Ändra sökning
Avgränsa sökresultatet
1 - 49 av 49
RefereraExporteraLänk till träfflistan
Permanent länk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Träffar per sida
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sortering
  • Standard (Relevans)
  • Författare A-Ö
  • Författare Ö-A
  • Titel A-Ö
  • Titel Ö-A
  • Publikationstyp A-Ö
  • Publikationstyp Ö-A
  • Äldst först
  • Nyast först
  • Skapad (Äldst först)
  • Skapad (Nyast först)
  • Senast uppdaterad (Äldst först)
  • Senast uppdaterad (Nyast först)
  • Disputationsdatum (tidigaste först)
  • Disputationsdatum (senaste först)
  • Standard (Relevans)
  • Författare A-Ö
  • Författare Ö-A
  • Titel A-Ö
  • Titel Ö-A
  • Publikationstyp A-Ö
  • Publikationstyp Ö-A
  • Äldst först
  • Nyast först
  • Skapad (Äldst först)
  • Skapad (Nyast först)
  • Senast uppdaterad (Äldst först)
  • Senast uppdaterad (Nyast först)
  • Disputationsdatum (tidigaste först)
  • Disputationsdatum (senaste först)
Markera
Maxantalet träffar du kan exportera från sökgränssnittet är 250. Vid större uttag använd dig av utsökningar.
  • 1. Abbas, Haider
    et al.
    Orlandi, Eugenio
    Aslam Khan, Farrukh
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Masood, Asif
    Security, Safety and Trust Management2017Ingår i: 2017 IEEE 26th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises: Proceedings / [ed] Sumitra Reddy, Wojciech Cellary, Mariagrazia Fugini, IEEE Computer Society, 2017, s. 242-243Konferensbidrag (Refereegranskat)
    Abstract [en]

    The continuously evolving nature of today's internet outdates the existing security and safety mechanisms and therefore there is an emerging need to propose robust, powerful and reliable solutions. These advancements have a great impact on the software and system architectures, resulting in a highly dynamic smart networked environment. The systems used within these complex environments have at least two things in common, namely, the need to restrict or grant access for the required resources based on security policy to face security threats, and the need to sustain resilience of the environment in face of safety hazards. Both aspects should consider trust.

  • 2.
    Anobah, Maxwell
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Saleem, Shahzad
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Testing Framework for Mobile Device Forensics Tools2014Ingår i: The Journal of Digital Forensics, Security and Law, ISSN 1558-7215, E-ISSN 1558-7223, Vol. 9, nr 3, s. 221-234Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    The proliferation of mobile communication and computing devices, in particular smart mobile phones, is almost paralleled with the increasing number of mobile device forensics tools in the market. Each mobile forensics tool vendor, on one hand claims to have a tool that is best in terms of performance, while on the other hand each tool vendor seems to be using different standards for testing their tools and thereby defining what support means differently. To overcome this problem, a testing framework based on a series of tests ranging from basic forensics tasks such as file system reconstruction up to more complex ones countering anti-forensic techniques is proposed. The framework, which is an extension of an existing effort done in 2010, prescribes a method to clearly circumscribe the term support into precise levels. It also gives an idea of the standard to be developed and accepted by the forensic community that will make it easier for forensics investigators to quickly select the most appropriate tool for a particular mobile device.

  • 3.
    Aranda, Laura
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    A Conceptual Model of an Intelligent Platform for Security Risk Assessment in SMEs2019Ingår i: 2019 IEEE 13th International Conference on Application of Information and Communication Technologies (AICT): Conference Proceedings, IEEE, 2019, s. 181-188Konferensbidrag (Refereegranskat)
    Abstract [en]

    SMEs are increasingly targeted by cyberattacks and usually less in control of their Information Security Management System than larger organizations due to a lack of resources. Risk assessment can help them to determine which changes are needed bearing in mind their constraints. However, common frameworks for risk assessments are more suitable for large organizations. Some of them have been designed specifically for SMEs but still target an audience of information security experts and are considered as time-consuming by SMEs. This article aims at tackling those issues by introducing a conceptual model of an Intelligent Platform for supporting SMEs in security risk assessment process. The design research method was used to develop a model taking into account the inputs from relevant stakeholders collected via interviews. The model was validated and improved with case studies where quick security risk assessments in three different SMEs have been performed following the activities that the proposed model is supposed to perform.

  • 4.
    Bergman, Jesper
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    The Digital Detective's Discourse - A toolset for forensically sound collaborative dark web content annotation and collection2022Ingår i: The Journal of Digital Forensics, Security and Law, ISSN 1558-7215, E-ISSN 1558-7223, Vol. 17, nr 1, artikel-id 5Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    In the last decade, the proliferation of machine learning (ML) algorithms and their application on big data sets have benefited many researchers and practitioners in different scientific areas. Consequently, the research in cybercrime and digital forensics has relied on ML techniques and methods for analyzing large quantities of data such as text, graphics, images, videos, and network traffic scans to support criminal investigations. Complete and accurate training data sets are indispensable for efficient and effective machine learning models. An essential part of creating complete and accurate data sets is annotating or labelling data. We present a method for law enforcement agency investigators to annotate and store specific dark web content. Using a design science strategy, we design and develop tools to enable and extend web content annotation. The annotation tool was implemented as a plugin for the Tor browser. It can store web content, thus automatically creating a dataset of dark web data pertinent to criminal investigations. Combined with a central storage management server, enabling annotation sharing and collaboration, and a web scraping program, the dataset becomes multifold, dynamic, and extensive while maintaining the forensic soundness of the data saved and transmitted. To manifest our toolset's fitness of purpose, we used our dataset as training data for ML based classification models. A five cross-fold validation technique was used to evaluate the classifiers, which reported an accuracy score of 85 - 96%. In the concluding sections, we discuss the possible use-cases of the proposed method in real-life cybercrime investigations, along with ethical concerns and future extensions.

  • 5.
    Bergman, Jesper
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver B.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Exploring Dark Web Crawlers: A Systematic Literature Review of Dark Web Crawlers and Their Implementation2023Ingår i: IEEE Access, E-ISSN 2169-3536, Vol. 11, s. 35914-35933Artikel, forskningsöversikt (Refereegranskat)
    Abstract [en]

    Strong encryption algorithms and reliable anonymity routing have made cybercrime investigation more challenging. Hence, one option for law enforcement agencies (LEAs) is to search through unencrypted content on the Internet or anonymous communication networks (ACNs). The capability of automatically harvesting web content from web servers enables LEAs to collect and preserve data prone to serve as potential leads, clues, or evidence in an investigation. Although scientific studies have explored the field of web crawling soon after the inception of the web, few research studies have thoroughly scrutinised web crawling on the “dark web”, or ACNs, such as I2P, IPFS, Freenet, and Tor. The current paper presents a systematic literature review (SLR) that examines the prevalence and characteristics of dark web crawlers. From a selection of 58 peer-reviewed articles mentioning crawling and the dark web, 34 remained after excluding irrelevant articles. The literature review showed that most dark web crawlers were programmed in Python, using either Selenium or Scrapy as the web scraping library. The knowledge gathered from the systematic literature review was used to develop a Tor-based web crawling model into an already existing software toolset customised for ACN-based investigations. Finally, the performance of the model was examined through a set of experiments. The results indicate that the developed crawler was successful in scraping web content from both clear and dark web pages, and scraping dark marketplaces on the Tor network. The scientific contribution of this paper entails novel knowledge concerning ACN-based web crawlers. Furthermore, it presents a model for crawling and scraping clear and dark websites for the purpose of digital investigations. The conclusions include practical implications of dark web content retrieval and archival, such as investigation clues and evidence, and related future research topics.

