Change search
Link to record
Permanent link

Direct link
Alternative names
Publications (10 of 11) Show all publications
Kebande, V. R. & Choo, K.-K. R. (2022). Finite state machine for cloud forensic readiness as a service (CFRaaS) events. Security and Privacy, 5(1), Article ID e182.
Open this publication in new window or tab >>Finite state machine for cloud forensic readiness as a service (CFRaaS) events
2022 (English)In: Security and Privacy, E-ISSN 2475-6725, Vol. 5, no 1, article id e182Article in journal (Refereed) Published
Abstract [en]

The importance of demonstrating the correctness of forensic analysis tools and automated incident management tools reinforces the need for a finite state machine (FSM) engine that can generate automated forensic processes. Hence, in this paper, we present an event-based FSM representation for Cloud Forensic Readiness as a Service (CFRaaS), where we also show how the FSM's predetermined states and transitions could be used to formulate an automated forensic process and generate a hypothesis for litigation purposes. Specifically, this proposition comprises a two-step level CFRaaS-FSM with possible transitions and states. This representation is useful because it can alert digital forensic investigators on how to deduce current and next state of attacks based on transitions and current states. 

Place, publisher, year, edition, pages
John Wiley & Sons, 2022
Keywords
CFRaaS, cloud forensics, digital forensics, events, finite, level, machine, state
National Category
Computer Sciences
Research subject
Information systems
Identifiers
urn:nbn:se:ltu:diva-86572 (URN)10.1002/spy2.182 (DOI)000737535300004 ()
Note

Validerad;2022;Nivå 2;2022-01-31 (johcin)

Available from: 2021-08-12 Created: 2021-08-12 Last updated: 2022-01-31Bibliographically approved
Kebande, V. R., Ikuesan, R. A. & Karie, N. M. (2022). Review of Blockchain Forensics Challenges. In: K.M. Baalamurugan; S. Rakesh Kumar; Abhishek Kumar; Vishal Kumar; Sanjeevikumar Padmanaban (Ed.), Blockchain Security in Cloud Computing: (pp. 33-50). Springer
Open this publication in new window or tab >>Review of Blockchain Forensics Challenges
2022 (English)In: Blockchain Security in Cloud Computing / [ed] K.M. Baalamurugan; S. Rakesh Kumar; Abhishek Kumar; Vishal Kumar; Sanjeevikumar Padmanaban, Springer, 2022, p. 33-50Chapter in book (Refereed)
Abstract [en]

Blockchain technology has in many ways shown a promising technology where trust can be created between parties. With blockchain, trusted parties can easily transact or exchange information over a cryptographically secured distributed environment. However, based on the blockchain architecture, conducting digital forensic processes faces several problems and challenges. This chapter, therefore, explores the key open problems and challenges experienced while conducting digital forensic processes in blockchain technologies. The authors have leveraged design science research (DSR) to achieve the objectives of this study. Furthermore, the authors have also proposed high-level solutions to the identified problems and challenges. 

Place, publisher, year, edition, pages
Springer, 2022
Series
EAI/Springer Innovations in Communication and Computing, ISSN 2522-8595, E-ISSN 2522-8609
Keywords
Blockchain, Digital forensics, Challenges
National Category
Computer Sciences
Research subject
Information systems
Identifiers
urn:nbn:se:ltu:diva-86692 (URN)10.1007/978-3-030-70501-5_3 (DOI)2-s2.0-85113787515 (Scopus ID)
Note

ISBN för värdpublikation: 978-3-030-70500-8;  978-3-030-70501-5

Available from: 2021-08-17 Created: 2021-08-17 Last updated: 2021-12-14Bibliographically approved
Kebande, V. R., Awaysheh, F. M., Ikuesan, R. A., Alawadi, S. A. & Alshehri, M. D. (2021). A Blockchain-Based Multi-Factor Authentication Model for a Cloud-Enabled Internet of Vehicles. Sensors, 21(18), Article ID 6018.
Open this publication in new window or tab >>A Blockchain-Based Multi-Factor Authentication Model for a Cloud-Enabled Internet of Vehicles
Show others...
2021 (English)In: Sensors, E-ISSN 1424-8220, Vol. 21, no 18, article id 6018Article in journal (Refereed) Published
Abstract [en]

