Cybersecurity

The term ‘Steganography’ refers to ‘covered writing’ and encompasses methods of transmitting secret messages through innocuous cover carriers in a manner that their existence is undetectable. Johnson & Jojodia (1998). For years hackers have been finding more innovative ways of hiding data within existing systems usually for the purpose of transporting it to a target destination. The term ‘carrier’ often refers to a type of common file that covert information can be embedded in unknowingly to anyone else. Kessler (2007) discusses the fact that any form of digital information can be stored inside many types of carrier files, including image, audio, video and executable files. Digital forensics tools can be used to scan carriers to determine whether or not suspicious information lies underneath the surface. ...

The preparation phase of digital search is the most important phase of the digital investigation process. If not carried out correctly, the can lead to improper handling of evidence that may lead to damage of crucial materials to an investigation. This phase involves the preparation of tools, techniques, search warrants, and monitoring authorizations and management support. Venansius & Tushabe (2004). It is therefore important that adequate resources are allocated to the preparation phase. Beebe & Clark (2007) elaborate more on this phase as the process of preparing tools and equipment, honing forensics skills, and continuing to become educated about on new technologies and tools that may be useful in dealing with the incident. ...

There are a number of cybercrime laws that are extremely important in the field of digital forensics and cybersecurity as a whole. Two of the most important laws include the Computer Fraud and Abuse Act (CFAA) of 1984 and the Electronic Communications Privacy Act (ECPA) of 1986. The original intent of CFAA was to address computer related crimes and more specifically protect information assets. The law made it a federal crime to gain unauthorized access to data or information on protected computer systems. It does not come without criticism. Kerr (2009) made many points that the current law is too vague stating that CFAA has become so broad, and computers so common, that expansive or uncertain interpretations of unauthorized access will render it unconstitutional. Nevertheless, the law has been a cornerstone for shaping the way we deal with cybercrime and since its introduction, has been since amended a number of times. ...

It doesn’t seem that long ago that I received an official letter in the mail from the United States Office of Personnel Management (OPM) detailing that sensitive information about me had been compromised. I had been following the news and knew about the breach, so the letter didn’t come as a huge shock. It did make me think about the impact of such a breach, originally reported as affecting 4 million individuals, later estimated to have compromised sensitive information of 21.5 million. Christensen et al (2015). Just this past week I once again learned, along with the majority of the country, that with high probability my identity along with millions of others had been stolen in another data breach. It has since come to light that the cause of the breach was unpatched systems affected by Apache’s open-source Struts software, a vulnerability that should have been mitigated months before the breach took place. Brandom (2017). ...

This article summarizes and analyzes discussion from two different articles on the subjects of DNS Rebinding and the use of contextual signatures with Intrusion Detection Systems. DNS Rebinding is type of attack that was first documented in the mid 1990s. Since then it has become more prevalent through vulnerabilities inherent the way information is transmitted to and from a typical web browser using JavaScript. This topic is covered in depth along with the various methods of DNS rebinding, vulnerabilities and mitigations efforts. ...

Denial of Service (Dos) and Distributed Denial of Service (DDoS) attacks have continued to prove to be one of the most challenging threats in modern times. While DoS has been around for some time, the methods used and practices of distributed botnets and automated scripts have continued to grow in sophistication. This paper survey’s three peer reviewed papers in the areas of Denial of Service Detection, Prevention and Mitigation. Each of these sections provide a rationale for the publication selected along with an overview of the proposed techniques and / or application solutions. Each section concludes by highlighting some benefits and drawbacks for each proposed technique. Additional supporting research has been carried out contribute to this overall paper as outlined in the references section at the end. ...

Bluetooth connectivity has grown immensely in popularity with mobile devices in the last number of years. The convenience factor of being able to have a hands-free experience with a mobile phone while driving or out and about has fueled this growth. Unfortunately, like all conveniences there are typically downsides. In the case of Bluetooth, there have been a number of vulnerabilities detected over the last number of years ranging from mobile device viruses to attacks on devices from attackers. In their 2006 publication, Bose & Shin discussed the negative impact of viruses specifically designed to target Bluetooth enabled mobile devices. Their paper discussed the pitfalls of these types of malware that could be spread via SMS/MMS messages and by exploiting Bluetooth vulnerabilities. They analyzed these viruses in order build detection and containment systems. ...

The use of mobile devices including policies and employee restrictions should be considered in any modern network security architecture. Mobile devices are used commonly both at home and at work with some organizations managing BYOD (Bring your Own Device) policies. It is therefore important to consider the implications of this and to ensure any BYOD device is properly locked down, authorized and managed within the corporate network. Westervelt (2010) published an article several years ago on the high amount of vulnerabilities discovered within mobile devices. Many of which were reminiscent of earlier / legacy web application issues. Homeland Security Newswire published an article on the ‘new’ cybersecurity threat of smartphone apps that do more than they say they do in terms of hidden malware and other threats. n.d. (2010). ...

A covert storage channel occurs when illegitimate hidden information or data is sent secretly via a legitimate communication channel. The process occurs through the manipulation of communications medium in an unconventional way in order to transmit data that is unseen in everyday operations. Thyer (2008). An example of a covert storage channel involves the hiding of data in ICMP error echoing functionality. OWASP (n.d.). Due to the specification, data can be sent to cause a host to leek information or provide verbose error messages potentially revealing sensitive operating system information. This type of covert channel could lead to gaining knowledge of vulnerabilities and possible future attacks. It can be mitigated by clearing out all reserved fields prior to transmission to ensure no sensitive data is leaked. ...

I was recently sent an article titled ‘How it feels to learn JavaScript in 2016’. Aguinaga, J. (2016). It is a somewhat amusing take on the current state of JavaScript frameworks and libraries available to web developers and how this environment is changing so quickly. All quirks aside, modern application frameworks provide us with much interactivity and web functionality we take for granted. The modern web browser has to cope with these advancements and continue to evolve to meet the demands of its users and developers. In the Federal government and other organizations that are not able to update their software systems to keep up with the pace, libraries called polyfills have been created to add functionality to legacy browsers that were never designed to run such rich modern web applications. Modernizr is one of the most popular HTML5 polyfills available as open source software at https://github.com/Modernizr. ...