  • 6.
    Bergman, Jesper
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver B.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Recognition of tor malware and onion services2023Ingår i: Journal of Computer Virology and Hacking Techniques, E-ISSN 2263-8733Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    The transformation of the contemporary societies through digital technologies has had a profound effect on all human activities including those that are in the realm of illegal, unlawful, and criminal deeds. Moreover, the affordances provided by the anonymity creating techniques such as the Tor protocol which are beneficial for preserving civil liberties, appear to be highly profitable for various types of miscreants whose crimes range from human trafficking, arms trading, and child pornography to selling controlled substances and racketeering. The Tor similar technologies are the foundation of a vast, often mysterious, sometimes anecdotal, and occasionally dangerous space termed as the Dark Web. Using the features that make the Internet a uniquely generative knowledge agglomeration, with no borders, and permeating different jurisdictions, the Dark Web is a source of perpetual challenges for both national and international law enforcement agencies. The anonymity granted to the wrong people increases the complexity and the cost of identifying both the crimes and the criminals, which is often exacerbated with lack of proper human resources. Technologies such as machine learning and artificial intelligence come to the rescue through automation, intensive data harvesting, and analysis built into various types of web crawlers to explore and identify dark markets and the people behind them. It is essential for an effective and efficient crawling to have a pool of dark sites or onion URLs. The research study presents a way to build a crawling mechanism by extracting onion URLs from malicious executables by running them in a sandbox environment and then analysing the log file using machine learning algorithms. By discerning between the malware that uses the Tor network and the one that does not, we were able to classify the Tor using malware with an accuracy rate of 91% with a logistic regression algorithm. The initial results suggest that it is possible to use this machine learning approach to diagnose new malicious servers on the Tor network. Embedding this kind of mechanism into the crawler may also induce predictability, and thus efficiency in recognising dark market activities, and consequently, their closure. 

  • 7.
    Chemane, Lourino
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Ekenberg, Love
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Carrilho, S.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Government Network and Information Security MCDM Framework for the Selection of Security Mechanisms:  2005Ingår i: Proceedings of CNIS 2005 / [ed] M.H. Hamza, Phoenix, USA: Acta Press , 2005Konferensbidrag (Refereegranskat)
    Abstract [en]

    The establishment of Virtual Private Networks (VPNs), Intranets and Internet access channels by Governments raises the need of making sure that only authorized people access the Government VPN resources. The large base of network security mechanisms and VPN implementation alternatives available makes it difficult to select the “optimal” security mechanisms or controls to be used in order to ensure the required or defined level of security for a specific VPN. This paper addresses the security mechanisms selection problem by proposing a MCDM model for structuring the VPN selection decision problem. Data collected from the Government Network Project (GovNet) being implemented in Mozambique was used to support both the development and validation of the Model.

  • 8.
    Chemane, Lourino
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Ekenberg, Love
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Cossa, T.
    MCDM Model for Selecting Internet Access Technologies: A Case Study in Mozambique2005Ingår i: EUROCON 2005: The International Conference on "Computer as a Tool", Proceedings, volume II, 2005, s. 1738-1741Konferensbidrag (Refereegranskat)
    Abstract [en]

    The development of Internet, networking and access technologies is providing a wide variety of Internet interconnection alternatives. The availability of several options in the Internet interconnection market makes it difficult to select the "optimal" alternative for a specific end-user in a specific context. A MCDM based model for structuring and solving the Internet access technologies selection decision problem is proposed. The applicability and validation of this approach is demonstrated in a case study in Mozambique

  • 9.
    Chemane, Lourino
    et al.
    UTICT, Mozambique.
    Ekenberg, Love
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Saifodine, Z.
    Government Network and ISP Selection Model - Mozambique Case Study2005Ingår i: Innovation and the Knowledge Economy: Issues, Applications, Case Studies / [ed] Paul Cunningham & Miriam Cunningham, Amsterdam: IOS Press , 2005Konferensbidrag (Refereegranskat)
  • 10.
    Dosis, Spyridon
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Homem, Irvin
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Semantic Representation and Integration of Digital Evidence2013Ingår i: Procedia Computer Science, E-ISSN 1877-0509, Vol. 22, s. 1266-1275Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    The ever-increasing complexity and sophistication of computer and network attacks challenge society's dependability on digital infrastructure. Digital investigations recover and reconstruct the digital trails of such events and may employ practices from various subfields (computer, network forensics), each with its own set of techniques and tools. Integration of evidence from heterogeneous sources of data (e.g. disk images, network packet captures, logs) is often a manual and time- consuming process relying significantly on the investigator's expertise. In this paper, we propose and develop an approach, based on the Semantic Web framework, for ontologically representing and integrating digital evidence. The presented approach enhances existing forensic analysis techniques by providing partial and eventually full automation of the investigative process.

  • 11.
    Elly Amani, Gamukama
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Larsson, Aron
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Mugisha, Joseph Y. T.
    Group Decision Evaluation of Internet Services in the Context of DevelopmentManuskript (preprint) (Övrigt vetenskapligt)
    Abstract [en]

    The paper presents group decision assessment for the Internet services in the context of development (ISCD). The assessment is achieved through the use of a decision model whose fundamental goal is to provide a systematic approach for addressing the problem of misalignments among the Internet stakeholders’ objectives. The modelling of the problem is approached from the perspectives of delivering/receiving the Internet services that maximizes the respective stakeholders’ objectives. Based on the AHP theory, it structures the problem into four hierarchies with three aspects of consideration as (a) services relevance in context of development, (b) services delivery mechanism convergence to IP Infrastructure and (c) services commensurability to traffic classes’ requirements. An assessment of the aggregated individually derived final priorities (AIP) reveals that for aligning the stakeholders’ objectives at local level, end users should first strive to implement the Internet components/applications that can cause high impact to their transactions/business, followed by those services/applications that can “empower” them to fulfil their goals. While at global level, the affordability of recurring subscriptions for Internet access, end user terminal equipment cost, and coverage rage/penetration are the key issues that the policy makers should address in view of achieving the ISCD objectives. Finally the paper includes strategic options for the best course of action in aligning the stakeholders’ objectives.

