dimensional complex spectrum is constructed on the basis of the binary sequence, which serves as a
primary watermark used when verification. Via discrete Fourier transform a highly robust watermark in the
form of a noise-like raster image is calculated and embedded into the carrier data. The aim of the experimental
research is to analyze the applicability of the method in the task of copyright protection for raster images. It is
shown that the proposed noise-like watermarks can be imperceptibly embedded into the spatial domain of the
protected image using the strategy of additive watermarking. Furthermore, the study on robustness has shown
that resulting method demonstrates clear advantages over existing analogues.
Paper ID: 58
Classifying Software Vulnerabilities by Using the Bugs Framework
Thamali Madhushani Adhikari, Yan Wu*
*Bowling Green State University
*Email: [email protected]
Abstract— Software vulnerabilities, specific type of soft- ware bugs, are defined as occurrences of a software
weak- ness, which can be exploited by an agent to cause various consequences such as modifying or accessing
unintended data. Identifying and fixing software vulnerabilities thus plays an important role in software
security and software engineering. A reliable body of knowledge on categories of vulnerabilities is critical to
identify software vulnera- bilities. In this paper, we use data-mining techniques to identify software
vulnerabilities, classify them into different categories by using the Bugs Framework proposed by the National
Institute of Standards and Technology (NIST), and design a model to predict the weakness of future
vulnerabilities. Knowledge about vulnerability types helps software engineers save time and energy, develop
programs by avoiding security vulnerabilities, and program with precaution.
-
15
Paper ID: 59
A Study on Cyber Security Challenges in E-learning Management System
Habib Ibrahim*, Songül Karabatak, Abdullahi Abba Abdullahi
* Gana University *Email: [email protected]
Abstract— Education is gradually moving from traditional classroom-based setting to online-based. E-
learning has become the topic of discussion as far as cybersecurity is concerned. E-learning as a mode of
acquiring knowledge and skills through electronic means, cannot be achieved without internet technology. In
other words, it depends largely on the internet technology for the sharing of ideas and information. However,
the network environment is a home for hackers and the internet fraudless. As the reach of the internet expands
to cover ever broader aspects of our education and social welfare, cybersecurity is the major concern when
dealing with privacy, authentication, and confidentiality of user’s information stored in a database server.
Most often hackers release attacks designed to steal confidential data and an organization’s database servers
are the targets of these attacks because they are the core of any organization, storage bank. Hence, it is very
important to put strong security measures in place to protect the data and information of the end-user against
any malicious attack. This paper, therefore, aimed to discuss cybersecurity issues related to the e-learning
management system, the significance of the E-Learning and Database management system. Again the paper
discusses top security issues in databases and how to lessen them.
Paper ID: 60
A Concetual Framework for Database Anti-forensics Impact Mitigation
Bashir Zak Adamu*, Murat Karabatak, Fatih Ertam
*Fırat University
*Email: [email protected]
Abstract— The emergence of databases has become one of the most important achievements in the field of software. Databases are at the core of information systems (Online and Offline), and this has fundamentally
made them a target for malicious intents because they contain sensitive information. Digital forensics tends to
outwit such malicious activities by providing provable evidence for prosecution. On the other hand, criminals
develop and promote counter forensic measures to reduce the quality and quantity of forensic data known as
“Anti-forensics”. Such counter measures tend to jeopardize forensics efforts at all stages to ensure that court
admissible evidences are not acquired. The aim of this paper is to explore database anti-forensics agents,
highlight the challenges and or negative effects they pose at various stages of the database forensics processes,
present a taxonomy for database anti-forensics impacts, provide recommendations on how these impacts can
be mitigated, and directions for future research opportunities.
Paper ID: 61
District Ransomware: Static and Dynamic Analysis
Neil Andes*, Mingkui Wei
* Sam Houston State University *Email: [email protected]
Abstract— Ransomware is one of the fastest growing threats to internet security. New Ransomware attacks happen around the globe, on a weekly basis. These attacks happen to individual users and groups, from almost
any type of business. Many of these attacks involve Ransomware as a service, where one attacker creates a
template Malware, which can be purchased and modified by other attackers to perform specific actions. The
District Ransomware was a less well-known strain. This work focuses on statically and dynamically analyzing
the District Ransomware and presenting the results.