Continuous and emerging advances in Information and Communication Technology (ICT) have enabled Internet-of-Things (IoT)-to-Cloud applications to be induced by data pipelines and Edge Intelligence-based architectures. Advanced vehicular networks greatly benefit from these architectures due to the implicit functionalities that are focused on realizing the Internet of Vehicle (IoV) vision. However, IoV is susceptible to attacks, where adversaries can easily exploit existing vulnerabilities. Several attacks may succeed due to inadequate or ineffective authentication techniques. Hence, there is a timely need for hardening the authentication process through cutting-edge access control mechanisms. This paper proposes a Blockchain-based Multi-Factor authentication model that uses an embedded Digital Signature (MFBC_eDS) for vehicular clouds and Cloud-enabled IoV. Our proposed MFBC_eDS model consists of a scheme that integrates the Security Assertion Mark-up Language (SAML) to the Single Sign-On (SSO) capabilities for a connected edge to cloud ecosystem. MFBC_eDS draws an essential comparison with the baseline authentication scheme suggested by Karla and Sood. Based on the foundations of Karla and Sood’s scheme, an embedded Probabilistic Polynomial-Time Algorithm (ePPTA) and an additional Hash function for the Pi generated during Karla and Sood’s authentication were proposed and discussed. The preliminary analysis of the proposition shows that the approach is more suitable to counter major adversarial attacks in an IoV-centered environment based on the Dolev–Yao adversarial model while satisfying aspects of the Confidentiality, Integrity, and Availability (CIA) triad.

Place, publisher, year, edition, pages
MDPI, 2021
Keywords
blockchain, multi-factor authentication, access control, Internet of Vehicles, cloud-enabled systems
National Category
Information Systems Communication Systems
Research subject
Information systems
Identifiers
urn:nbn:se:ltu:diva-87014 (URN)10.3390/s21186018 (DOI)000701067400001 ()34577224 (PubMedID)2-s2.0-85114330436 (Scopus ID)
Note

Validerad;2021;Nivå 2;2021-09-09 (beamah);

Forskningsfinansiärer: European Regional Development Funds (MOBTT75); Taif University Researchers Supporting Project (TURSP-2020/126)

Available from: 2021-09-09 Created: 2021-09-09 Last updated: 2022-02-10Bibliographically approved
Alawadi, S., Kebande, V. R., Dong, Y., Bugeja, J., Persson, J. A. & Olsson, C. M. (2021). A Federated Interactive Learning IoT-Based Health Monitoring Platform. In: Ladjel Bellatreche; Marlon Dumas; Panagiotis Karras; Raimundas Matulevičius; Ahmed Awad; Matthias Weidlich; Mirjana Ivanović; Olaf Hartig (Ed.), New Trends in Database and Information Systems: ADBIS 2021 Short Papers, Doctoral Consortium and Workshops: DOING, SIMPDA, MADEISD, MegaData, CAoNS, Tartu, Estonia, August 24-26, 2021, Proceedings. Paper presented at 25th European Conference on Advances in Databases and Information Systems (ADBIS 2021), Tartu, Estonia, 24-26 August, 2021 (pp. 235-246). Springer
Open this publication in new window or tab >>A Federated Interactive Learning IoT-Based Health Monitoring Platform
Show others...
2021 (English)In: New Trends in Database and Information Systems: ADBIS 2021 Short Papers, Doctoral Consortium and Workshops: DOING, SIMPDA, MADEISD, MegaData, CAoNS, Tartu, Estonia, August 24-26, 2021, Proceedings / [ed] Ladjel Bellatreche; Marlon Dumas; Panagiotis Karras; Raimundas Matulevičius; Ahmed Awad; Matthias Weidlich; Mirjana Ivanović; Olaf Hartig, Springer, 2021, p. 235-246Conference paper, Published paper (Refereed)
Abstract [en]