  • 12.
    Gamukama, Elly A.
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver B.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    A Social Welfare Approach in Increasing the Benefits from the Internet in Developing Countries2011Ingår i: International Journal on Network Security, ISSN 2152-5064, Vol. 2, nr 4, s. 29-33Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    The paper examines the Internet usage and itsmarket environment in developing countries under theperceived assumption that the Internet is one of the mostimportant drivers for development. It gives an insight onprocesses’ (both unintended and intended) implications andtheir effects on achieving real Internet benefits in theenvironments where network infrastructures are limited suchas the ones found in the developing regions. A welfare basedapproach is proposed in which the Internet providers and endusersidentify a set of objective that leads them in achievingincreased benefits. Analytical model of the maincharacteristics in the approach is presented and eventuallyshown how the end user bit rate could be regulated based onthe utility bounds that lead general satisfaction to all users.User satisfaction signifies delivery of expected QoS and aswell as willing to pay for such services.

    Ladda ner fulltext (pdf)
    fulltext
  • 13.
    Gamukama, Elly Amani
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Larsson, Aron
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Mugisha, J. Y. T.
    The Decision Model for the Internet Services in the Context of Development2015Ingår i: Procedia Computer Science, E-ISSN 1877-0509, Vol. 55, s. 622-631Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    The Internet Services in the Context of Development (ISCD) model is structured in four levels of hierarchy based on the Analytical Hierarchy Processes (AHP) theory. The model provides a formal approach of establishing the relative importance of Internet services in the context of fostering national development. This paper presents the fundamental conceptsof themodel. Pairwise Comparisons (PCs) technique the cornerstone of the AHP theory is used as the baseline technique for measuring the intensity of preference between the Internet traffic classes (therein their respective services they deliver to end users) in the process of formulating the judgment matrix. The ISCD model is modelled to process data obtained from a group of individual decision makers that are independent from each other. Hence decision makers are weighted in the process of aggregating their priority vectors and the normalized weighted geometric mean method (NWGMM) is used to compute the group's priority vector, which is the final output of the model.

  • 14.
    Gamukama, Elly Amani
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    A Framework for Evaluating Efficiency – Fairness Tradeoffs in IP Networks in Context of Development2009Ingår i: 9th International Symposium on Communications and Information Technology (ISCIT 2009): Proceedings, IEEE Computer Society, 2009, s. 507-512Konferensbidrag (Refereegranskat)
    Abstract [en]

    Efficiency and fairness are main objectives in any system design and many choices in life are made based on their tradeoffs. In this paper we introduce a framework for the evaluation of efficiency-fairness tradeoffs that would provide a sound basis for network providers and social planners to provide or plan for an equitable access to the Internet to a diversity of users with different needs and financial possibilities representing mainly developing regions and emerging economies. Control approaches are introduced to address the upraising distortion of fairness concept in IP based networks by using the (alpha, beta) - fairness concept to establish the upper and lower fairness bounds within which the social welfare and the network efficiency are maximized. Although the use of the (alpha, beta) - fairness concept compromises to a certain extent the degree for fairness in resource capacity allocation, it does not jeopardize the utilities for end users or the network provider. Fairness in this context mainly parameterizes tradeoff between services equality and throughput maximization.

  • 15.
    Gamukama, Elly Amani
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    A Utility Based Approach for Internet Services in Context of Development2012Ingår i: Information and Business Intelligence: IBI 2011. Proceedings Part I / [ed] Xilong Qu, Yuhang Yang, Springer Berlin/Heidelberg, 2012, Vol. 267, s. 164-171Konferensbidrag (Refereegranskat)
    Abstract [en]

    We outline basic characteristics of what would be the environment of the Internet services in view of fostering development in a poor nation. This study is based on the Internet state of art marketing in most developing nations. Also on the foundation of the utility theory and the fairness concept, network services provision is characterized to maximize the user’s satisfaction through a utility-fair resource allocation criterion. Then the utility values are used as performance measure of the service delivery to end-users. The end-user is characterize by a mapping of the utility value to actual benefits that foster a positive social change in one’s basic dimensions of life. We study this mapping using the leisure-labour model as it endeavours to explain why people seek some equity in the ability to access the Internet as a means of increasing ones’ happiness, to save money and time.

  • 16.
    Gamukama, Elly Amani
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    A Utility Based Framework for Internet Access Provision and Usage in Context of Development2011Ingår i: 2011 International Conference on Future Information Technology IPCSIT: Vol. 13, Singapore: IACSIT Press , 2011, s. 86-90Konferensbidrag (Refereegranskat)
    Abstract [en]

    We outline basic characteristics of what would be the environment of the Internet services in view of fostering development in a poor nation. This study is based on the Internet state of art marketing in most developing nations. Also on the foundation of the utility theory and the fairness concept, network services provision is characterized to maximize the user’s satisfaction through a utility-fair resource allocation criterion. Then the utility values are used as performance measure of the service delivery to end-users. The end-user is characterize by a mapping of the utility value to actual benefits that foster a positive social change in one’s basic dimensions of life. We study this mapping using the leisure-labour model as it endeavours to explain why people seek some equity in the ability to access the Internet as a means of increasing ones’ happiness, to save money and time.

  • 17.
    Gamukama, Elly Amani
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    The Level of Scientific Methods Use in Computing Research Programs2008Konferensbidrag (Refereegranskat)
    Abstract [en]

    The research investigates the level to whichscientists’ use scientific methods in computing researchprograms. Data was collected from a representative sample ofresearchers in the field. The findings show that the presentresearch programs are more driven by the market forces.Innovations come up as a consequence of satisfying themarket calls but not necessarily a result of advancement inbasic science. Researchers’ investigations are driven by threecharacteristics; proof of performance, concept and existence.Also noted from the study, some researchers lack a cleardistinction between the methods. They tend to mix methods intheir research programs as longer as the industry acceptstheir outcome artifact. Consequently, there is lack of a clearcurriculum to instill such methodological concepts at graduatelevel in some of the computing schools.

    Ladda ner fulltext (pdf)
    fulltext
  • 18.
    Gamukama, Elly Amani
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Larsson, Aron
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    A descriptive model for aligning the goals of the Internet stakeholders in LDCs2014Ingår i: Procedia Computer Science, E-ISSN 1877-0509, Vol. 31, s. 900-909Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    The Internet as a platform for services provision and delivery is adopted world over. To least developed countries it is further perceived as a medium for fostering development. A perception that is likely not to be easily achieved because the decisions that led to its existence in such countries never addressed the need of aligning the stakeholders' goals which inherit the misalignments in present Internet architectural model. We present a model based on AHP theory that lays strategies through which informed decisions for aligning stakeholders' goals can be made to use the Internet as medium for enhancing national development initiatives.