-
16
Paper ID: 62
Students' Usage of Smartphones in the Classes
Songül Karabatak, Müslim Alanoğlu*
* Tuskish Embassy in Podgorica *Email: [email protected]
Abstract— The current study aims to investigate students' usage of smartphones in the classes. To achieve this aim, the survey model was used in the study. The study group was selected among the undergraduate
students at a state university. The study group determined by the snowball sampling method consists of 577
students in total. At the end of the study, it was concluded that most of the students use their phones
occasionally and to message, research on course subject, and connect to social networks. Causing distraction
and the ban on use in the class also emerged as the reasons for not using their smartphones in the classes. The
most important reason for the students to use smartphones in the classes is to research about the course subject
and using them in emergencies. Also, students gave close answers to each other about the effects of using
smartphone on academic performance. In the last part of the study, some suggestions were developed
regarding the results obtained.
Paper ID: 63
Z Generation Students and Their Digital Footprint
Songül Karabatak*, Murat Karabatak
*Fırat University
*Email: [email protected]
Abstract— The purpose of this study is to evaluate the literature studies investigating the digital footprints of Z generation students. For this purpose, studies in various databases related to the digital footprints of children,
adolescents, and university students were evaluated in terms of analysis units of the method, publication type,
sample, data collection tool, and results. However, it was seen that there are not many publications on this
subject in the literature. It was seen that most of the studies examined were articles and the quantitative
research methods were mostly used in the studies, therefore, scales were preferred mostly. Also, it was
observed that the ones who have the highest awareness about digital footprints are young people while the
lowest are children. At the end of the study, various suggestions were made to increase the awareness of the
Z generation students in digital footprints.
-
17
Paper ID: 65
Remote Monitoring Real Time Air pollution - IoT (cloud based)
Murat Karabatak, Twana Mustafa, Chawan Taha Hama Ali*
* University of Sulaimany
*Email: [email protected]
Abstract— Air pollution, contamination, and Leakage of Liquefied Petroleum Gas (LPG) produce perilous and dangerous effects on human starts and other living. Subsequently, the author built up a framework to
monitor by cloud and associated with it, the LPG gas leakage and send an alarm to clients of it. Temperature
and Moistness sensor and MQ-6 gas sensors are utilized for detecting the degree of gas concentration
awareness of a closed volume and to monitor the outcomes of ecological changes an IoT platform has been
presented. This paper describes the structure of a usable model dependent on the Internet of Things (IoT) ideas
for continuous monitoring of different environmental conditions utilizing certain normally accessible and
lower-priced sensors and associated with the cloud. The things utilized in this paper were (HDT11, MQ6,
ESP8266, ATMega328p, Internet, and RemoteXY cloud server). The different ecological conditions, for
example, temperature, dampness, and Liquefied Petrleum Gas (LPG) are ceaselessly monitored for air
pollution, prepared and controlled by using an ATmega328p microcontroller with the assistance of a few
sensors. Strong control alongside cloud-based manual control has been applied to a control system utilizing
the RemoteXY cloud server. Caught data are communicated through the internet with an ESP8266 Wi-Fi
module. The anticipated framework conveys sensor data to an API referred to as RemoteXY over an HTTP
protocol.
Paper ID: 66
To Review and Compare Evolutionary Algorithms in Optimization of Distributed Database Query
Mohammed Abdalla*, Murat Karabatak
* University of Raparin
*Email: [email protected]
Abstract— Processing queries in distributed databases require the conversion and transmission of data from local and global sites. A query can be used to create a different executive plan of the query, which These plans
are equal in size, meaning that they achieve the same result, but differ in the order in which the operators are
executed and how they are executed, and therefore in their performance. The problem of query optimization
in the distributed database is NP-hard in nature and difficult to solve. Exploring all the query plans in large
search space is not feasible. The purpose and motivation of this article are to examine the query challenges in
the distributed databases and algorithms for the executive plan of the query.
-
18
Paper ID: 68
Database Security Threats and Challenges
Abdulazeez Sulaiman*, Murat Karabatak, Twana Mustafa
*Fırat University
*Email: [email protected]
Abstract— With the growth and increasing sophistication of the Internet and the increasing dependence, it appeared more and more services over the Internet-based database, so it increases the risks facing databases.
The number of attacks against these repositories has also increased. A database danger refers to an item,
individual or other entity that poses a risk of misuse or manipulation of confidential data to an asset. Databases
and computer properties are improperly secured in many business organizations. Databases should be
protected rather than any system (device) in the enterprise. Most database security features have to be
developed to secure the database environment. The aim of the paper is to underline the types of threats and
challenges and their impact on sensitive data and to present different safety models. The assumption
underpinning this study is that it understands the weaknesses, threats and challenges faced by databases,
Database administrators will then work on developing a security strategy to help secure their databases.
