Search

Your search keyword '"Kennedy, Ian"' showing total 74 results
Start Over Author "Kennedy, Ian" Publication Type Electronic Resources
74 results on '"Kennedy, Ian"'

1. A framework for the systematic evaluation of malware forensic tools

Author

Kennedy, Ian Martin

Subjects
005.8
Abstract

Following a series of high profile miscarriages of justice linked to questionable expert evidence, the post of the Forensic Science Regulator was created in 2008 with a remit to improve the standard of practitioner competences and forensic procedures. It has since moved to incorporate a greater level of scientific practice in these areas, as used in the production of expert evidence submitted to the UK Criminal Justice System. Accreditation to their codes of practice and conduct will become mandatory for all forensic practitioners by October 2017. A variety of challenges with expert evidence are explored and linked to a lack of a scientific methodology underpinning the processes followed. In particular, the research focuses upon investigations where malicious software (‘malware’) has been identified. A framework, called the ‘Malware Analysis Tool Evaluation Framework’ (MATEF), has been developed to address this lack of methodology to evaluate software tools used during investigations involving malware. A prototype implementation of the framework was used to evaluate two tools against a population of over 350,000 samples of malware. Analysis of the findings indicated that the choice of tool could impact on the number of artefacts observed in malware forensic investigations as well as identifying the optimal execution time for a given tool when observing malware artefacts. Three different measures were used to evaluate the framework. The first of these evaluated the framework against the requirements and determined that these were largely met. Where the requirements were not met these are attributed to matters either outside scope or the fledgling nature of the research. Another measure used to evaluate the framework was to consider its performance in terms of speed and resource utilisation. This identified scope for improvement in terms of the time to complete a test and the need for more economical use of disk space. Finally, the framework provides a scientific means to evaluate malware analysis tools, hence addressing the Research Question subject to the level at which ground truth is established. A number of contributions are produced as the output of this work. First there is confirmation for the case for a lack of trusted practice in the field of malware forensics. Second, the MATEF itself, as it facilitates the production of empirical evidence of a tool’s ability to detect malware artefacts. A third contribution is a set of requirements for establishing trusted practice in the use of malware artefact detection tools. Finally, empirical evidence that supports both the notion that the choice of tool can impact on the number of artefacts observed in malware forensic investigations as well as identifying the optimal execution time for a given tool when observing malware artefacts.

Published
2017
Full Text
View/download PDF

2. Investigation of heat exchanger inclination in forced-draught air-cooled heat exchangers

Author

Kennedy, Ian James

Subjects
621.4025
Abstract

In some industrial air-cooled heat exchangers, such as those in the generating set industry, the flow must turn through 90° after exiting the heat exchanger. In such arrangements, the plenum depths are typically very shallow. Furthermore., the axial fan often operates in the mixed-flow region of the fan characteristic, due to the restrictive nature of the system. These two factors lead to a reduction in the thermal performance of the system. The purpose of this study was to investigate the effect on thermal performance of inclining the heat exchanger relative to the axial fan. It was also important to compare this with simply increasing the plenum depth without inclining the heat exchanger, since inclination itself may increase the mean plenum depth. This was achieved through an isothermal experimental investigation, complemented with a numerical study using CFD. The results showed that as the heat exchanger was inclined, the low velocity core at the centre of the heat exchanger tended to move to one side. The opposite side had increased flow through the heat exchanger due to the inclination. For a mixed-flow fan operating point typical of some industries, it was found that inclination has a negligible effect on the performance of the system, when compared with a baseline case. Increasing the plenum depth also had no significant effect. At the axial fan operating point investigated, it was found that an angle of approximately 30° inclination gave the best performance. Increasing the plenum depth was found to improve the performance more than inclination. The best performing case was the non-inclined case with a plenum depth of 0.65 fan diameters. This gave an increase in flow of2.8% over the baseline case, and a corresponding 1.1 % increase in thermal performance.

Published
2013

5. Low-temperature exposure has immediate and lasting effects on the stress tolerance, chemotaxis and proteome of entomopathogenic nematodes

Author

Lillis, Peter E., Kennedy, Ian P., Carolan, James C., Griffin, Christine T., Lillis, Peter E., Kennedy, Ian P., Carolan, James C., and Griffin, Christine T.

Abstract

Temperature is one of the most important factors affecting soil organisms, including the infective stages of parasites and entomopathogenic nematodes, which are important biological control agents. We investigated the response of 2 species of entomopathogenic nematodes to different storage regimes: cold (9°C), culture temperature (20°C) and temperature swapped from 9 to 20°C. For Steinernema carpocapsae, cold storage had profound effects on chemotaxis, stress tolerance and protein expression that were retained in temperature-swapped individuals. These effects included reversal of chemotactic response for 3 (prenol, methyl salicylate and hexanol) of the 4 chemicals tested, and enhanced tolerance to freezing (−10°C) and desiccation (75% RH). Label-free quantitative proteomics showed that cold storage induced widespread changes in S. carpocapsae, including an increase in heat-shock proteins and late embryogenesis abundant proteins. For Heterorhabditis megidis, cold storage had a less dramatic effect on chemotaxis (as previously shown for proteomic expression) and changes were not maintained on return to 20°C. Thus, cold temperature exposure has significant effects on entomopathogenic nematodes, but the nature of the change depends on the species. Steinernema carpocapsae, in particular, displays significant plasticity, and its behaviour and stress tolerance may be manipulated by brief exposure to low temperatures, with implications for its use as a biological control agent.

Published
2023

6. Followback Clusters, Satellite Audiences, and Bridge Nodes: Coengagement Networks for the 2020 US Election

Author

Beers, Andrew, Schafer, Joseph S., Kennedy, Ian, Wack, Morgan, Spiro, Emma S., Starbird, Kate, Beers, Andrew, Schafer, Joseph S., Kennedy, Ian, Wack, Morgan, Spiro, Emma S., and Starbird, Kate

Abstract

The 2020 United States presidential election was, and has continued to be, the focus of pervasive and persistent mis- and disinformation spreading through our media ecosystems, including social media. This event has driven the collection and analysis of large, directed social network datasets, but such datasets can resist intuitive understanding. In such large datasets, the overwhelming number of nodes and edges present in typical representations create visual artifacts, such as densely overlapping edges and tightly-packed formations of low-degree nodes, which obscure many features of more practical interest. We apply a method, coengagement transformations, to convert such networks of social data into tractable images. Intuitively, this approach allows for parameterized network visualizations that make shared audiences of engaged viewers salient to viewers. Using the interpretative capabilities of this method, we perform an extensive case study of the 2020 United States presidential election on Twitter, contributing an empirical analysis of coengagement. By creating and contrasting different networks at different parameter sets, we define and characterize several structures in this discourse network, including bridging accounts, satellite audiences, and followback communities. We discuss the importance and implications of these empirical network features in this context. In addition, we release open-source code for creating coengagement networks from Twitter and other structured interaction data., Comment: Accepted for publication at ICWSM '23

Published
2023

7. Evaluating Malware Forensics Tools

Author

Kennedy, Ian, Bandara, Arosha, Price, Blaine, Kennedy, Ian, Bandara, Arosha, and Price, Blaine

Abstract

We present an example implementation of the previously published Malware Analysis Tool Evaluation Framework (MATEF) to explore if a systematic basis for trusted practice can be established for evaluating malware artefact detection tools used within a forensic investigation. The application of the framework is demonstrated through a case study which presents the design of two example experiments that consider the hypotheses: (1) Is there an optimal length of time in which to execution malware for analysis and (2) Is there any observable difference between tools when observing malware behaviour? The experiments used a sample of 4,800 files known to produce network artefacts. These were selected at random from a library of over 350,000 malware binaries. The tools Process Monitor and TCPVCon, popular in the digital forensic community, are chosen as the subjects for investigating these two questions. The results indicate that it is possible to use the MATEF to identify an optimal execution time for a software tool used to monitor activity generated by malware.