  • 19.
    Gamukama, Elly
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    A Framework for Achieving Optimal Benefits from the Internet in the Context of Development2011Ingår i: 2011 RoEduNet International Conference 10th Edition: Networking in Education and Research, 2011, s. 1-7Konferensbidrag (Refereegranskat)
    Abstract [en]

    The framework gives the characteristics of what would be the environment of the Internet services provision and usage in view of fostering development in a poor nation. It depicts the current Internet market state of art in most developing nations. Building on the domain of utility theory and the concept of fairness, the characteristics of the network services provision are set to maximize the users satisfaction through a utility fair function that unifies/equalizes the utilities of all users for a given traffic case. The utility value gained from the providers' utility equalization is used as a performance measure of the service delivery to the end-user. The framework strives to characterize the end-users by mapping the utility value to actual benefits that foster a positive social change in one's basic dimensions of life. This mapping is based on the leisure-labour theory that endeavours to explain why people seek some equity in the ability to access the Internet.

  • 20.
    Homem, Irvin
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Dosis, Spyridon
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    LEIA: The Live Evidence Information Aggregator: Towards Efficient Cyber-Law Enforcement2013Ingår i: World Congress on Internet Security (WorldCIS), IEEE Computer Society, 2013, s. 156-161Konferensbidrag (Refereegranskat)
    Abstract [en]

    Given the complexity and velocity of the interactions among vastly heterogeneous elements on the Internet; the colossal amounts of information generated and exchanged, coupled with the increasingly evasive nature of new forms of electronic crimes, as well as the relative immaturity of current Digital Forensics tools, Law Enforcement Agencies are easily outpaced and overwhelmed with the types of electronic crimes experienced today. In this paper, we describe the architecture of a comprehensive automated Digital Investigation platform termed as the Live Evidence Information Aggregator (LEIA). It makes use of the strong points of hypervisor technologies, large scale distributed file systems, the resource description framework (RDF), peer-to-peer networks, and innovative collaborative mechanisms in order to introduce a level of speed, accuracy and efficiency to match up with the imminent age of massively distributed cybercrime in the context of Internet of Things.

  • 21. Huluka, Daniel
    et al.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Root cause analysis of session management and broken authentication vulnerabilities2012Ingår i: World Congress on Internet Security (WorldCIS 2012), IEEE Computer Society Digital Library, 2012, s. 82-86Konferensbidrag (Refereegranskat)
    Abstract [en]

    While there are numerous approaches to secure web applications as one of the most prevalent ways to harness the potential of the Internet, attackers almost daily come up with new attempts to exploit various vulnerabilities and compromise data found on the Net. One of the possible venues to attain sustainable solutions is to follow strategic approaches based on detailed analysis and understanding of problems rather than some of the common tactical and often reactive methods. The aim of the paper is to explore employment of Root Cause Analysis (RCA) in session management and broken authentication vulnerabilities and how it can be utilized to improve some security aspects of web applications. By employing RCA, we were able to identify 11 root causes of session management vulnerabilities and 9 root causes of broken authentication vulnerabilities. In addition, the approach provided a detailed, almost macroscopic, view of the vulnerabilities, which consequently led to effective solutions that can minimize the recurrence of attacks on web applications.

  • 22. Iqbal, Asif
    et al.
    Alobaidli, Hanan
    Guimaraes, Mario
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Sandboxing: aid in digital forensic research2015Ingår i: Proceedings of the 2015 Information Security Curriculum Development Conference, ACM Press, 2015, s. 1-6, artikel-id 3Konferensbidrag (Refereegranskat)
    Abstract [en]

    Finding digital forensic artifacts in the ever changing and complex digital world can be a daunting task for any digital forensic investigator. Familiar tools, such as Sandboxie and Symantec Workspace virtualization used as an aid in forensic investigations may significantly decrease the learning curve. The value of sandboxing for digital forensic investigations is demonstrated here through the research via the appropriate comparative analysis.

  • 23. Iqbal, Asif
    et al.
    Olegard, Johannes
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    On the Beckhoff PLC Security and Forensic Analysis Using Digital Forensic Evidence-Based Threat (DFET) Modelling2022Ingår i: Cybersecurity for Critical Infrastructure Protection via Reflection of Industrial Control Systems / [ed] Oliver B. Popov; Lyudmila Sukhostat, IOS Press , 2022, s. 108-124Kapitel i bok, del av antologi (Refereegranskat)
    Abstract [en]

    With the increasing advent of smart buildings and smart cities, the use of Operational Technology (OT) and Industrial control systems (ICSs) has been rising. Recent trends of cyber attacks on OT demand more attention for forensic and security analysis of such environments. As such, in this paper, we examine a widely used PLC, the Beckhoff CX9020 PLC, from a digital forensic perspective. First, we configure the PLC to log as much activity as possible using the available options. Next, we test a set of basic cyber attacks on the PLC. Finally, we devise forensic acquisition and analysis of the system.

  • 24.
    Karim, Mohammad
    et al.
    Dan Soft Tech Apps, , .
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Interoperability in eDiscovery Process: The Critical Challenges and the Implemented Solution Based on the Proposed XML Schema2012Ingår i: International Journal of Scientific and Engineering Research, ISSN 2229-5518, Vol. 3, nr 8Artikel i tidskrift (Refereegranskat)
  • 25.
    Kubi, Appiah Kwame
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Saleem, Shahzad
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Evaluation of Some Tools for Extracting e-Evidence from Mobile Devices2011Ingår i: Application of Information and Communication Technologies (AICT), 2011, s. 1-6Konferensbidrag (Refereegranskat)
    Abstract [en]

    In a digital world, even illegal behaviour and/or crimes may be termed as digital. This world is increasing becoming mobile, where the basic computation and communication entities are Small Scale Digital Devices (SSDDs or S2D2s) such as ordinary mobile phones, personal digital assistants, smart phones and tablets. The need to recover data, which might refer to unlawful and unethical activities gave rise to the discipline of mobile forensics, which has become an integral part of digital forensics. Consequently, in the last few years there is an abundance of mobile forensics tools, both commercial and open-source ones, whose vendors and developers make various assertions about the capabilities and the performance of their tools. The complexity and the diversity of both mobile devices and mobile forensics tools, coupled with the volatile nature of the digital evidence and the legal requirements of admissibility makes it difficult for forensics investigators to select the right tool. Hence, we have evaluated UFED Physical Pro 1.1.3.8 and XRY 5.0 following “Smartphone Tool Specifications Standard” developed by NIST, in order to start developing a framework for evaluating and referencing the “goodness” of the mobile forensic tools. The experiments and the results of the research against the core smart phone tool specifications and their associated test findings are presented in such a way that it should make it easier for the prospective mobile forensic examiner select the most adequate tool for a specific case.