Paper ID: 70
Effect of Mean Filter on Face Image from Video Frames
Pawan Othman, Ridwan Marqas*; Diler Abulqader, Saman Almofty
* Duhok Private Technical Institute
*Email: [email protected]
Abstract— One of the most important studies is the identification of face from videos in case of low resolution. This article looks at the effect of a mean filter on facial pictures. The mean filter measures the number of
pixels in successive images using the intensities of neighbouring pixels and temporal neighbouring pixels. The
pixels of the original high-resolution image were used as reference values to measure the effect of the
suggested technique on the picture peak signal noise ratio (PSNR) and mean square error (MSE) levels by
calculating the noise and error Figure of the pixels of the filtered low-resolution pictures. Outcomes indicate
major impact on successive face video record frames from the suggested filter.
Paper ID: 73
Review of the Internet of Things for Healthcare Monitoring
Asaf Varol, Twana Mustafa*
*Fırat University
*Email: [email protected]
Abstract— These days, individuals are increasingly bound by indoor living and invest less energy outside. Along these lines, the importance of monitoring air quality inside to make indoor living progressively
appropriate and sound has immensely risen, The advancement of the Internet of Things will significantly
encourage the procedure of the patient's analysis and monitoring, with little IP-based wireless sensors executed
on the patient's body, his physiological parameters, for example, blood strain and coronary heart rate, can be
observed remotely and always, Over the past few years, IoT has gotten one of the most significant
advancements of the 21st century, The Internet of Things (IoT) describes the network of physical items
“things” that are embedded with sensors, software, and other technologies for the purpose of connecting and
exchanging data with other devices and systems over the internet. These devices range from ordinary
household objects to sophisticated industrial tools. With more than 7 billion connected IoT devices today,
experts are expecting this number to grow to 10 billion by 2020 and 22 billion by 2025. In this paper, attempts
to review and understand the utilization of IoT in customized healthcare to acquire fantastic healthcare at low-
cost expenses. We have clarified in short how IoT capacities and how it is utilized related to wireless and
sensing systems to execute the ideal healthcare applications.
-
19
Paper ID: 78
Exploiting Vulnerabilities of MRI Scanner Machine: Lebanon Case Study
Reem Nabha*, Hassan Sbeyti
* Arab Open University *Email: [email protected]
Abstract— Internet of Things (IoT) in the modern healthcare environment is continuously growing to offer a seamless platform to monitor patients in hospitals making our lives easier. Medical Imaging Devices (MIDs),
such as Magnetic Resonance Imaging (MRI) systems are commonly connected to hospital networks becoming
increasingly vulnerable to cyberattacks such as Ransomware. This paper attempts to discuss vulnerabilities in
the MRI scanner that ransomware can exploit to propagate through a system.
Paper ID: 79
Signature Recognition Using Machine Learning
Shalaw Mshir, Mehmet Kaya*
* Syracuse University
*Email: [email protected]
Abstract— Signatures are popularly used as a method of personal identification and confirmation. Many
certificates such as bank checks and legal activities need signature verification. Verifying the signature of a
large number of documents is a very difficult and time-consuming task. As a result, explosive growth has been
observed in biometric personal verification and authentication systems that relate to unique quantifiable
physical properties (fingerprints, hand, and face, ear, iris, or DNA scan) or behavioral characteristics (gait,
sound, etc.). Several methods are used to describe the ability of the suggested system in specifying the genuine
signatures from the forgeries. This approach presents a new technique for signature verification and
recognition, using a tow dataset for training the model by a siamese network.
Paper ID: 80
Mirai Botnet In Lebanon
Hasan Idriss
*Arab Open University
*Email: [email protected]
Abstract— The growth of the Internet of things (IoT) in the market of smart home and surveillance security raises the flag of new security risks, after the presence of new malware targeting IoT devices for creating a
botnet. Mirai is one of the famous malware that used IoT bots to perform the most massive DDoS attack in
botnet history. This paper will discuss the Mirai malware's leading events and provide a brief of the famous
variants created based on the Mirai source code. Finally, propose a detection and mitigation method to protect
the system, taking into consideration the Lebanese industry and offering a methodology to make it Mirai
Botnet resilient.
-
20
Paper ID: 81
Overview of Efficient Symmetric Cryptography: Dynamic vs Static Approaches
Hassan Noura*, Ali Chehab, Raphaël Couturier
*Arab Open University Lebanon
*Email: [email protected]
Abstract— Cryptography is the central component of a large number of security solutions. However, most of the existing algorithms do not take into consideration the structure of data, its size, the real-time constraints
(latency), and the resource constraints (energy, memory, and CPU). Recently, to address these challenges,
different solutions were proposed by optimizing the existing ones or by designing new lightweight algorithms.