Remote health monitoring is a trend for better health management which necessitates the need for secure monitoring and privacy-preservation of patient data. Moreover, accurate and continuous monitoring of personal health status may require expert validation in an active learning strategy. As a result, this paper proposes a Federated Interactive Learning IoT-based Health Monitoring Platform (FIL-IoT-HMP) which incorporates multi-expert feedback as ‘Human-in-the-loop’ in an active learning strategy in order to improve the clients’ Machine Learning (ML) models. The authors have proposed an architecture and conducted an experiment as a proof of concept. Federated learning approach has been preferred in this context given that it strengthens privacy by allowing the global model to be trained while sensitive data is retained at the local edge nodes. Also, each model’s accuracy is improved while privacy and security of data has been upheld. 

Place, publisher, year, edition, pages
Springer, 2021
Series
Communications in Computer and Information Science, ISSN 1865-0929, E-ISSN 1865-0937 ; 1450
Keywords
IoT, Healthcare, Federated, Machine learning
National Category
Computer Sciences
Research subject
Information systems
Identifiers
urn:nbn:se:ltu:diva-86573 (URN)10.1007/978-3-030-85082-1_21 (DOI)000775759800021 ()2-s2.0-85115134304 (Scopus ID)
Conference
25th European Conference on Advances in Databases and Information Systems (ADBIS 2021), Tartu, Estonia, 24-26 August, 2021
Note

ISBN för värdpublikation: 978-3-030-85081-4,  978-3-030-85082-1

Available from: 2021-08-12 Created: 2021-08-12 Last updated: 2022-04-20Bibliographically approved
Karie, N. M., Masri Sahri, N., Yang, W., Valli, C. & Kebande, V. R. (2021). A Review of Security Standards and Frameworks for IoT-Based Smart Environments. IEEE Access, 9
Open this publication in new window or tab >>A Review of Security Standards and Frameworks for IoT-Based Smart Environments
Show others...
2021 (English)In: IEEE Access, E-ISSN 2169-3536, Vol. 9Article, review/survey (Refereed) Published
Abstract [en]

Assessing the security of IoT-based smart environments such as smart homes and smart cities is becoming fundamentally essential to implementing the correct control measures and effectively reducing security threats and risks brought about by deploying IoT-based smart technologies. The problem, however, is in finding security standards and assessment frameworks that best meets the security requirements as well as comprehensively assesses and exposes the security posture of IoT-based smart environments. To explore this gap, this paper presents a review of existing security standards and assessment frameworks which also includes several NIST special publications on security techniques highlighting their primary areas of focus to uncover those that can potentially address some of the security needs of IoT-based smart environments. Cumulatively a total of 80 ISO/IEC security standards, 32 ETSI standards and 37 different conventional security assessment frameworks which included seven NIST special publications on security techniques were reviewed. To present an all-inclusive and up-to-date state-of-the-art research, the review process considered both published security standards and assessment frameworks as well as those under development. The findings show that most of the conventional security standards and assessment frameworks do not directly address the security needs of IoT-based smart environments but have the potential to be adapted into IoT-based smart environments. With this insight into the state-of-the-art research on security standards and assessment frameworks, this study helps advance the IoT field by opening new research directions as well as opportunities for developing new security standards and assessment frameworks that will address future IoT-based smart environments security concerns. This paper also discusses open problems and challenges related to IoT-based smart environments security issues. As a new contribution, a taxonomy of challenges for IoT-based smart environment security concerns drawn from the extensive literature examined during this study is proposed in this paper which also maps the identified challenges to potential proposed solutions.