    Ladda ner fulltext (pdf)
    fulltext
  • 26.
    Maratsi, Maria Ioanna
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Alexopoulos, Charalampos
    University of Aegean, Greece.
    Charalabidis, Yannis
    University of Aegean, Greece.
    Ethical and Legal Aspects of Digital Forensic Algorithms: The case of Digital Evidence Acquisition2022Ingår i: ICEGOV '22: Proceedings of the 15th International Conference on Theory and Practice of Electronic Governance / [ed] Luís Amaral; Delfina Soares; Lei Zheng; Mário Peixoto; Cristina Braga, Association for Computing Machinery (ACM) , 2022, s. 32-40Konferensbidrag (Refereegranskat)
    Abstract [en]

    The first step that forensic examiners perform is identifying and acquiring data. Both are among the most critical segments in the forensic process since they are sine qua non for completing the examination and analysis phases. The evidence acquisition must be managed deliberately, ethically, and legally. On many occasions, the outcome of the investigation depends mainly on the relevance and precision of the evidence acquired. The goal of this research is to identify both legal and ethical issues that forensic investigators face during evidence acquisition and to design a framework using design science which recognises and resolves the problems identified. The framework must preserve the forensic soundness of the investigation, overall integrity, effectiveness, and efficiency. The elicitation of the requirements for the framework is based on a literature review and ex-ante expert interviews, while the validation and evaluation of the framework stem from ex-post expert interviews. The designed framework aims to minimise hazardous practices that lead to negative consequences and to effectively align the new technologies in digital forensics with human expertise for improved results during the phase of digital evidence acquisition.

  • 27. Milenkoski, Aleksandar
    et al.
    Stojcevska, Biljana
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Framework for Obtaining and Predicting Reliable Transport Protocol Evaluation Results in Multi-Node and Multi-Core Environment: Transport protocols, simulation, modeling, protocol evaluation,multi-node, multi-core environment2012Ingår i: :  , 2012Konferensbidrag (Övrigt vetenskapligt)
  • 28. Milenkovski, Aleksandar
    et al.
    Stojcevska, Biljana
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Statistical framework for ns-3: terminating simulation and regression analysis2014Ingår i: World Journal on Modeling and Simulation, ISSN 1746-7233, Vol. 10, nr 2, s. 116-125Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    The ns-3 simulator is constantly gaining popularity. It plays a central role in many recent research experiments. The accuracy of the reported simulation results of these experiments is an important concern. Thus, the support in ns-3 for simulation methodologies which guarantee the accuracy of these results is a necessity. Also, the simulation results are affected by numerous scenario parameters. The correlation between the results and the simulation parameters is a significant point of interest in many experiments. In this paper, we present a ns-3 statistical framework. It enables calculation of statistically accurate simulation results by applying the terminating simulation methodology. It features simultaneous execution of simulation scenarios in multi-processor and distributed environments. Also, we integrate support for regression analysis procedures. The proposed framework supports linear and polynomial regression analysis models.We consider simulation results as dependent variables and simulation parameters as independent variables. Regression analysis enables identification of simulation scenario parameters which are significantly correlated to given simulation results. Once a valid regression model is found, it is possible to estimatively predict metric values based on simulation parameter values. This may result in substantially reduced time and effort spent on simulation experimentation.

  • 29.
    Mondlane, Avelino
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap. Eduardo Mondlane University, Mozambique.
    Hansson, Karin
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    E-Governance and Natural Hazards in Mozambique: A Challenge for Backasting Method Used for Flood Risk Management Strategies2014Ingår i: Emerging Issues And Prospects In African E-Government / [ed] Inderjeet Singh Sodhi, IGI Global, 2014, nr 1, s. 253-268Kapitel i bok, del av antologi (Övrigt vetenskapligt)
    Abstract [en]

    Strategic planning is a decisive process toward sustainable development for any organization. Mozambique has developed many tools toward good governance, among which Poverty Alleviation Strategy Paper (PARPA) is an umbrella. PARPA includes different key decisive segments of society, particularly the Information and Communication Technologies (ICTs) as the pool for development. This chapter investigates to what extent e-Governance, particularly the development of strategies based on ICTs, can contribute to minimize the impact of floods at local governments by addressing best practice and decision-making process. The authors address backcasting methodology as an approach to consider in a participatory strategic planning for long-term decision-making processes. They use Chókwe District as a showcase where e-governance has an impact in mitigating and preventing the impact of floods.

  • 30.
    Mondlane, Avelino
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap. Mondlane University, Mozambique.
    Hansson, Karin
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    ICT for Flood Risk Management Strategies: a GIS-based MCDA (M) Approach2013Ingår i: 2013 IST-Africa Conference & Exhibition , IEEE Computer Society, 2013, s. 1-9Konferensbidrag (Refereegranskat)
    Abstract [en]

    This paper discusses the application of Analytical Hierarchical (AHP) on Geographic Information System (GIS) based Multcriteria Decision Analysis (Making) MCDA (M) for flood risk management strategies at the Limpopo River Basin in Mozambique. An analytical process is carried out based on GIS Decision Support System (DSS) taking into account the role of ICT and interest of both the decision makers and different stakeholders namely the householders and economic agents, within the basin. The study aims to provide the different stakeholders and decision makers with a decision tool and it focuses on the Mozambican section Limpopo River Basin as part of the national strategies to mitigate the exposure to both floods and droughts that cyclically affect the region.

  • 31.
    Mondlane, Avelino
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap. Eduardo Mondlane University, Mozambique.
    Hansson, Karin
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Muianga, Xavier
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap. Eduardo Mondlane University, Mozambique.
    ICT for Social Networking in Flood Risk and Knowledge Management Strategies - an MCDA approach2013Ingår i: International Journal of Computer and Information Science and Engineering, ISSN 1307-4164, Vol. 7, nr 10, s. 330-336Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    This paper discusses the role and importance of Information and Communication Technologies (ICT) and social Networking (SN) in the process of decision making for Flood Risk and Knowledge Management Strategies. We use Mozambique Red Cross (CVM) as the case study and further more we address scenarios for flood risk management strategies, using earlier warning and social networking and we argue that a sustainable desirable stage of life can be achieved by developing scenario strategic planning based on backcasting.

  • 32.
    Mondlane, Avelino I.
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap. Eduardo Mondlane University, Mozambique.
    Hansson, Karin
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver B.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Insurance as Strategy for Flood Risk Management at Limpopo River Basin – A decision making Process under Uncertainty2013Ingår i: International Journal of Computers & Technology, ISSN 2277-3061, Vol. 10, nr 8, s. 1862-1877Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    The Limpopo River Basin, one of the nine international rivers crossing Mozambique, historically has shown to be cyclically flooded, undermining the economic and social development of its four riparian countries. Local and external added efforts are always in place when floods occur. Nowadays there are recommended ex-ante instruments to prevent floods and one of the most applicable instruments worldwide is insurance. Most of the inhabitants, even governments, affected by Limpopo River Basin are poor, therefore our concern regards the viability to apply insurance as a strategy for flood risk management. Moreover our research investigates to what extent the application of insurance, within two identified communities as case study, might create an added value in the process of decision making on flood risk management for Limpopo River Basin.