Published
2022

8. The case for Zero Trust Digital Forensics

Author

Neale, Christoper, Kennedy, Ian, Price, Blain, Nuseibeh, Bashar, Neale, Christoper, Kennedy, Ian, Price, Blain, and Nuseibeh, Bashar

Abstract

It is imperative for all stakeholders that digital forensics investigations produce reliable results to ensure the field delivers a positive contribution to the pursuit of justice across the globe. Some aspects of these investigations are inevitably contingent on trust, however this is not always explicitly considered or critically evaluated. Erroneously treating features of the investigation as trusted can be enormously damaging to the overall reliability of an investigations findings as well as the confidence that external stakeholders can have in it. As an example, digital crime scenes can be manipulated by tampering with the digital artefacts left on devices, yet recent studies have shown that efforts to detect occurrences of this are rare and argue that this leaves digital forensics investigations vulnerable to accusations of inaccuracy. In this paper a new approach to digital forensics is considered based on the concept of Zero Trust, an increasingly popular design in network security. Zero Trust describes the practitioner mindset and principles upon which the reliance on trust in network components is eliminated in favour of dynamic verification of network interactions. An initial definition of Zero Trust Digital Forensics will be proposed and then a specific example considered showing how this strategy can be applied to digital forensic investigations to mitigate against the specific risk of evidence tampering. A definition of Zero Trust Digital Forensics is proposed, specifically that it is a strategy adopted by investigators whereby each aspect of an investigation is assumed to be unreliable until verified. A new principle will be introduced, namely the multifaceted verification of digital artefacts that can be used by practitioners who wish to adopt a Zero Trust Digital Forensics strategy during their investigations...

Published
2022
Full Text
View/download PDF

9. Towards Increasing Trust In Expert Evidence Derived From Malware Forensic Tools

Author

Kennedy, Ian, Bandara, Arosha, Price, Blaine, Kennedy, Ian, Bandara, Arosha, and Price, Blaine

Abstract

Following a series of high profile miscarriages of justice in the UK linked to questionable expert evidence, the post of the Forensic Science Regulator was created in 2008. The main objective of this role is to improve the standard of practitioner competences and forensic procedures. One of the key strategies deployed to achieve this is the push to incorporate a greater level of scientific conduct in the various fields of forensic practice. Currently there is no statutory requirement for practitioners to become accredited to continue working with the Criminal Justice System of England and Wales. However, the Forensic Science Regulator is lobbying the UK Government to make this mandatory. This paper focuses upon the challenge of incorporating a scientific methodology to digital forensic investigations where malicious software ('malware') has been identified. One aspect of such a methodology is the approach followed to both select and evaluate the tools used to perform dynamic malware analysis during an investigation. Based on the literature, legal, regulatory and practical needs we derive a set of requirements to address this challenge. We present a framework, called the 'Malware Analysis Tool Evaluation Framework' (MATEF), to address this lack of methodology to evaluate software tools used to perform dynamic malware analysis during investigations involving malware and discuss how it meets the derived requirements., Comment: Article in press. Accepted by Journal of Digital Forensics, Security and Law (JDFSL)

Published
2020

10. Towards Increasing Trust In Expert Evidence Derived From Malware Forensic Tools

Author

Kennedy, Ian M, Price, Blaine, Bandara, Arosha, Kennedy, Ian M, Price, Blaine, and Bandara, Arosha

Abstract

Following a series of high profile miscarriages of justice in the UK linked to questionable expert evidence, the post of the Forensic Science Regulator was created in 2008. The main objective of this role is to improve the standard of practitioner competences and forensic procedures. One of the key strategies deployed to achieve this is the push to incorporate a greater level of scientific conduct in the various fields of forensic practice. Currently there is no statutory requirement for practitioners to become accredited to continue working with the Criminal Justice System of England and Wales. However, the Forensic Science Regulator is lobbying the UK Government to make this mandatory. This paper focuses upon the challenge of incorporating a scientific methodology to digital forensic investigations where malicious software (‘malware’) has been identified. One aspect of such a methodology is the approach followed to both select and evaluate the tools used to perform dynamic malware analysis during an investigation. Based on the literature, legal, regulatory and practical needs we derive a set of requirements to address this challenge. We present a framework, called the ‘Malware Analysis Tool Evaluation Framework’ (MATEF), to address this lack of methodology to evaluate software tools used to perform dynamic malware analysis during investigations involving malware and discuss how it meets the derived requirements.

Published
2020

11. Military Commissions, Criminal Court, and the Christmas Day Bomber

Author

Kennedy, Ian, Kennedy, Ian, Kennedy, Ian, and Kennedy, Ian

Abstract

In 2009, Umar Farouk Abdulmutallab attempted to detonate an explosive device on a plane landing in Detroit on Christmas Day. The attack was unsuccessful, but it spurred an important domestic debate regarding U.S. anti-terrorist programs and policies. In particular, the event fueled an argument over the proper forum for the interrogation and prosecution of terrorist suspects captured in the United States. Focusing on national security issues, some contended that treating Abdulmutallab as a criminal defendant in an Article III court, rather than subjecting him to a military commission, was imprudent and dangerous, while others insisted that it was entirely appropriate and responsible. This Note will probe this debate by comparing the two tribunals as each relates to the legal protections for suspects during interrogation. The Note argues that although some differences do exist, it is quite plausible that treating Abdulmutallab and other captured terrorist suspects as criminal defendants in Article III court does not adversely impact intelligence gathering and national security.

Published
2011

12. Physicochemical properties of iron oxide nanoparticles that contribute to cellular ROS-dependent signaling and acellular production of hydroxyl radical.

Author

Vogel, Christoph FA, Vogel, Christoph FA, Charrier, Jessica G, Wu, Dalei, McFall, Alexander S, Li, Wen, Abid, Aamir, Kennedy, Ian M, Anastasio, Cort, Vogel, Christoph FA, Vogel, Christoph FA, Charrier, Jessica G, Wu, Dalei, McFall, Alexander S, Li, Wen, Abid, Aamir, Kennedy, Ian M, and Anastasio, Cort

Abstract

While nanoparticles (NPs) are increasingly used in a variety of consumer products and medical applications, some of these materials have potential health concerns. Macrophages are the primary responders to particles that initiate oxidative stress and inflammatory reactions. Here, we utilized six flame-synthesized, engineered iron oxide NPs with various physicochemical properties (e.g. Fe oxidation state and crystal size) to study their interactions with RAW 264.7 macrophages, their iron solubilities, and their abilities to produce hydroxyl radical in an acellular assay. Both iron solubility and hydroxyl radical production varied between NPs depending on crystalline diameter and surface area of the particles, but not on iron oxidation state. Macrophage treatment with the iron oxide NPs showed a dose-dependent increase of heme oxygenase 1 (HO-1) and NAD(P)H:quinone oxidoreductase (NQO-1). The nuclear factor (NF)-erythroid-derived 2 (E2)-related factor 2 (Nrf2) modulates the transcriptional activity of antioxidant response element (ARE)-driven genes, such as HO-1 and NQO-1. Here, we show that the iron oxide NPs activate Nrf2, leading to its increased nuclear accumulation and enhanced Nrf2 DNA-binding activity in NP-treated RAW 264.7 macrophages. Iron solubility and acellular hydroxyl radical generation depend on the physical properties of the NPs, especially crystalline diameter; however, these properties are weakly linked to the activation of cellular signaling of Nrf2 and the expression of oxidative stress markers. Overall, our work shows for the first time that iron oxide nanoparticles induce cellular marker genes of oxidative stress and that this effect is transcriptionally mediated through the Nrf2-ARE signaling pathway in macrophages.