Employing a static structure requires the iteration of a round function for a large number of rounds r, which
consequently leads to an increase in the latency and required resources. Therefore, in this paper, we
recommend the design of new algorithms with a "dynamic structure" for symmetric key encryption towards
reducing r, which in turn reduces the required latency and resources. Equally important, the substitution and
diffusion primitives should become dynamic and related to a secret key. Furthermore, we present the
advantages and limitations of the static and dynamic symmetric cipher approaches. The objective of this paper
is to provide guidelines for the design of future (dynamic) cryptographic algorithms and highlight future
research challenges, issues, and directions.
Paper ID: 82
Big Data Architecture: Designing the Right Solution for Social Network Analysis
Innocent Agbo*, Alexander Kupriyanov, Igor Rytsarev
*Samara National Research University
*Email: [email protected]
Abstract— This paper highlights the link between social networks and Big Data, which is generated by its users and how the generated data is used by businesses to improve their products and services as well as to
increase their profits. It goes on to give a concise overview of Big Data architecture, the various components
involved, challenges faced when developing solutions, the process of retrieving, storing and processing
datasets as well as recommendations to follow when designing architectures geared towards social network
analysis.
Paper ID: 83
Overview of Digital Forensics and Anti-Forensics Techniques
Hussein Majed, Hassan Noura*, Ali Chehab
* Arab Open University Lebanon
*Email: [email protected]
Abstract— Digital forensics is very essential in any investigation where data is involved after a security breach. Data contents might be personal, business-related, or strictly confidential. The aim of digital forensics
is to legally acquire and analyze the examined data, while anti-forensics techniques aim to hide, manipulate,
and even wipe the data, or to target the credibility of the acquired evidence. This paper presents the current
anti-forensics techniques, the methods applied, and the available countermeasures.
-
21
Paper ID: 84
Intelligence in Digital Forensics Process
Iliyasu Yahaya Adam*, Cihan Varol
*Firat University
*Email: [email protected]
Abstract— Digital forensics is the digital equivalence of traditional crime investigations that leverages digital
technologies to facilitate criminal investigations. The expertise and previous experience of an investigator or
any security agent in traditional forensic investigations play an important role in the success, efficiency, and
effectiveness of the investigation. Similarly employing the power of intelligence in the current computational
resources in the digital investigation process will lead to more efficient and effective digital investigation
results. This study builds on existing works in the literature to propose the use of clustering and classification
machine learning algorithms on evolving database files to achieve intelligence in the digital investigation
process and finally come up with a comprehensive block diagram as a general-purpose framework for
intelligent forensic investigation.
Paper ID: 88
Critical Analysis of Cryptographic Algorithms
Mazoon AlRoubiei, Thuraiya AlYarubi, Basant Kumar*
* Modern College of Business and Science *Email: [email protected]
Abstract— Security is the most important role in data communication due to the increase of the intruder’s possibility of alteration and eavesdropping to the sensitive data. Hence, cryptography is the fundamental tool
used to protect these data. The purpose of using cryptography is to achieve privacy via preventing disclosure
of the communication where the data is converted from a readable form into an unreadable form and vice
versa. The cryptography algorithm has two types namely: Symmetric key and Asymmetric key. Asymmetric
key algorithm mainly invented to overcome the dilemma of key distribution in symmetric key. There are
several algorithms classified under these two types based on different parameters. Hence, this variation leads
to different levels of performance and efficiency of these algorithms. This paper presents a critical analysis of
these systems based on a detailed study and literature review of some cryptography algorithms.
Paper ID: 92
Effects of Homework Supported Distance Education on Academic Satisfaction, Academic
Achievement, and Attitude towards Distance Education
Songül Karabatak, Müslim Alanoğlu*, Murat Karabatak
*Tuskish Embassy in Podgorica
*Email: [email protected]
Abstract— The purpose of this study is to reveal the effects of homework supported distance education on students' academic achievement, academic satisfaction, and attitudes towards distance education. This study
was performed with a quantitative paradigm. In this context, repeated measures design was used. The
purposeful sampling method was used to determine the participants. One-way analysis of variance (ANOVA)
for repeated measures was used to compare academic achievement tests and scale scores. As a result of the
study, the distance education process applied significantly increased students' academic achievement but
supporting the distance education process with homework increased academic achievement more. The
distance education process did not change the students' attitudes towards distance education and their academic
satisfaction, but homework-supported distance education process changed positively. This finding revealed
that distance education alone is not enough and it should be supported with different techniques and methods
to increase its effectiveness.
-
22
SPONSORS
Elazig – TURKEY
www.softcybersec.org [email protected]