    Ladda ner fulltext (pdf)
    Paper III
  • 33.
    Mondlane, Avelino
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap. Eduardo Mondlane University, Mozambique.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Hansson, Karin
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Vulnerability, Human Behaviour, Hazards and Expected Utility in the Context of Risk Management: “The case of Limpopo River Basin in Mozambique”2013Ingår i: International Journal of Computer Science and Network, ISSN 2277-5420, Vol. 2, nr 6, s. 1-11Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    In this paper we use four main dimensions: Vulnerability, Human Behaviour, Hazards and Expected Utility to analyze their impact in scenario planning when cross-matched with Human Development Adjusted, Gender Inequality and Multidimensional Poverty Indexes within flood risk management strategies. We argue that the four dimensions are among the central factors behind the poor quality of life. Hence, we propose a backcasting method for a scenario planning and based on sustainable principles at long run to provide a desired and better quality of life as a contribution by the human beings in reducing vulnerability to risk and exposure to hazards. In doing so, we address best practices toward utility improvement and behaviour paradigm shift as a novel approach for participatory strategic thinking in the Multicriteria Decision Analysis for integrating flood risk management strategies related to Limpopo River Basin.

    Ladda ner fulltext (pdf)
    Paper IV
  • 34. Popov, Igor
    et al.
    Mihajlov, Martin
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    mashpoint: Surfing the Web in a Data-Oriented Way2017Ingår i: 17th IEEE International Conference on Smart Technologies IEEE EUROCON 2017: Conference Proceedings / [ed] Ljupco Karadzinov, Goga Cvetkovski, Pero Latkoski, IEEE Computer Society, 2017, s. 50-55Konferensbidrag (Refereegranskat)
    Abstract [en]

    Simple information lookup tasks (e.g. “What the weather like in London?” or “What is the population of the UK?”), are currently well supported with traditional search engines, and more recently with intelligent personal assistants. Intensive knowledge tasks, (e.g. “How do countries with low GDP per capita rank in emigration?”), however, require combining and cross referencing data from multiple sources to get to an answer have typically not been well supported. Our ability to support these types of information tasks on the Web is currently compromised by the inherent document/application nature of the Web itself. End-user mashup tools traditionally approach this problem by assisting users in structuring unstructured content form web pages and then support information-oriented tasks over the structured content. Motivated by the fact that more and more structured data is available on Web pages we investigate another possible solution: how to extend traditional Web navigation, which the majority of end users find intuitive, to include more data-centric behaviour. With mashpoint we propose a simple architecture, which would support an interaction that allows web pages to be linked based on similarities of the entities in their data. Linked in this way, queries that traditionally require the tedious work of joining information form several pages can be performed with simple web-like navigation. The paper focuses on evaluating if the proposed interaction is one that users would be able to understand to execute intensive knowledge tasks. We ran two separate studies: first to explore if the interaction concepts introduced are easily learnable and to gather initial feedback on our prototype, and second to explore design options which can inform how to address discovery challenges when large amount of pages are linked in this way, therefore assessing the feasibility of this model to work on a Web-scale.

  • 35.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Priorities for Research on Current and Emerging Network Technologies2010Rapport (Övrigt vetenskapligt)
  • 36.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Some Aspects of Cybersecurity for Critical Infrastructure Protection Via Reflection of Industrial Control Systems2022Ingår i: Cybersecurity for Critical Infrastructure Protection Via Reflection of Industrial Control Systems / [ed] Oliver Popov; Lyudmila Sukhostat, IOS Press , 2022, s. 5-9Konferensbidrag (Övrigt vetenskapligt)
    Abstract [en]

    The Relevance of Cybersecurity

    The history and omnipresence of the Internet permeates every sector of human activity today. Its inception echoes the nature of many revolutionary technological innovations, conceived via the intellectual vision found in academic communities and with its basis in government funded projects blended with potential benefits for various military advancements, particularly at the height of the cold war. The information revolution sparked by the Internet generated numerous information services, which evolved to became the critical information infrastructure that is the functional backbone of contemporary society. The sheer enthusiasm found in academic communities for the technology soon met with multiple technical, societal, and policy-making issues, including internal and external regulations and ethical challenges. Many of these, echoed in areas such as governance, sustainability, resilience, security, and privacy, have become perpetual, as indeed they should, in view of the two main directions, human and technological, the values of which and the need for rational balance must be reconsidered by each generation.

  • 37.
    Popov, Oliver
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Bergman, Jesper
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Valassi, Christian
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    A Framework for Forensically Sound Harvesting the Dark Web2018Ingår i: Proceedings of the Central European Cybersecurity Conference 2018, Association for Computing Machinery (ACM), 2018, s. 13:1-13:7, artikel-id 13Konferensbidrag (Refereegranskat)
    Abstract [en]

    The generative and transformative nature of the Internet which has become a synonym for the infrastructure of the contemporary digital society, is also a place where there are unsavoury and illegal activities such as fraud, human trafficking, exchange of control substances, arms smuggling, extremism, and terrorism. The legitimate concerns such as anonymity and privacy are used for proliferation of nefarious deeds in parts of the Internet termed as a deep web and a dark web. The cryptographic and anonymity mechanisms employed by the dark web miscreants create serious problems for the law enforcement agencies and other legal institutions to monitor, control, investigate, prosecute, and prevent the range of criminal events which should not be part of the Internet, and the human society in general. The paper describes the research on developing a framework for identifying, collecting, analysing, and reporting information from the dark web in a forensically sound manner. The framework should provide the fundamentals for creating a real-life system that could be used as a tool by law enforcement institutions, digital forensics researchers and practitioners to explore and study illicit actions and their consequences on the dark web. The design science paradigms is used to develop the framework, while international security and forensic experts are behind the ex-ante evaluation of the basic components and their functionality, the architecture, and the organization of the system. Finally, we discuss the future work concerning the implementation of the framework along with the inducement of some intelligent modules that should empower the tool with adaptability, effectiveness, and efficiency.