Published
2016

13. Capture and detection of T7 bacteriophages on a nanostructured interface.

Author

Han, Jin-Hee, Han, Jin-Hee, Wang, Min S, Das, Jayanti, Sudheendra, L, Vonasek, Erica, Nitin, Nitin, Kennedy, Ian M, Han, Jin-Hee, Han, Jin-Hee, Wang, Min S, Das, Jayanti, Sudheendra, L, Vonasek, Erica, Nitin, Nitin, and Kennedy, Ian M

Abstract

A highly ordered array of T7 bacteriophages was created by the electrophoretic capture of phages onto a nanostructured array with wells that accommodated the phages. Electrophoresis of bacteriophages was achieved by applying a positive potential on an indium tin oxide electrode at the bottom of the nanowells. Nanoscale arrays of phages with different surface densities were obtained by changing the electric field applied to the bottom of the nanowells. The applied voltage was shown to be the critical factor in generating a well-ordered phage array. The number of wells occupied by a phage, and hence the concentration of phages in a sample solution, could be quantified by using a DNA intercalating dye that rapidly stains the T7 phage. The fluorescence signal was enhanced by the intrinsic photonic effect made available by the geometry of the platform. It was shown that the quantification of phages on the array was 6 orders of magnitude better than could be obtained with a fluorescent plate reader. The device opens up the possibility that phages can be detected directly without enrichment or culturing, and by detecting phages that specifically infect bacteria of interest, rapid pathogen detection becomes possible.

Published
2014

14. Sublethal effects of CuO nanoparticles on Mozambique tilapia (Oreochromis mossambicus) are modulated by environmental salinity.

Author

Villarreal, Fernando D, Villarreal, Fernando D, Das, Gautom Kumar, Abid, Aamir, Kennedy, Ian M, Kültz, Dietmar, Villarreal, Fernando D, Villarreal, Fernando D, Das, Gautom Kumar, Abid, Aamir, Kennedy, Ian M, and Kültz, Dietmar

Abstract

The increasing use of manufactured nanoparticles (NP) in different applications has triggered the need to understand their putative ecotoxicological effects in the environment. Copper oxide nanoparticles (CuO NP) are toxic, and induce oxidative stress and other pathophysiological conditions. The unique properties of NP can change depending on the characteristics of the media they are suspended in, altering the impact on their toxicity to aquatic organisms in different environments. Here, Mozambique tilapia (O. mossambicus) were exposed to flame synthesized CuO NP (0.5 and 5 mg · L(-1)) in two environmental contexts: (a) constant freshwater (FW) and (b) stepwise increase in environmental salinity (SW). Sublethal effects of CuO NP were monitored and used to dermine exposure endpoints. Fish exposed to 5 mg · L(-1) CuO in SW showed an opercular ventilation rate increase, whereas fish exposed to 5 mg · L(-1) in FW showed a milder response. Different effects of CuO NP on antioxidant enzyme activities, accumulation of transcripts for metal-responsive genes, GSH ∶ GSSG ratio, and Cu content in fish gill and liver also demonstrate that additive osmotic stress modulates CuO NP toxicity. We conclude that the toxicity of CuO NP depends on the particular environmental context and that salinity is an important factor for modulating NP toxicity in fish.

Published
2014

15. Potential toxicity of up-converting nanoparticles encapsulated with a bilayer formed by ligand attraction.

Author

Das, Gautom, Das, Gautom, Stark, Daniel, Kennedy, Ian, Das, Gautom, Das, Gautom, Stark, Daniel, and Kennedy, Ian

Abstract

The cellular toxicity of nanoparticles that were capped with a bilayered ligand was studied using an up-converting (UC) phosphor material as a representative nanoparticle (NP). The results indicate that although UC NPs are known to be nontoxic, the toxicity of the NPs depends strongly on ligand coordination conditions, in addition to the other commonly known parameters such as size, structure, surface charge etc. Oleate-capped hydrophobic NaYF4:Yb,Er NPs were surface modified to yield three extreme conditions: bare particles that were stripped of the oleate ligands; particles with covalently bound poly(ethylene glycol) (PEG) ligands; and particles with an bilayer of PEG-oleate ligands using the oleate surface group that was remained after synthesis. It was found that the bare particles and the covalent PEG NPs induced little toxicity. However, particles that were rendered biocompatible by forming a bilayer with an amphiphilic ligand (i.e., PEG-oleate) resulted in significant cell toxicity. These findings strongly suggest that the PEG-oleate group dissociated from the bilayered oleate-capped NPs, resulting in significant toxicity by exposing the hydrophobic oleate-capped NPs to the cell. Based on results with bare particles, the NaLnF4:Yb,Er (Ln = Y, Gd) up-converting phosphors are essentially less-toxic. Capping and functionalizing these particles with ligand intercalation may, however, not be a suitable method for rendering the NPs suitable for bioapplication as the ligand can potentially dissociate upon cellular interaction, leading to significant toxicity.

Published
2014

16. New approach to investigate the cytotoxicity of nanomaterials using single cell mechanics.

Author

Zimmer, Christopher C, Zimmer, Christopher C, Liu, Ying X, Morgan, Joshua T, Yang, Guohua, Wang, Kang-Hsin, Kennedy, Ian M, Barakat, Abdul I, Liu, Gang-yu, Zimmer, Christopher C, Zimmer, Christopher C, Liu, Ying X, Morgan, Joshua T, Yang, Guohua, Wang, Kang-Hsin, Kennedy, Ian M, Barakat, Abdul I, and Liu, Gang-yu

Abstract

Current in vitro methods to assess nanomaterial cytotoxicity involve various assays to monitor specific cellular dysfunction, such as metabolic imbalance or inflammation. Although high throughput, fast, and animal-free, these in vitro methods suffer from unreliability and lack of relevance to in vivo situations. New approaches, especially with the potential to reliably relate to in vivo studies directly, are in critical need. This work introduces a new approach, single cell mechanics, derived from atomic force microscopy-based single cell compression. The single cell based approach is intrinsically advantageous in terms of being able to directly correlate to in vivo investigations. Its reliability and potential to measure cytotoxicity is evaluated using known systems: zinc oxide (ZnO) and silicon dioxide (SiO2) nanoparticles (NP) on human aortic endothelial cells (HAECs). This investigation clearly indicates the reliability of single cell compression. For example, ZnO NPs cause significant changes in force vs relative deformation profiles, whereas SiO2 NPs do not. New insights into NPs-cell interactions pertaining to cytotoxicity are also revealed from this single cell mechanics approach, in addition to a qualitative cytotoxicity conclusion. The advantages and disadvantages of this approach are also compared with conventional cytotoxicity assays.