Place, publisher, year, edition, pages
IEEE, 2021
Keywords
Control Measures, IoT-based Smart Environments, Risks, Security Assessment Frameworks, Security Standards, Taxonomy, Threats
National Category
Information Systems
Research subject
Information systems
Identifiers
urn:nbn:se:ltu:diva-86980 (URN)10.1109/ACCESS.2021.3109886 (DOI)000694691200001 ()2-s2.0-85117607933 (Scopus ID)
Note

Validerad;2021;Nivå 2;2021-09-13 (beamah);

Forskningsfinansiär: Australian Government’sCooperative Research Centres Programme

Available from: 2021-09-06 Created: 2021-09-06 Last updated: 2021-12-14Bibliographically approved
Kebande, V. R., Alawadi, S., Awaysheh, F. & Persson, J. A. (2021). Active Machine Learning Adversarial Attack Detection in the User Feedback Process. IEEE Access, 9, 36908-36923
Open this publication in new window or tab >>Active Machine Learning Adversarial Attack Detection in the User Feedback Process
2021 (English)In: IEEE Access, E-ISSN 2169-3536, Vol. 9, p. 36908-36923Article in journal (Refereed) Published
Abstract [en]

Modern Information and Communication Technology (ICT)-based applications utilize current technological advancements for purposes of streaming data, as a way of adapting to the ever-changing technological landscape. Such efforts require providing accurate, meaningful, and trustworthy output from the streaming sensors particularly during dynamic virtual sensing. However, to ensure that the sensing ecosystem is devoid of any sensor threats or active attacks, it is paramount to implement secure real-time strategies. Fundamentally, real-time detection of adversarial attacks/instances during the User Feedback Process (UFP) is the key to forecasting potential attacks in active learning. Also, according to existing literature, there lacks a comprehensive study that has a focus on adversarial detection from an active machine learning perspective at the time of writing this paper. Therefore, the authors posit the importance of detecting adversarial attacks in active learning strategy. Attack in the context of this paper through a UFP-Threat driven model has been presented as any action that exerts an alteration to the learning system or data. To achieve this, the study employed ambient data collected from a smart environment human activity recognition from (Continuous Ambient Sensors Dataset, CASA) with fully labeled connections, where we intentionally subject the Dataset to wrong labels as a targeted/manipulative attack (by a malevolent labeler) in the UFP, with an assumption that the user-labels were connected to unique identities. While the dataset’s focus is to classify tasks and predict activities, our study gives a focus on active adversarial strategies from an information security point of view. Furthermore, the strategies for modeling threats have been presented using the Meta Attack Language (MAL) compiler for purposes adversarial detection. The findings from the experiments conducted have shown that real-time adversarial identification and profiling during the UFP could significantly increase the accuracy during the learning process with a high degree of certainty and paves the way towards an automated adversarial detection and profiling approaches on the Internet of Cognitive Things (ICoT).

Place, publisher, year, edition, pages
IEEE, 2021
Keywords
Adversarial Detection, User-Feedback-Process, Active Machine Learning, Monitoring Industrial Feedback
National Category
Information Systems, Social aspects
Research subject
Information systems
Identifiers
urn:nbn:se:ltu:diva-83174 (URN)10.1109/ACCESS.2021.3063002 (DOI)000626493900001 ()2-s2.0-85102241032 (Scopus ID)
Funder
Knowledge Foundation, 20140035
Note

Validerad;2021;Nivå 2;2021-03-22 (johcin)

Available from: 2021-03-05 Created: 2021-03-05 Last updated: 2021-10-15Bibliographically approved
Makura, S., Venter, H., Kebande, V. R., Karie, N. M., Ikuesan, R. A. & Alawandi, S. (2021). Digital forensic readiness in operational cloud leveraging ISO/IEC 27043 guidelines on security monitoring. Security and Privacy, 4(3), Article ID e149.
Open this publication in new window or tab >>Digital forensic readiness in operational cloud leveraging ISO/IEC 27043 guidelines on security monitoring
Show others...
2021 (English)In: Security and Privacy, ISSN 2475-6725, Vol. 4, no 3, article id e149Article in journal (Refereed) Published
Abstract [en]

An increase in the use of cloud computing technologies by organizations has led to cybercriminals targeting cloud environments to orchestrate malicious attacks. Conversely, this has led to the need for proactive approaches through the use of digital forensic readiness (DFR). Existing studies have attempted to develop proactive prototypes using diverse agent-based solutions that are capable of extracting a forensically sound potential digital evidence. As a way to address this limitation and further evaluate the degree of PDE relevance in an operational platform, this study sought to develop a prototype in an operational cloud environment to achieve DFR in the cloud. The prototype is deployed and executed in cloud instances hosted on OpenStack: the operational cloud environment. The experiments performed in this study show that it is viable to attain DFR in an operational cloud platform. Further observations show that the prototype is capable of harvesting digital data from cloud instances and store the data in a forensic sound database. The prototype also prepares the operational cloud environment to be forensically ready for digital forensic investigations without alternating the functionality of the OpenStack cloud architecture by leveraging the ISO/IEC 27043 guidelines on security monitoring.

Place, publisher, year, edition, pages
Wiley: John Wiley & Sons, 2021
Keywords
cloud, digital, forensic, ISO/IEC 27043, operational, readiness, security
National Category
Computer Systems Information Systems, Social aspects
Research subject
Information systems
Identifiers
urn:nbn:se:ltu:diva-82994 (URN)10.1002/spy2.149 (DOI)000710539400001 ()
Note

Validerad;2021;Nivå 1;2021-07-01 (beamah)

Available from: 2021-02-18 Created: 2021-02-18 Last updated: 2021-11-08Bibliographically approved
Kebande, V., Karie, N. M., Choo, K. R. & Alawadi, S. (2021). Digital forensic readiness intelligence crime repository. Security and Privacy, 4(3), Article ID e151.
Open this publication in new window or tab >>Digital forensic readiness intelligence crime repository
2021 (English)In: Security and Privacy, ISSN 2475-6725, Vol. 4, no 3, article id e151Article in journal (Refereed) Published
Abstract [en]

It may not always be possible to conduct a digital (forensic) investigation post‐event if there is no process in place to preserve potential digital evidence. This study posits the importance of digital forensic readiness, or forensic‐by‐design, and presents an approach that can be used to construct a Digital Forensic Readiness Intelligence Repository (DFRIR). Based on the concept of knowledge sharing, the authors leverage this premise to suggest an intelligence repository. Such a repository can be used to cross‐reference potential digital evidence (PDE) sources that may help digital investigators during the process. This approach employs a technique of capturing PDE from different sources and creating a DFR repository that can be able to be shared across diverse jurisdictions among digital forensic experts and law enforcement agencies (LEAs), in the form of intelligence. To validate the approach, the study has employed a qualitative approach based on a number of metrics and an analysis of experts' opinion has been incorporated. The DFRIR seeks to maximize the collection of PDE, and reducing the time needed to conduct forensic investigation (e.g., by reducing the time for learning). This study then explains how such an approach can be employed in conjunction with ISO/IEC 27043: 2015.

Place, publisher, year, edition, pages
John Wiley & Sons, 2021
Keywords
digital forensic, investigations, jurisdiction, readiness intelligence, repository
National Category
Information Systems, Social aspects
Research subject
Information systems
Identifiers
urn:nbn:se:ltu:diva-83107 (URN)10.1002/spy2.151 (DOI)000710539400009 ()
Note

Validerad;2021;Nivå 2;2021-07-01 (beamah)

Available from: 2021-03-01 Created: 2021-03-01 Last updated: 2021-12-03Bibliographically approved
Al-Dhaqm, A., Razak, S., Ikuesan, R. A., Kebande, V. R. & Othman, S. H. (2021). Face validation of database forensic investigation metamodel. Infrastructures, 6(2), 1-19
Open this publication in new window or tab >>Face validation of database forensic investigation metamodel
Show others...
2021 (English)In: Infrastructures, E-ISSN 2412-3811, Vol. 6, no 2, p. 1-19Article in journal (Refereed) Published
Abstract [en]

Using a face validity approach, this paper provides a validation of the Database Forensic Investigation Metamodel (DBFIM). The DBFIM was developed to solve interoperability, heterogeneity, complexity, and ambiguity in the database forensic investigation (DBFI) field, where several models were identified, collected, and reviewed to develop DBFIM. However, the developed DBFIM lacked the face validity-based approach that could ensure DBFIM’s applicability in the DBFI field. The completeness, usefulness, and logic of the developed DBFIM needed to be validated by experts. Therefore, the objective of this paper is to perform the validation of the developed DBFIM using the qualitative face validity approach. The face validity method is a common way of validating metamodels through subject expert inquiry on the domain application of the metamodel to assess whether the metamodel is reasonable and compatible based on the outcomes. For this purpose, six experts were nominated and selected to validate the developed DBFIM. From the expert review, the developed DBFIM was found to be complete, coherent, logical, scalable, interoperable, and useful for the DBFI field.

Place, publisher, year, edition, pages
MDPI, 2021
Keywords
database forensics, digital forensic, face validity, metamodel, validation
National Category
Information Systems
Research subject
Information Systems
Identifiers
urn:nbn:se:ltu:diva-82947 (URN)10.3390/infrastructures6020013 (DOI)000623662600001 ()2-s2.0-85100332066 (Scopus ID)
Note

Validerad;2021;Nivå 1;2021-02-15 (johcin)

Available from: 2021-02-15 Created: 2021-02-15 Last updated: 2023-08-23Bibliographically approved
Zawali, B., Ikuesan, R. A., Kebande, V. R., Furnell, S. & A-Dhaqm, A. (2021). Realising a Push Button Modality for Video-Based Forensics. Infrastructures, 6(4), Article ID 54.
Open this publication in new window or tab >>Realising a Push Button Modality for Video-Based Forensics
Show others...
2021 (English)In: Infrastructures, E-ISSN 2412-3811, Vol. 6, no 4, article id 54Article in journal (Refereed) Published
Abstract [en]

Complexity and sophistication among multimedia-based tools have made it easy for perpetrators to conduct digital crimes such as counterfeiting, modification, and alteration without being detected. It may not be easy to verify the integrity of video content that, for example, has been manipulated digitally. To address this perennial investigative challenge, this paper proposes the integration of a forensically sound push button forensic modality (PBFM) model for the investigation of the MP4 video file format as a step towards automated video forensic investigation. An open-source multimedia forensic tool was developed based on the proposed PBFM model. A comprehensive evaluation of the efficiency of the tool against file alteration showed that the tool was capable of identifying falsified files, which satisfied the underlying assertion of the PBFM model. Furthermore, the outcome can be used as a complementary process for enhancing the evidence admissibility of MP4 video for forensic investigation.

Place, publisher, year, edition, pages
Switzerland: MDPI, 2021
Keywords
multimedia forensics, push button forensics, file signature alteration technique
National Category
Information Systems
Research subject
Information Systems
Identifiers
urn:nbn:se:ltu:diva-83539 (URN)10.3390/infrastructures6040054 (DOI)000643749300001 ()2-s2.0-85108382505 (Scopus ID)
Note

Validerad;2021;Nivå 2;2021-04-12 (alebob)

Available from: 2021-04-09 Created: 2021-04-09 Last updated: 2023-10-14Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0003-4071-4596

Search in DiVA

Show all publications