  • 38.
    Popov, Oliver
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Saleem, Shahzad
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Selection of a Right Tool for Mobile Device Forensics2012Ingår i: 2nd International Conference on Complex Sciences: Theory and Applications, 2012Konferensbidrag (Övrigt vetenskapligt)
  • 39.
    Popov, Oliver
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Sukhostat, LyudmilaAzerbaijan National Academy of Sciences, Baku, Azerbaijan.
    Cybersecurity for Critical Infrastructure Protection Via Reflection of Industrial Control Systems2022Proceedings (redaktörskap) (Övrigt vetenskapligt)
  • 40.
    Saleem, Shahzad
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Baggili, Ibrahim
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Quantifying relevance of mobile digital evidence as they relate to case types: a survey and a guide for best practices2014Ingår i: The Journal of Digital Forensics, Security and Law, ISSN 1558-7215, E-ISSN 1558-7223, Vol. 9, nr 2, s. 19-44Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    In this work, a survey was conducted to help quantify the relevance of nineteen types of evidence (such as SMS) to seven types of digital investigations associated with mobile devices (MD) (such as child pornography). 97 % of the respondents agreed that every type of digital evidence has a different level of relevance to further or solve a particular investigation. From 55 serious participants, a data set of 5,772 responses regarding the relevance of nineteen types of digital evidence for all the seven types of digital investigations was obtained. The results showed that (i) SMS belongs to grade “A” type of digital evidence for all the seven types of investigations, (ii) MMS belongs to grade “A” type of digital evidence for all the types of digital investigations except espionage and eavesdropping where it is grade “B”, (iii) Phonebook and Contacts is grade “A” type of digital evidence for all types of digital investigations except child pornography where it is grade “B”, (iv) Audio Calls is grade “A” type of digital evidence for all types of digital investigations except credit card fraud and child pornography where it is grade “B” and (v) Standalone Files are grade “E” type of digital evidence for most of the digital investigations. The size of the response data set was fairly reasonable to analyze and then define; by generalization, relevance based best practices for mobile device forensics, which can supplement any forensics process model, including digital triage. For the reliability of these best practices, the impact of responses from the participants with more than five years of experience was analyzed by using one hundred and thirty three (133) instances of One-Way ANOVA tests. The results of this research can help investigators concentrate on the relevant types of digital evidence when investigating a specific case, consequently saving time and effort.

  • 41.
    Saleem, Shahzad
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Formal Approach for the Selection of a Right Tool for Mobile Device Forensics2013Konferensbidrag (Refereegranskat)
    Abstract [en]

    Small scale digital devices (SSDD) have had a profound impact on the way we interact with the world around us. Penetration of these devices especially mobile phones has almost reached to their saturation point. Their omnipresence spans over almost every activity of our life such as financial transactions, learning, entertainment, distributed social presence and communication. For instance, a mobile phone, based on the breadth and the depth of its usage, has become a personal digital behavioral archive (DBA), storing a wealth of information which can potentially qualify as digital evidence. In case of an illegal activity, identifying and understanding the digital evidence from such an important piece of equipment is crucial. There are numerous tools to discover and analyze these DBAs termed as tools for mobile device forensics (MoDeFo). The diversity of SSDD, types of digital evidence and variety of MoDeFo tools posit a complex problem of selecting the right one to perform mobile device forensics. Consequently the selection of the wrong tool may lead to compromised evidence, incorrect interpretations and wrong conclusions and thus precluding the litigating parties from their right of a fair trial. Instead of using heuristics, one can introduce more formal methods such as multi-criteria decision analysis to assist in the tedious process of selection of a suitable MoDeFo tool. Performance of MoDeFo tools and relevance of the evidence for a particular investigation are the two main factors of the formal selection process discussed in this paper.

  • 42.
    Saleem, Shahzad
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Protecting Digital Evidence Integrity by Using Smart Cards: Revised Selected Papers2010Ingår i: Digital Forensics and Cyber Crime: Revised Selected Papers / [ed] Ibrahim Baggili, Springer Berlin/Heidelberg, 2010, s. 110-119Konferensbidrag (Refereegranskat)
    Abstract [en]

    RFC 3227 provides general guidelines for digital evidence collection and archiving, while the International Organization on Computer Evidence offers guidelines for best practice in the digital forensic examination. In the light of these guidelines we will analyze integrity protection mechanism provided by EnCase and FTK which is mainly based upon Message Digest Codes (MDCs). MDCs for integrity protection are not temper proof, hence they can be forged. With the proposed model for protecting digital evidence integrity by using smart cards (PIDESC) that establishes a secure platform for digitally signing the MDC (in general for a whole range of cryptographic services) in combination with Public Key Cryptography (PKC), one can show that this weakness might be overcome.

  • 43.
    Saleem, Shahzad
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Appiah-Kubi, Oheneba Kwame
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Evaluating and Comparing Tools for Mobile Device Forensics Using Quantitative Analysis2013Ingår i: Digital forensics and cyber crime, ICDF2C 2012 / [ed] Rogers, M.; Seigfried Spellar, K. C., New York: Springer, 2013, s. 264-282Konferensbidrag (Refereegranskat)
    Abstract [en]

    In this paper we have presented quantitative analysis technique to measure and compare the quality of mobile device forensics tools while evaluating them. For examiners, it will provide a formal mathematical base and an obvious way to select the best tool, especially for a particular type of digital evidence in a specific case. This type of comparative study was absent in both NIST's evaluation process and our previous work (Evaluation of Some Tools for Extracting e-Evidence from Mobile Devices). We have evaluated UFED Physical Pro 1.1.3.8 and XRY 5.0. To compare the tools we have calculated Margin of Error and Confidence Interval (CI) based on the proportion of successful extractions from our samples in different scenarios. It is followed by hypothesis testing to further strengthen the CI results and to formally compare the accuracy of the tools with a certain level of confidence.

  • 44.
    Saleem, Shahzad
    et al.
    National University of Science and Technology, Pakistan.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Baggili, Ibrahim
    University of New Haven, USA.
    A method and a case study for the selection of the best available tool for mobile device forensics using decision analysis2016Ingår i: Digital Investigation. The International Journal of Digital Forensics and Incident Response, ISSN 1742-2876, E-ISSN 1873-202X, Vol. 16, s. S55-S64Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    The omnipresence of mobile devices (or small scale digital devices – SSDD) and more importantly the utility of their associated applications for our daily activities, which range from financial transactions to learning, and from entertainment to distributed social presence, create an abundance of digital evidence for each individual. Some of the evidence may be a result of illegal activities that need to be identified, understood and eventually prevented in the future. There are numerous tools for acquiring and analyzing digital evidence extracted from mobile devices. The diversity of SSDDs, types of evidence generated and the number of tools used to uncover them posit a rather complex and challenging problem of selecting the best available tool for the extraction and the subsequent analysis of the evidence gathered from a specific digital device. Failing to select the best tool may easily lead to incomplete and or improper extraction, which eventually may violate the integrity of the digital evidence and diminish its probative value. Moreover, the compromised evidence may result in erroneous analysis, incorrect interpretation, and wrong conclusions which may eventually compromise the right of a fair trial. Hence, a digital forensics investigator has to deal with the complex decision problem from the very start of the investigative process called preparatory phase. The problem could be addressed and possibly solved by using multi criteria decision analysis. The performance of the tool for extracting a specific type of digital evidence, and the relevance of that type of digital evidence to the investigative problem are the two central factors for selecting the best available tool, which we advocate in our work. In this paper we explain the method used and showcase a case study by evaluating two tools using two mobile devices to demonstrate the utility of our proposed approach. The results indicated that XRY (Alt1) dominates UFED (Alt2) for most of the cases after balancing the requirements for both performance and relevance.