Published
2014

17. NaGdF4:Eu3+ Nanoparticles for Enhanced X-ray Excited Optical Imaging.

Author

Sudheendra, L, Sudheendra, L, Das, Gautom K, Li, Changqing, Stark, Daniel, Cena, Jake, Cherry, Simon, Kennedy, Ian M, Sudheendra, L, Sudheendra, L, Das, Gautom K, Li, Changqing, Stark, Daniel, Cena, Jake, Cherry, Simon, and Kennedy, Ian M

Abstract

X-ray luminescent nanoparticles (NPs), including lanthanide fluorides, have been evaluated for application to deep tissue in vivo molecular imaging using optical tomography. A combination of high material density, higher atomic number and efficient NIR luminescence from compatible lanthanide dopant ions indicates that particles that consist of ALnF4 (A = alkaline, Ln = lanthanide element) may offer a very attractive class of materials for high resolution, deep tissue imaging with X-ray excitation. NaGdF4:Eu3+ NPs produced an X-ray excited luminescence that was among the most efficient of nanomaterials that have been studied thus far. We have systematically studied factors such as (a) the crystal structure that changes the lattice environment of the doped Eu3+ ions within the unit cell; and extrinsic factors such as (b) a gold coating (with attendant biocompatibility) that couples to a plasmonic excitation, and (c) changes in the NPs surface properties via changes in the pH of the suspending medium-all with a significant impact on the X-ray excited luminescence of NaGdF4:Eu3+NPs. The luminescence from an optimally doped hexagonal phase NaGdF4:Eu3+ nanoparticle was 25% more intense compared to that of a cubic structure. We observed evidence of plasmonic reabsorption of midwavelength emission by a gold coating on hexagonal NaGdF4:Eu3+ NPs; fortunately, the NaGdF4:Eu3+ @Au core-shell NPs retained the efficient 5D0→7F4 NIR (692 nm) luminescence. The NaGdF4:Eu3+ NPs exhibited sensitivity to the ambient pH when excited by X-rays, an effect not seen with UV excitation. The sensitivity to the local environment can be understood in terms of the sensitivity of the excitons that are generated by the high energy X-rays (and not by UV photons) to crystal structure and to the surface state of the particles.

Published
2014

18. Investigating weight variability of food products: A six sigma approach

Author

Gomez, TG, Kennedy, Ian, Haider, J, Gomez, TG, Kennedy, Ian, and Haider, J

Abstract

Overweight in the net product content is commonly observed in the food manufacturing industries in order to avoid the risks of non-compliance regulations. Excessive weight in the products above the specified and legal minimum weight is passed on free to the customers. This giveaway weight is a potential waste leading to variation in product quality, an increased manufacturing cost and reduced profitability. This paper addresses a case study on the implementation of Six sigma approach in a frozen food manufacturing company in order identify the root causes of variation in the net weight of the products, to minimise the variation and to reduce the waste. Necessary data was gathered after each stage of the manufacturing process. The results showed that the poor water control in the forming machine, the damaged state of the forming plates and the poor state of the batter enrobing machine could be responsible for the variation.

Published
2014

19. Potential toxicity of up-converting nanoparticles encapsulated with a bilayer formed by ligand attraction.

Author

Das, Gautom K, Das, Gautom K, Stark, Daniel T, Kennedy, Ian M, Das, Gautom K, Das, Gautom K, Stark, Daniel T, and Kennedy, Ian M

Abstract

The cellular toxicity of nanoparticles that were capped with a bilayered ligand was studied using an up-converting (UC) phosphor material as a representative nanoparticle (NP). The results indicate that although UC NPs are known to be nontoxic, the toxicity of the NPs depends strongly on ligand coordination conditions, in addition to the other commonly known parameters such as size, structure, surface charge etc. Oleate-capped hydrophobic NaYF4:Yb,Er NPs were surface modified to yield three extreme conditions: bare particles that were stripped of the oleate ligands; particles with covalently bound poly(ethylene glycol) (PEG) ligands; and particles with an bilayer of PEG-oleate ligands using the oleate surface group that was remained after synthesis. It was found that the bare particles and the covalent PEG NPs induced little toxicity. However, particles that were rendered biocompatible by forming a bilayer with an amphiphilic ligand (i.e., PEG-oleate) resulted in significant cell toxicity. These findings strongly suggest that the PEG-oleate group dissociated from the bilayered oleate-capped NPs, resulting in significant toxicity by exposing the hydrophobic oleate-capped NPs to the cell. Based on results with bare particles, the NaLnF4:Yb,Er (Ln = Y, Gd) up-converting phosphors are essentially less-toxic. Capping and functionalizing these particles with ligand intercalation may, however, not be a suitable method for rendering the NPs suitable for bioapplication as the ligand can potentially dissociate upon cellular interaction, leading to significant toxicity.

Published
2014

20. On-chip detection of a single nucleotide polymorphism without polymerase amplification.

Author

Han, Jinhee, Han, Jinhee, Tan, Matthew, Sudheendra, Lakshmana, Weiss, Robert H, Kennedy, Ian M, Han, Jinhee, Han, Jinhee, Tan, Matthew, Sudheendra, Lakshmana, Weiss, Robert H, and Kennedy, Ian M

Abstract

A nanoparticle-assembled photonic crystal (PC) array was used to detect single nucleotide polymorphism (SNP). The assay platform with PC nanostructure enhanced the fluorescent signal from nanoparticle-hybridized DNA complexes due to phase matching of excitation and emission. Nanoparticles coupled with probe DNA were trapped into nanowells in an array by using an electrophoretic particle entrapment system. The PC/DNA assay platform was able to identify a 1 base pair (bp) difference in synthesized nucleotide sequences that mimicked the mutation seen in a feline model of human autosomal dominant polycystic kidney disease (PKD) with a sensitivity of 0.9 fg/mL (50 aM)-sensitivity, which corresponds to 30 oligos/array. The reliability of the PC/DNA assay platform to detect SNP in a real sample was demonstrated by using genomic DNA (gDNA) extracted from the urine and blood of two PKD- wild type and three PKD positive cats. The standard curves for PKD positive (PKD+) and negative (PKD-) DNA were created using two feline-urine samples. An additional three urine samples were analyzed in a similar fashion and showed satisfactory agreement with the standard curve, confirming the presence of the mutation in affected urine. The limit of detection (LOD) was 0.005 ng/mL which corresponds to 6 fg per array for gDNA in urine and blood. The PC system demonstrated the ability to detect a number of genome equivalents for the PKD SNP that was very similar to the results reported with real time polymerase chain reaction (PCR). The favorable comparison with quantitative PCR suggests that the PC technology may find application well beyond the detection of the PKD SNP, into areas where a simple, cheap and portable nucleic acid analysis is desirable.

Published
2014

21. Novel lanthanide-labeled metal oxide nanoparticles improve the measurement of in vivo clearance and translocation

Author

Abid, Aamir D, Abid, Aamir D, Anderson, Donald S, Das, Gautom K, Van Winkle, Laura S, Kennedy, Ian M, Abid, Aamir D, Abid, Aamir D, Anderson, Donald S, Das, Gautom K, Van Winkle, Laura S, and Kennedy, Ian M

Abstract

The deposition, clearance and translocation of europium-doped gadolinium oxide nanoparticles in a mouse lung were investigated experimentally. Nanoparticles were synthesized by spray flame pyrolysis. The particle size, crystallinity and surface properties were characterized. Following instillation, the concentrations of particles in organs were determined with inductively coupled plasma mass spectrometry. The protein corona coating the nanoparticles was found to be similar to the coating on more environmentally relevant nanoparticles such as iron oxide. Measurements of the solubility of the nanoparticles in surrogates of biological fluids indicated very little propensity for dissolution, and the elemental ratio of particle constituents did not change, adding further support to the contention that intact nanoparticles were measured. The particles were intratracheally instilled into the mouse lung. After 24 hours, the target organs were harvested, acid digested and the nanoparticle mass in each organ was measured by inductively coupled plasma mass spectrometry (ICP-MS). The nanoparticles were detected in all the studied organs at low ppb levels; 59% of the particles remained in the lung. A significant amount of particles was also detected in the feces, suggesting fast clearance mechanisms. The nanoparticle system used in this work is highly suitable for quantitatively determining deposition, transport and clearance of nanoparticles from the lung, providing a quantified measure of delivered dose.

Published
2013

23. Synthesis and characterization of multifunctional silica core-shell nanocomposites with magnetic and fluorescent functionalities.

Author

Ma, Zhiya, Ma, Zhiya, Dosev, Dosi, Nichkova, Mikaela, Dumas, Randy K, Gee, Shirley J, Hammock, Bruce D, Liu, Kai, Kennedy, Ian M, Ma, Zhiya, Ma, Zhiya, Dosev, Dosi, Nichkova, Mikaela, Dumas, Randy K, Gee, Shirley J, Hammock, Bruce D, Liu, Kai, and Kennedy, Ian M

Abstract

Multifunctional core-shell nanocomposites with a magnetic core and a silica shell doped with lanthanide chelate have been prepared by a simple method. First, citric acid-modified magnetite nanoparticles were synthesized by a chemical coprecipitation method. Then the magnetite nanoparticles were coated with silica shells doped with terbium (Tb(3+)) complex by a modified Stöber method based on hydrolyzing and condensation of tetraethyl orthosilicate (TEOS) and a silane precursor. These multifunctional nanocomposites are potentially useful in a variety of biological areas such as bio-imaging, bio-labeling and bioassays because they can be simultaneously manipulated with an external magnetic field and exhibit unique phosphorescence properties.

Published
2009

24. Induction of inflammation in vascular endothelial cells by metal oxide nanoparticles: effect of particle composition.

Author

Gojova, Andrea, Gojova, Andrea, Guo, Bing, Kota, Rama S, Rutledge, John C, Kennedy, Ian M, Barakat, Abdul I, Gojova, Andrea, Gojova, Andrea, Guo, Bing, Kota, Rama S, Rutledge, John C, Kennedy, Ian M, and Barakat, Abdul I

Abstract

BackgroundThe mechanisms governing the correlation between exposure to ultrafine particles and the increased incidence of cardiovascular disease remain unknown. Ultrafine particles appear to cross the pulmonary epithelial barrier into the bloodstream, raising the possibility of direct contact with the vascular endothelium.ObjectivesBecause endothelial inflammation is critical for the development of cardiovascular pathology, we hypothesized that direct exposure of human aortic endothelial cells (HAECs) to ultrafine particles induces an inflammatory response and that this response depends on particle composition.MethodsTo test the hypothesis, we incubated HAECs for 1-8 hr with different concentrations (0.001-50 mug/mL) of iron oxide (Fe(2)O(3)), yttrium oxide (Y(2)O(3)), and zinc oxide (ZnO) nanoparticles and subsequently measured mRNA and protein levels of the three inflammatory markers intra-cellular cell adhesion molecule-1, interleukin-8, and monocyte chemotactic protein-1. We also determined nanoparticle interactions with HAECs using inductively coupled plasma mass spectrometry and transmission electron microscopy.ResultsOur data indicate that nanoparticle delivery to the HAEC surface and uptake within the cells correlate directly with particle concentration in the cell culture medium. All three types of nanoparticles are internalized into HAECs and are often found within intracellular vesicles. Fe(2)O(3) nanoparticles fail to provoke an inflammatory response in HAECs at any of the concentrations tested; however, Y(2)O(3) and ZnO nanoparticles elicit a pronounced inflammatory response above a threshold concentration of 10 mug/mL. At the highest concentration, ZnO nanoparticles are cytotoxic and lead to considerable cell death.ConclusionsThese results demonstrate that inflammation in HAECs following acute exposure to metal oxide nanoparticles depends on particle composition.

Published
2007

26. The speciation and morphology of chromium oxide nanoparticles in a diffusion flame

Author

Guo, B, Guo, B, Kennedy, Ian M, Guo, B, Guo, B, and Kennedy, Ian M

Abstract

The impact of combustion conditions on the formation of chromium oxide aerosol has been studied in a hydrogen diffusion flame seeded with Cr(CO) 6 vapor. Specifically, the effects of the precursor concentration, the flame temperature and the flame residence time on properties of the postflame chromium oxide aerosol were investigated. Each of these flame parameters was found to affect the particle size distribution and/or particle morphology. These effects were partially associated with the fact that the chromium speciation in the final flame products was sensitive to the precursor concentration and the flame temperature. The flame residence time was found to affect the crystallinity of the Cr(III) particles in the postflame chromium oxide aerosol. Conversion of Cr(III) particles to Cr(VI) in the high temperature zone of the flame was proposed to explain changes in the particle size distribution, composition, and morphology. The proposed mechanism was able to explain the experimental findings satisfactorily.

Published
2004

27. Microwave plasma conversion of volatile organic compounds

Author

Ko, Y, Ko, Y, Yang, G S, Chang, DPY, Kennedy, Ian M, Ko, Y, Ko, Y, Yang, G S, Chang, DPY, and Kennedy, Ian M

Abstract

A microwave-induced, steam/Ar/O-2, plasma "torch" was operated at atmospheric pressure to determine the feasibility of destroying volatile organic compounds (VOCs) of concern. The plasma process can be coupled with adsorbent technology by providing steam as the fluid carrier for desorbing the VOCs from an adsorbent. Hence, N-2 can be excluded by using a relatively inexpensive carrier gas, and thermal formation of oxides of nitrogen (NO.) is avoided in the plasma. The objectives of the study were to evaluate the technical feasibility of destroying VOCs from gas streams by using a commercially available microwave plasma torch and to examine whether significant byproducts were produced. Trichloroethene (TCE) and toluene (TOL) were added as representative VOCs of interest to a flow that contained Ar as a carrier gas in addition to O-2 and steam. The O-2 was necessary to ensure that undesirable byproducts were not formed in the process. Microwave power applied at 500-600 W was found to be sufficient to achieve the destruction of the test compounds, down to the detection limits of the gas chromatograph that was used in the analysis. Samples of the postmicrowave gases were collected on sorbent tubes for the analysis of dioxins and other, byproducts. No hazardous byproducts were detected when sufficient O-2 was added to the flow. The destruction efficiency at a fixed microwave power improved with the addition of steam to the flow that passed through the torch.

Published
2003

28. Measurements of Droplet Vaporization in Sprays

Author

CALIFORNIA UNIV DAVIS, Kennedy, Ian M., CALIFORNIA UNIV DAVIS, and Kennedy, Ian M.

Abstract

AASERT funding was used to support graduate student research in the area of spray droplet vaporization. Droplet lasing spectroscopy (DLS) was applied to the measurement of droplet size and vaporization rates in both reacting and non-reacting rectilinear droplet streams. Ethanol, methanol and a pentane/ethanol mixture were doped with Rhodamine 6G. Lasing spectra were examined in the steady state combustion regime. In the pentane/ethanol case, measurements were carried out in a sooting region of the flame. In some cases, vaporization rates were high enough to measure the rate from consecutive droplets, yielding a quasi-instantaneous measurement. In all cases, the D2 law of droplet vaporization was evident. In addition, photographs of the flames yielded measurements of flame height and thickness. In the final year of support, a triggering and timing system was developed so that the DLS method could be applied a turbulent flow in which the trajectory and location of the tagged, fluorescent droplets was uncertain.

Published
2000

29. Particle Dispersion in Turbulent Sprays

Author

CALIFORNIA UNIV DAVIS DEPT OF MECHANICAL AND AERONAUTICAL ENGINEERING, Kennedy, Ian M., Kollmann, Wolfgang, CALIFORNIA UNIV DAVIS DEPT OF MECHANICAL AND AERONAUTICAL ENGINEERING, Kennedy, Ian M., and Kollmann, Wolfgang

Abstract

A scheme was devised to inject individual tagged droplets into a turbulent spray. The droplets were tagged with a laser dye. The bulk of the spray in the jet was created with micro air blast atomizers that formed an aerosol with a narrow size distribution. Particle Imaging Velocimetry (PIV) was implemented with a novel solid state high voltage switch to control the Pockel cell of a YAG laser. The PIV results showed that the micro atomizers yielded well behaved initial conditions for the spray. Dispersion measurements of a tagged fluorescent droplet indicated that the spray had an impact on the dispersion phenomenon if any swirl were imparted to the flow; with precisely aligned injectors the effect of the spray on particle dispersion was very small, suggesting that the turbulence modulation was not important under well controlled conditions. Droplet Lasing Spectroscopy was applied successfully to measurements of vaporization rates of droplets in non-reacting and in burning droplet streams. The results represented a significant extension of the lasing principle to more realistic spray conditions. Instantaneous vaporization rates were measured in a burning droplet stream where the technique was found to yield accurate data. A particle Large Eddy Simulation (PLES) sub model was implemented into a hybrid spectral finite difference solution procedure for the Navier Stokes equation. A semi-analytical Poisson solver was established that was accurate and fast. The PLES method showed encouraging results in jet simulations.

Published
1998

30. Measurements of Droplet Vaporization in Sprays

Author

CALIFORNIA UNIV DAVIS, Kennedy, Ian M., CALIFORNIA UNIV DAVIS, and Kennedy, Ian M.

Abstract

AASERT funding was used to support graduate student research in the area of spray droplet vaporization. Droplet lasing spectroscopy (DLS) was applied to the measurement of droplet size and vaporization rates in both reacting and non-reacting rectilinear droplet streams. A Berglund-Liu droplet generator was used to generate a stream of droplets, approximately 63 microns in diameter and 6.5 droplet diameters apart. Ethanol, methanol and a pentane/ethanol mixture were doped with Rhodamine 6G. Lasing spectra were examined in the steady state combustion regime. In the pentane/ethanol case, measurements were carried out in a sooting region of the flame. In some cases, vaporization rates were high enough to measure the rate from consecutive droplets, yielding a quasi-instantaneous measurement. In all cases, the D squared law of droplet vaporization was evident. In addition, photographs of the flames yielded measurements of flame height and thickness.

Published
1998

31. Experiments in Turbulent Spray Combustion.

Author

CALIFORNIA UNIV DAVIS, Kennedy, Ian M., CALIFORNIA UNIV DAVIS, and Kennedy, Ian M.

Abstract

One PhD student graduated during the course of the AASERT award. He undertook a one year post doctoral position at Sandia Laboratory in Livermore and is now an Assistant Professor at Florida State University. Another MS student graduated and found a position in manufacturing industry. One continuing PhD candidate graduate student was supported by the AASERT award. The student completed his course work and began full time research in the summer of 1996. A major part of the research effort during the period of the AASERT award was the re-design of a system to produce a spray of liquid in a well defined simple geometry. Loadings of about 50% were obtained with the new system. Measurements of the dispersion of tagged fluorescent particles were obtained by filtering the intense Mie scattering with a combination of colored glass and holographic filters. The measurements showed that the presence of the dispersed phase had a strong impact on the particle dispersion. The graduate students who were assigned to this project gained valuable experience in turbulent two phase fluid mechanics, optics and laser diagnostics as they were involved in assembling the droplet measurement system.

Published
1996

32. Particle Dispersion in Turbulent Sprays.

Author

CALIFORNIA UNIV DAVIS, Kennedy, Ian M., Kollmann, Wolfgang, CALIFORNIA UNIV DAVIS, Kennedy, Ian M., and Kollmann, Wolfgang

Abstract

A Large Eddy Simulation (LES) was used to model a two phase turbulent round jet. The LES for the continuous phase used the Smagorinsky model for the sub-grid scale motion. A simple model for the effect of the particles on the continuous phase was developed. The model was essentially a momentum balance for a fluid volume containing particles moving relative to the continuous phase. The simulation showed that particles accelerated the roll up of the shear layer. Droplet dispersion was measured in a turbulent round jet of air issuing into still air. Individual droplets were formed with a piezoelectric device; they were injected onto the centerline of the jet. Their location across the jet was measured at different axial stations with a laser sheet and position sensing photomultiplier tube. Particles containing a fluorescent dye were injected into a turbulent spray. Spray scattering was rejected with a Raman filter. Dispersion of the tagged particles was measured. Results agreed with the LES in which the injection of the spray enhanced development of the jet and the dispersion of particles.

Published
1995

34. Particle Dispersion in a Turbulent Shear Flow

Author

CALIFORNIA UNIV DAVIS DEPT OF MECHANICAL AND AERONAUTICAL ENGINEERING, Kennedy, Ian M., Kollmann, Wolfgang, CALIFORNIA UNIV DAVIS DEPT OF MECHANICAL AND AERONAUTICAL ENGINEERING, Kennedy, Ian M., and Kollmann, Wolfgang

Abstract

A joint experimental and computational study of droplet dispersion in a round turbulent jet were carried out. Truly Lagrangian measurements of droplet dispersion were obtained with a laser scattering method. A low noise, high frequency response photomultiplier tube was used to track the location of particles as they traversed a sheet of laser light. Measurements of a single droplet at many closely spaced axial locations were obtained and were analyzed in terms of droplet times of flight to give Lagrangian statistics. The computational phase of the project consisted of stochastic simulations of droplet dynamics using the velocity statistics provided by a second order closure model for the jet flow, vortex dynamics for the initial region of the jet at infinite Reynolds number, and a large eddy simulation method for the jet flow at finite Reynolds numbers. The droplet trajectories were computed to second order accuracy in each ease. The large eddy simulation of a jet at a Reynolds number of 15,000 using the discretization error as filters showed very good results up to 40 diameters downstream.

Published
1992

35. Particle Dispersion in a Turbulent Shear Flow

Author

CALIFORNIA UNIV DAVIS, Kennedy, Ian M., Kollmann, Wolfgang, CALIFORNIA UNIV DAVIS, Kennedy, Ian M., and Kollmann, Wolfgang

Abstract

A joint experimental and numerical study of droplet dispersion in a round turbulent jet has been initiated. Laser light scattering was used to measure the motion of non-vaporizing droplets of water and hexadecane in an isothermal turbulent jet of air. The results indicated that an initial radial velocity fluctuation in the droplet motion at the jet exit can serve to increase significantly the dispersion of droplets larger than 100 microns. Vortex dynamics simulations of the near region of the jet showed that Basset, virtual mass and pressure gradient forces may be neglected for small droplets but may need to be accounted for, particularly at high pressure, with large droplets (> 100 microns) even if the drop to gas density ratio is close to one. A stochastic simulation of particle dispersion revealed that the Reynolds stresses or velocity correlations in this flow do not contribute significantly to particle dispersion. Keywords: Turbulent shear flows, Particle dispersion, Vortex dynamics, Stochastic simulation.

Published
1990

36. A Framework for the Systematic Evaluation of Malware Forensic Tools

Author

Kennedy, Ian Martin and Kennedy, Ian Martin

Abstract

Following a series of high profile miscarriages of justice linked to questionable expert evidence, the post of the Forensic Science Regulator was created in 2008 with a remit to improve the standard of practitioner competences and forensic procedures. It has since moved to incorporate a greater level of scientific practice in these areas, as used in the production of expert evidence submitted to the UK Criminal Justice System. Accreditation to their codes of practice and conduct will become mandatory for all forensic practitioners by October 2017. A variety of challenges with expert evidence are explored and linked to a lack of a scientific methodology underpinning the processes followed. In particular, the research focuses upon investigations where malicious software (‘malware’) has been identified. A framework, called the ‘Malware Analysis Tool Evaluation Framework’ (MATEF), has been developed to address this lack of methodology to evaluate software tools used during investigations involving malware. A prototype implementation of the framework was used to evaluate two tools against a population of over 350,000 samples of malware. Analysis of the findings indicated that the choice of tool could impact on the number of artefacts observed in malware forensic investigations as well as identifying the optimal execution time for a given tool when observing malware artefacts. Three different measures were used to evaluate the framework. The first of these evaluated the framework against the requirements and determined that these were largely met. Where the requirements were not met these are attributed to matters either outside scope or the fledgling nature of the research. Another measure used to evaluate the framework was to consider its performance in terms of speed and resource utilisation. This identified scope for improvement in terms of the time to complete a test and the need for more economical use of disk space. Finally, the framework provides a scientific mean

37. A Framework for the Systematic Evaluation of Malware Forensic Tools

Author

Kennedy, Ian Martin and Kennedy, Ian Martin

Abstract

Following a series of high profile miscarriages of justice linked to questionable expert evidence, the post of the Forensic Science Regulator was created in 2008 with a remit to improve the standard of practitioner competences and forensic procedures. It has since moved to incorporate a greater level of scientific practice in these areas, as used in the production of expert evidence submitted to the UK Criminal Justice System. Accreditation to their codes of practice and conduct will become mandatory for all forensic practitioners by October 2017. A variety of challenges with expert evidence are explored and linked to a lack of a scientific methodology underpinning the processes followed. In particular, the research focuses upon investigations where malicious software (‘malware’) has been identified. A framework, called the ‘Malware Analysis Tool Evaluation Framework’ (MATEF), has been developed to address this lack of methodology to evaluate software tools used during investigations involving malware. A prototype implementation of the framework was used to evaluate two tools against a population of over 350,000 samples of malware. Analysis of the findings indicated that the choice of tool could impact on the number of artefacts observed in malware forensic investigations as well as identifying the optimal execution time for a given tool when observing malware artefacts. Three different measures were used to evaluate the framework. The first of these evaluated the framework against the requirements and determined that these were largely met. Where the requirements were not met these are attributed to matters either outside scope or the fledgling nature of the research. Another measure used to evaluate the framework was to consider its performance in terms of speed and resource utilisation. This identified scope for improvement in terms of the time to complete a test and the need for more economical use of disk space. Finally, the framework provides a scientific mean

38. The case for Zero Trust Digital Forensics

Author

Neale, Chris, Kennedy, Ian, Price, Blaine, Yu, Yijun, Nuseibeh, Bashar, Neale, Chris, Kennedy, Ian, Price, Blaine, Yu, Yijun, and Nuseibeh, Bashar

Abstract

It is imperative for all stakeholders that digital forensics investigations produce reliable results to ensure the field delivers a positive contribution to the pursuit of justice across the globe. Some aspects of these investigations are inevitably contingent on trust, however this is not always explicitly considered or critically evaluated. Erroneously treating features of the investigation as trusted can be enormously damaging to the overall reliability of an investigation's findings as well as the confidence that external stakeholders can have in it. As an example, digital crime scenes can be manipulated by tampering with the digital artefacts left on devices, yet recent studies have shown that efforts to detect occurrences of this are rare and argue that this leaves digital forensics investigations vulnerable to accusations of inaccuracy. In this paper a new approach to digital forensics is considered based on the concept of Zero Trust, an increasingly popular design in network security. Zero Trust describes the practitioner mindset and principles upon which the reliance on trust in network components is eliminated in favour of dynamic verification of network interactions. An initial Definition of Zero Trust Digital Forensics will be proposed and then a specific example considered showing how this strategy can be applied to digital forensic investigations to mitigate against the specific risk of evidence tampering. A definition of Zero Trust Digital Forensics is proposed, specifically that it is ‘a strategy adopted by investigators whereby each aspect of an investigation is assumed to be unreliable until verified’. A new principle will be introduced, namely the ‘multifaceted verification of digital artefacts’ that can be used by practitioners who wish to adopt a Zero Trust Digital Forensics strategy during their investigations. A qualitative review of existing artefact verification techniques is also conducted in order to briefly evaluate the viability of this

39. Chapter 10 Opportunities and challenges for the future

Author

Bryant, Robin, Bryant, Sarah, Day, Ed, Kennedy, Ian, Bryant, Robin, Bryant, Sarah, Day, Ed, and Kennedy, Ian

Abstract

This chapter from 'Policing Digital Crime' explores recent developments in digital forensics, which it notes is at the end of a 'golden age'. Challenges relating to the forensic acquisition and analysis of solid state drives (SSDs) and cloud-based data are discussed. Also covered are the some of the issues with policing the deep web, the rise of anti-forensics and a multitude of factors that undermine expert evidence.

40. Chapter 6 Investigating digital crime

Author

Bryant, Robin, Bryant, Sarah, Kennedy, Ian, Bryant, Robin, Bryant, Sarah, and Kennedy, Ian

Abstract

This is a chapter from 'Policing Digital Crime' that explores the nature of investigating digital crime, covering intelligence-led policing, models of criminal and digital crime investigation, along with cooperation practices with ISPs and ICANN. There is also coverage of the use of covert techniques, working with encrypted data and the different types of digital evidence, along with the associated digital forensic standards and accreditation that must be followed.

41. Chapter 8 Digital Forensic Analysis

Author

Bryant, Robin, Bryant, Sarah, Kennedy, Ian, Day, Ed, Bryant, Robin, Bryant, Sarah, Kennedy, Ian, and Day, Ed

Abstract

This chapter from the book 'Policing Digital Crime' provides an overview of the analysis of a Windows PC. It includes the main areas that are typically examined, such as the Windows Registry, recent user activity and metadata analysis from digital photographs, Microsoft office documents and file systems. Also covered is a discussion of the different stages of file deletion and countering the 'pop-up' defence through strategies such as internet history and chat log analysis. Coverage of email analysis techniques, including tracing and mapping the source of email is also provided. The chapter closes with an exploration of mobile phone forensic analysis.

42. Playing With Fire: Dissecting Malicious Software

Author

Kennedy, Ian and Kennedy, Ian

Abstract

Modern malware is more sophisticated than it used to be and can easily mislead the investigator. Ian Kennedy takes us on a journey of discovery into what makes malware tick.

43. Chapter 7 - Procedures at Digital Crime Scenes

Author

Bryant, Robin, Bryant, Sarah, Kennedy, Ian, Day, Ed, Bryant, Robin, Bryant, Sarah, Kennedy, Ian, and Day, Ed

Abstract

This is a chapter from 'Policing Digital Crime' and covers the main procedures followed at a digital crime scene in both a UK and US context and includes reference to ISO/IEC 27037 and how it applies. Possible sources of digital evidence are discussed, along with managing suspects at the scene and other steps to preserve the evidence. An overview of the process of copying ('imaging') digital data is discussed, including non-volatile data, such as RAM (computer) memory. Coverage is also given to the collection of mobile phones at a crime scene, as is the legal powers to seize items.

46. Towards Increasing Trust In Expert Evidence Derived From Malware Forensic Tools

Author

Kennedy, Ian, Bandara, Arosha, Price, Blaine, Kennedy, Ian, Bandara, Arosha, and Price, Blaine

Abstract

Following a series of high profile miscarriages of justice in the UK linked to questionable expert evidence, the post of the Forensic Science Regulator was created in 2008. The main objective of this role is to improve the standard of practitioner competences and forensic procedures. One of the key strategies deployed to achieve this is the push to incorporate a greater level of scientific conduct in the various fields of forensic practice. Currently there is no statutory requirement for practitioners to become accredited to continue working with the Criminal Justice System of England and Wales. However, the Forensic Science Regulator is lobbying the UK Government to make this mandatory. This paper focuses upon the challenge of incorporating a scientific methodology to digital forensic investigations where malicious software (‘malware’) has been identified. One aspect of such a methodology is the approach followed to both select and evaluate the tools used to perform dynamic malware analysis during an investigation. Based on the literature, legal, regulatory and practical needs we derive a set of requirements to address this challenge. We present a framework, called the ‘Malware Analysis Tool Evaluation Framework’ (MATEF), to address this lack of methodology to evaluate software tools used to perform dynamic malware analysis during investigations involving malware and discuss how it meets the derived requirements.

47. Chapter 3 - Investigating digital crime

Author

Bryant, Robin P., Kennedy, Ian, Bryant, Robin P., and Kennedy, Ian

Abstract

This chapter, bearing the name of the book, explores the relationship between digital evidence and cyber crime. It introduces the reader to protocols that apply to the practice of digital forensic examinations and the associated accreditation opportunities. The challenges of presenting digital evidence to lay juries in court are also explored.

48. Why are we not applying modern software engineering methods for developing courseware?

Author

Dwolatzky, Barry, Kennedy, Ian G, Owens, Jonathan D, Dwolatzky, Barry, Kennedy, Ian G, and Owens, Jonathan D

Abstract

Courseware is any form of computer or Web based learning material or Computer Aided Learning System, using digital media. Courseware Engineering (CE) is a new discipline that adapts and applies methods of Software Engineering (SE) to develop courseware. The aim of SE is to bring engineering rigour to the task of software development. SE is a systematic approach to requirement's analysis, design, implementation, validation and verification, maintenance and the eventual retirement of software. Modern software artefacts are extremely complex. SE methodologies deal with this complexity via abstraction and modularization. Specific goals of SE are to produce software that is maintainable and reusable. CE aims to make Courseware Development Methods equally rigorous and reliable as Software Engineering Methods. When developing new courseware, the initial design and ultimate implementation are critical to success. Therefore, a structured, documented approach provides a ‘clear roadmap’ for New Courseware Development (NCD) and can lead to successful implementation and a competitive advantage being achieved. We review the lifecycle of courseware and the courseware development process from concept to consumer. We discuss the vital aspects of CE: templates, modularity, re-use, maintenance, project management, version control and evolution. We describe how modern object-oriented SE approaches, based upon Use-case Analysis and the Unified Modelling Language, may be adapted and applied to CE. Quality assurance aspects currently prevalent in SE also have a role in CE.

49. An assessment of the methodological quality of published network meta-analyses: a systematic review

Author

Chambers, James D., Naci, Huseyin, Wouters, Olivier J., Pyo, Junhee, Gunjal, Shalak, Kennedy, Ian R., Hoey, Mark G., Winn, Aaron, Neumann, Peter J., Chambers, James D., Naci, Huseyin, Wouters, Olivier J., Pyo, Junhee, Gunjal, Shalak, Kennedy, Ian R., Hoey, Mark G., Winn, Aaron, and Neumann, Peter J.

Abstract

Objective To assess the methodological quality of published network meta-analysis. Design Systematic review. Methods We searched the medical literature for network meta-analyses of pharmaceuticals. We assessed general study characteristics, study transparency and reproducibility, methodological approach, and reporting of findings. We compared studies published in journals with lower impact factors with those published in journals with higher impact factors, studies published prior to January 1st, 2013 with those published after that date, and studies supported financially by industry with those supported by non-profit institutions or that received no support. Results The systematic literature search identified 854 citations. Three hundred and eighteen studies met our inclusion criteria. The number of network meta-analyses has grown rapidly, with 48% of studies published since January 2013. The majority of network meta-analyses were supported by a non-profit institution or received no support (68%). We found considerable inconsistencies among reviewed studies. Eighty percent reported search terms, 61% a network diagram, 65% sufficient data to replicate the analysis, and 90% the characteristics of included trials. Seventy percent performed a risk of bias assessment of included trials, 40% an assessment of model fit, and 56% a sensitivity analysis. Among studies with a closed loop, 69% examined the consistency of direct and indirect evidence. Sixty-four percent of studies presented the full matrix of head-to-head treatment comparisons. For Bayesian studies, 41% reported the probability that each treatment was best, 31% reported treatment ranking, and 16% included the model code or referenced publicly-available code. Network meta-analyses published in higher impact factors journals and those that did not receive industry support performed better across the assessment criteria. We found few differences between older and newer studies. Conclusions There is substantial var

50. A Framework for the Systematic Evaluation of Malware Forensic Tools

Author

Kennedy, Ian Martin and Kennedy, Ian Martin

Abstract

Following a series of high profile miscarriages of justice linked to questionable expert evidence, the post of the Forensic Science Regulator was created in 2008 with a remit to improve the standard of practitioner competences and forensic procedures. It has since moved to incorporate a greater level of scientific practice in these areas, as used in the production of expert evidence submitted to the UK Criminal Justice System. Accreditation to their codes of practice and conduct will become mandatory for all forensic practitioners by October 2017. A variety of challenges with expert evidence are explored and linked to a lack of a scientific methodology underpinning the processes followed. In particular, the research focuses upon investigations where malicious software (‘malware’) has been identified. A framework, called the ‘Malware Analysis Tool Evaluation Framework’ (MATEF), has been developed to address this lack of methodology to evaluate software tools used during investigations involving malware. A prototype implementation of the framework was used to evaluate two tools against a population of over 350,000 samples of malware. Analysis of the findings indicated that the choice of tool could impact on the number of artefacts observed in malware forensic investigations as well as identifying the optimal execution time for a given tool when observing malware artefacts. Three different measures were used to evaluate the framework. The first of these evaluated the framework against the requirements and determined that these were largely met. Where the requirements were not met these are attributed to matters either outside scope or the fledgling nature of the research. Another measure used to evaluate the framework was to consider its performance in terms of speed and resource utilisation. This identified scope for improvement in terms of the time to complete a test and the need for more economical use of disk space. Finally, the framework provides a scientific mean

Catalog

Books, media, physical & digital resources
See catalog results