  • 45.
    Saleem, Shahzad
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Baggili, Ibrahim
    Extended Abstract Digital Forensics Model with Preservation and Protection as Umbrella Principles2014Ingår i: Procedia Computer Science, E-ISSN 1877-0509, Vol. 35, s. 812-821Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    In this research, a literature review was conducted where twenty (n=20) frameworks and models highlighting preservation of the integrity of digital evidence and protection of basic human rights during digital forensic investigations were studied. The models not discussing the process at an abstract level were excluded. Therefore, thirteen (n=13) of the studied models were included in our analysis. The results indicated that published abstract models lack preserving the integrity of digital evidence and protecting the basic human rights as explicit overarching umbrella principles. To overcome this problem, we proposed an extension to Reith’s abstract digital forensics model explicating preservation of integrity and protection of human rights as two necessary umbrella principles.

  • 46.
    Saleem, Shahzad
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Dahman, Rami
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Evaluation of Security Methods for Ensuring the Integrity of Digital Evidence2011Ingår i: Innovations 2011: 2011 International Conference on Innovations in Information Technology, Abu Dhabi: IEEE Computer Society, 2011, s. 220-225Konferensbidrag (Övrigt vetenskapligt)
    Abstract [en]

    The omnipresence of e-services running on various instances of pervasive e-infrastructures that are fundamental to the contemporary information society generates an abundance of digital evidence. The evidence in a digital form stems from a myriad of sources ranging from stand alone computers and their volatile and non-volatile storages, to mobile small scale digital devices, network traffic, ever-present applications comprising social networks, ISP records, logs, Web pages, databases and both global and local information systems. The acquisition and the analysis of this evidence is crucial to understanding and functioning of the digital world, regardless of the positive or negative implications of the actions and the activities that generated the evidence. In the case of the later, when the evidence comes from illegal, illicit and malicious activities, the protection of digital evidence is of major concern for the law enforcement and legal institutions, namely for investigators and prosecutors. To protect the integrity of the digital evidence, a number of security methods are used. These methods differ in terms of performance, accuracy, security levels, computational complexity, potential errors and the statistical admissibility of the produced results, as well as the vulnerabilities to accidental or malicious modifications. The work presented deals with the evaluation of these security methods in order to study and understand their ”goodness” and suitability to protect the integrity of the digital evidence. The immediate outcome of the evaluation is a set of recommendations to be considered for selecting the right algorithm to protect integrity of the digital evidence in general.

    Ladda ner fulltext (pdf)
    fulltext
  • 47.
    Seid, Elias
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Blix, Fredrik
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Security Attack Behavioural Pattern Analysis for Critical Service Providers2024Ingår i: Journal of Cybersecurity and Privacy (JCP), E-ISSN 2624-800X, Vol. 4, nr 1, s. 55-75Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    Identifying potential system attacks that define security requirements is crucial to building secure cyber systems. Moreover, the attack frequency makes their subsequent analysis challenging and arduous in cyber–physical systems (CPS). Since CPS include people, organisations, software, and infrastructure, a thorough security attack analysis must consider both strategic (social and organisa- tional) aspects and technical (software and physical infrastructure) aspects. Studying cyberattacks and their potential impact on internal and external assets in cyberspace is essential for maintaining cyber security. The importance is reflected in the work of the Swedish Civil Contingencies Agency (MSB), which receives IT incident reports from essential service providers mandated by the NIS direc- tive of the European Union and Swedish government agencies. To tackle this problem, a multi-realm security attack event monitoring framework was proposed to monitor, model, and analyse security events in social(business process), cyber, and physical infrastructure components of cyber–physical systems. This paper scrutinises security attack patterns and the corresponding security solutions for Swedish government agencies and organisations within the EU’s NIS directive. A pattern analysis was conducted on 254 security incident reports submitted by critical service providers. A total of five critical security attacks, seven vulnerabilities (commonly known as threats), ten attack patterns, and ten parallel attack patterns were identified. Moreover, we employed standard mitigation techniques obtained from recognised repositories of cyberattack knowledge, namely, CAPEC and Mitre, in order to conduct an analysis of the behavioural patterns.

  • 48.
    Seid, Elias
    et al.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Popov, Oliver
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Blix, Fredrik
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Towards Security Attack Event Monitoring for Cyber Physical-Systems2023Ingår i: Proceedings of the 9th International Conference on Information Systems Security and Privacy (ICIISSP 2023) / [ed] Paolo Mori; Gabriele Lenzini; Steven Furnell, SciTePress , 2023, s. 723-733Konferensbidrag (Refereegranskat)
    Abstract [en]

    In today’s software systems, security is one of the major issues that need to be considered when designing Cyber Physical-Systems(CPS). CPS are engineered systems built from, and depend upon, the seamless integration of computational algorithms and physical components. Security breaches are on the rise, and CPS are challenged by catastrophic damage, which resulted in billions of losses. Security Solutions to the Cyber Physical-Systems that we have are likely to become obsolete. Even though security agents issue new sets of vulnerability indicators and patches to address the security breach, these vulnerability indicators change over time, which is a perpetual process. We argue that any security solution for the Cyber Physical-Systems should be adaptive, based on the type of attacks and their frequency. The security solution should monitor its environment continuously to defend itself from a cyber-attack by modifying its defensive mechanism. We propose a framework for modelling, analyzing and monitoring security attacks (events) in the social, cyber and physical infrastructure realms of CPS. The framework is evaluated using security attack scenarios from a recognized security knowledge repository.

  • 49. Wilson, Tim J.
    et al.
    Bergman, Jesper
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Jackson, Adam
    Popov, Oliver B.
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    Preventing Machines From Lying: Why Interdisciplinary Collaboration is Essential for Understanding Artefactual or Artefactually Dependent Expert Evidence2024Ingår i: Journal of Criminal Law, ISSN 0022-0183Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    This article demonstrates a significantly different approach to managing probative risks arising from the complex and fast changing relationship between law and computer science. Law's historical problem in adapting to scientific and technologically dependent evidence production is seen less as a socio-techno issue than an ethical failure within criminal justice. This often arises because of an acceptance of epistemological incomprehension between lawyers and scientists. Something compounded by the political economy of criminal justice and safeguard evasion within state institutions. What is required is an exceptionally broad interdisciplinary collaboration to enable criminal justice decision-makers to understand and manage the risk of further ethical failure. If academic studies of law and technology are to address practitioner concerns, it is often necessary, however, to step down the doctrinal analysis to a specific jurisdictional level.

1 - 49 av 49
RefereraExporteraLänk till träfflistan
Permanent länk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf