Digital Forensics Laboratory (DFL)

Home DFL

CSCAN-DFL is a focussed research hub investigating future digital forensics technologies. Residing within the established Centre for Security, Communications and Network Research, DFL draws together various aspects of expertise, knowledge and facilities to provide for research, training and consultancy in the area of digital forensics.

Research

The primary objective of the DFL is to explore the current state of the art and develop cutting-edge solutions for use within digital forensics. The Laboratory actively supervises PhD and MSc students in this area and provides for a vibrant and exciting research environment.

Digital Forensics Digital Forensics CSCAN Team

Training

DFL provides a fully equipped 42-seater security and forensics laboratory to facilitate all types of training. Designed with collaborative learning in mind, the laboratory can facilitate training across a wide range of digital forensic capabilities. The Laboratory is also an AccessData Academic Partner providing training and access to the AccessData Certified Examiner (ACE) professional certification.

Digital Forensics Laboratory Digital Forensics Laboratory

AccessData

Consultancy

The Laboratory also provides the facilities for undertaking forensic investigations and data recovery functions. Fully equipped with licensed commercial tools such as EnCase and FTK, DFL can assist in providing the forensic expertise to any computer incident.

The Lab offers a range of opportunities from full investigation, case management and reporting to providing specialised technical expertise and advice on particular aspects of an investigation.

Digital Forensics Digital Forensics

Academic Staff

Prof. Nathan L Clarke BEng(Hons) PhD CEng FBCS SMIEEE SFHEA

Professor of Cyber Security & Digital Forensics

Dr Fudong Li BSc(Hons) MRes PhD ACE AME

Visiting Lecturer in Cyber Security

Dr Stavros N Shiaeles PhD, MEng, FBCS, CEH, CCNSP, COBIT 5F, MIEEE

Lecturer in Computer & Information Security

3 Academic Staff

Research Students

Mr Leith Abed

Designing and implementing access control scheme in cloud computing

Mr Burhan Al-Bayati

Continuous Identity Verification in Cloud Computing Services

Mrs Hiba Al-Kawaz

Forensic Facial Recognition of Multimedia Files

Mr Neamah Al-Naffakh

Wearable Computing and Transparent Authentication

Mr Abdulrahman Alruban

Applying biometrics to digital forensics

Mr Abdulaziz Altamimi

Author Identification of of Text Limited Messages

Mr Dany Joy

An Intelligent Network Forensic Analyzer

Mrs Shahlaa Mashhadani

Advanced Multimedia Analysis in Digital Forensics

Mr Hussam Mohammed

Digital Forensic Analysis of Big Data

9 Research Students

Completed Research students

Dr Abdulwahid Al Abdulwahid

Federated Authentication using the Cloud (Cloud Aura)

Dr Mahmood Al Fahdi PhD

Automated Digital Forensics & Cybercrime Profiling

Dr Gaseb Alotibi

Behavioural Monitoring via Network Communications

Dr Saad Alqahtany

A Forensically-Enabled Cloud Computing Architecture

Dr Frank Doelitzscher PhD

Security Audit Compliance for Cloud Computing

Dr Thomas Rübsamen PhD

Evidence-based Accountability Audits for Cloud Computing

6 Completed Research Students

Journal papers

A novel privacy preserving user identification approach for network traffic
Clarke NL, Li F, Furnell SM
Computers & Security, Volume 70, September 2017, Pages 335-350, 2017
More details | External link available

Identifying Users by Network Traffic Metadata
Alotibi G, Clarke NL, Li F, Furnell SM
International Journal of Chaotic Computing, Volume 4, Issue 2, 2016
More details | External link available

A Comprehensive Evaluation of Feature Selection for Gait Recognition Using Smartwatches
Al-Naffakh N, Clarke NL, Dowland PS, Li F
International Journal for Information Security Research, Volume 6, Issue 3, 2016
More details | External link available

An Automated Approach for Digital Forensic Analysis of Heterogeneous Big Data
Mohammed H, Clarke NL, Li F
The Journal of Digital Forensics, Security and Law: JDFSL, Volume 11 Issue 2 Pages 137-152, 2016
More details | External link available

Leveraging Biometrics for Insider Misuse Identification
Alruban A, Clarke NL, Li F, Furnell SM
International Journal on Cyber Situational Awareness (IJCSA), Vol. 1, No. 1, 2016, article 7, 2016
More details | External link available

Adaptive Behavioral Profiling for Identity Verification in Cloud Computing: A Model and Preliminary Analysis
Al-Bayati B, Clarke NL, Dowland PS
GSTF Journal on Computing (JOC), ISSN:2251-3043, Vol. 5, Iss.1, pp21-28, 2016
Winner of the Best Student Paper award at the 7th Annual International Conference on ICT: Big Data, Cloud and Security (ICT-BDCS 2016).
More details | External link available

A suspect-oriented intelligent and automated computer forensic analysis
Al Fahdi M, Clarke NL, Li F, Furnell SM
Digital Investigation, Volume 18, pp. 65-76, 2016
More details | External link available

A forensic acquisition and analysis system for IaaS
Alqahtany S, Clarke NL, Furnell SM, Reich C
Cluster Computing, pp1-15, 2015
More details | External link available

Android Forensic Data Analyzer (AFDA): An Opensource Tool to Automatize Event Correlation Analysis on Android Devices
Kasiaras D, Zafeiropoulos T, Clarke NL, Kambourakis G
International Journal for Information Security Research (IJISR), Vol. 4, Iss. 4, pp501-509, 2014
More details | External link available

Sun Behind Clouds - On Automatic Cloud Security Audits and a Cloud Audit Policy Language
Doelitzscher F, Rübsamen T, Karbe T, Reich C, Knahl MH, Clarke NL
International Journal on Advances in Networks and Services, vol 6 no 1 & 2, ISSN: 1942-2644, pp1-16, 2013
More details | External link available

An agent based business aware incident detection system for cloud environments
Doelitzscher F, Reich C, Knahl MH, Passfall A, Clarke NL
Journal of Cloud Computing: Advances, Systems and Applications, 1:9, ISSN: 2192-113X, 2012
More details | External link available

Private Cloud for Collaboration and e-Learning Services: from IaaS to SaaS
Doelitzscher F, Sulistio A, Reich C, Kuijs H, Wolf D
Computing, Vol. 91, No. 1, pp23-42, ISSN: 0010-485X, 2011
More details | External link available

Sicherheitsprobleme für IT Outsourcing basierend auf Cloud Computing
Doelitzscher F, Ardelt M, Knahl MH, Reich C
Praxis der Wirtschaftsinformatik, Volume 281, ISSN 1436-3011, 2011
More details | External link available

13 Journal papers

Conference papers

A Forensic Acquisition Based upon A Cluster Analysis of Non-Volatile Memory in IaaS
Alqahtany S, Clarke NL, Furnell SM, Reich C
Anti-Cyber Crimes (ICACC), 2nd International Conference on, pp 123-128, 2017
More details | External link available

Insider Misuse Identification using Transparent Biometrics
Clarke NL, Li F, Alruban A, Furnell SM
Proceedings of the 50th Hawaii International Conference on System Sciences, January 04 - 07, Hawaii USA, 2017
More details | External link available

User profiling from network traffic via novel application-level interactions
Alotibi G, Clarke NL, Li F, Furnell SM
11th International Conference for Internet Technology and Secured Transactions (ICITST), pp 279-285, Barcelona, Spain, 2016
More details | External link available

Activity Recognition using wearable computing
Al-Naffakh N, Clarke NL, Dowland PS, Li F
11th International Conference for Internet Technology and Secured Transactions (ICITST), pp. 189-195, Barcelona, Spain, 2016
More details | External link available

A Forensic Acquisition and Analysis System for IaaS: Architectural Model and Experiment
Alqahtany S, Clarke NL, Furnell SM, Reich C
11th International Conference on Availability, Reliability and Security, 31 August -2 September, 2016
More details | External link available

Proactive Biometric-Enabled Forensic Imprinting
Alruban A, Clarke NL, Li F, Furnell SM
International Conference on Cyber Incident Response, Coordination, Containment & Control (Cyber Incident 2016), June 13-14, London, UK, 2016
Winner of the Best Paper Award (Cyber Incident 2016)
More details

A Survey of Continuous and Transparent Multibiometric Authentication Systems
Al Abdulwahid A, Clarke NL, Furnell SM, Stengel I, Reich C
Proceedings of the 14th European Conference on Cyber Warfare and Security (ECCWS-2015), pp 1-10, ISBN: 978--91081-2-3, ISSN: 204-8610, 2015
More details | External link available

Forensic Investigation of Network Traffic: A Study into the Derivation of Application-Level features from Network-Level Metadata
Li F, Clarke NL, Alotibi G, Joy D
6th Annual International Conference on ICT: Big data, Could and Security (ICT-BDCS 2015), 27-28 July, ISSN: 2382-5669, pp68-73, 2015
More details | External link available

Cloud Forensics: A Review of Challenges, Solutions and Open Problems
Alqahtany S, Clarke NL, Furnell SM, Reich C
Proceedings of the IEEE 2015 International Conference on Cloud Computing (ICCC15), pp 88-96, ISBN 15: 978-1-4673-6618-2, 2015
More details

A Forensically-Enabled IAAS Cloud Computing Architecture
Alqahtany S, Clarke NL, Furnell SM, Reich C
Proceedings of the 12th Australian Digital Forensics Conference, pp75-83, ISBN: 978-0-7298-0719-7, 2014
More details | External link available

A User-oriented Network Forensic Analyser: The Design of a High-Level Protocol Analyser
Joy D, Li F, Clarke NL, Furnell SM
Proceedings of the 12th Australian Digital Forensics Conference, 1-3 December, ECU Joondalup Campus, Perth, Western Australia, pp 84-93, ISBN 978-0-7298-0719-7, 2014
More details

Android Forensics: Correlation Analysis
Kasiaras D, Zafeiropoulos T, Clarke NL, Kambourakis G
9th International Conference for Internet Technology and Secured Transactions (ICITST-2014), London, IEEE Press, 2014
More details

Data Carving using Artificial Headers
Daniel R, Clarke NL, Li F
Proceedings of the 13th Annual Security Conference, Las Vegas, USA, 2014
More details

Cloud Forensics Challenges
Alqahtany S, Clarke NL, Furnell SM
Proceedings of the 7th SSC Saudi Students Conference - UK, pp86-93, ISBN: 9780956904522, 2014
More details | External link available

Towards an Automated Forensic Examiner (AFE) Based upon Criminal Profiling & Artificial Intelligence
Al Fahdi M, Clarke NL, Furnell SM
Proceedings of the 11th Australian Digital Forensics Conference, Perth, Australia, 2-4 December, pp 1-9, ISBN 978-0-7298-0711-1, 2013
More details

A Conceptual Model for Federated Authentication in the Cloud
Al Abdulwahid A, Clarke NL, Furnell SM, Stengel I
Proceedings of the 11th Australian Information Security Management Conference (AISM2013), Perth, Australia, 2-4 December, pp 1-11, ISBN 978-0-7298-0710-4, 2013
More details | External link available

Challenges to Digital Forensics: A Survey of Researchers & Practitioners Attitudes and Opinions
Al Fahdi M, Clarke NL, Furnell SM
Proceedings of ISSA (Information Security South Africa), Johannesburg, 14-16 August, ISBN:978-1-4799-0809-7, 2013
More details

Validating Cloud Infrastructure Changes by Cloud Audits
Doelitzscher F, Fischer C, Moskal D, Reich C, Knahl MH, Clarke NL
Proceedings of the 8th IEEE World Congress on Services (SERVICES2012), ISBN: 978-0-7695-4756-5/12, pp377-384, 2012
More details | External link available

Information Leakage Through Second Hand Usb Flash Drives within the United Kingdom
Chaerani W, Clarke NL, Bolan C
Australian Digital Forensics Conference, Perth, Australia, 5-7 December, 2011
More details

ViteraaS: Virtual Cluster as a Service
Doelitzscher F, Sulistio A, Held M, Reich C
Proceedings of the 3rd IEEE International Conference on Cloud Computing Technology and Science (CloudCom2011), ISBN: 978-0-7695-4622-3/11, pp652-657, 2011
More details | External link available

Incident detection for cloud environments
Doelitzscher F, Reich C, Knahl MH, Clarke NL
Proceedings of the Third International Conference on Emerging Network Intelligence (EMERGING 2011), ISBN: 978-1-61208-174-8, pp100-105, 2011
More details | External link available

An autonomous agent based incident detection system for cloud environments
Doelitzscher F, Reich C, Knahl MH, Clarke NL
Proceedings of the 3rd IEEE International Conference on Cloud Computing Technology and Science (CloudCom2011), ISBN: 978-0-7695-4622-3/11, pp197-204, 2011
More details | External link available

Designing Cloud Services Adhering to Government Privacy Laws
Doelitzscher F, Reich C, Sulistio A
3rd IEEE International Symposium on Trust, Security and Privacy for Emerging Applications (TSP-10), June 29-July 1, Bradford, UK, pp930-935, 2010
More details | External link available

Cloud Infrastructure & Applications - CloudIA
Sulistio A, Reich C, Doelitzscher F
Proceedings of the 1st International Conference on Cloud Computing, ISBN: 978-3-642-10664-4, pp583-588, 2009
More details | External link available

24 Conference papers

Books

Computer Forensics: A Pocket Guide
Clarke NL
IT Governance Publishing, ISBN: 978-1849280396, 80pp, 2010
More details | External link available

1 Books

Edited books

Proceedings of the European Information Security Multi-Conference (EISMC 2013)
Furnell SM, Clarke NL, Katos V
Lisbon, Portugal, 8-10 May, ISBN: 978-1-84102-345-8, pp153, 2013
Support independent publishing: Buy this book on Lulu.
More details | External link available

Proceedings of the Seventh International Workshop on Digital Forensics & Incident Analysis (WDFIA 2012)
Clarke NL, Tryfonas T, Dodge RC
Plymouth University, ISBN: 978-1-84102-316-8, 156pp, 2012
Support independent publishing: Buy this book on Lulu.
More details | External link available

Proceedings of the Sixth International Workshop on Digital Forensics & Incident Analysis (WDFIA 2011)
Clarke NL, Tryfonas T
University of Plymouth, ISBN: 978-1-84102-285-7, 177pp, 2011
Support independent publishing: Buy this book on Lulu.
More details | External link available

Proceedings of the South African Information Security Multi-Conference (SAISMC 2010)
Clarke NL, Furnell SM, von Solms R
University of Plymouth, ISBN: 978-1-84102-256-7, pp291, 2010
Support independent publishing: Buy this book on Lulu.
More details | External link available

Proceedings of the Fourth International Workshop on Digital Forensics & Incident Analysis (WDFIA 2009)
Clarke NL, Tryfonas T
University of Plymouth, ISBN: 978-1-84102-230-7, 126pp, 2009
Support independent publishing: Buy this book on Lulu.
More details

5 Edited books

Contributions to edited books

Understanding Cloud Audits
Doelitzscher F, Reich C, Knahl MH, Clarke NL
in "Privacy and Security for Cloud Computing", Pearson, S. and Yee, G. (Eds.), ISBN 978-1-4471-4188-4, 2012
More details | External link available

Automated Virtual Machine Creation with On-Demand Software Installation
Sulistio A, Doelitzscher F, Reich C
Computer Science Research and Technology, Vol. 3, pp159-177, ISBN: 978-1-61122-074-2, 2011
More details | External link available

2 Contributions to edited books

Patents filed

Method of Associating a Person with a Digital Object
Alruban A, Clarke NL
UK Intellectual Property Office, UK Patent number: GB1609673.7, Filed 02/06/2016, 2016
More details

1 Patents filed

Posters

A Review of Cloud Forensics issues, solutions & open problems
Alqahtany S, Clarke NL, Furnell SM
Proceedings of The 8th Saudi Students Conference, January 31 - February 1, 2015
More details | Download PDF | External link available

Federated Authentication Using the Cloud
Al Abdulwahid A
The Postgraduate Society Conference Series, 27th November, Plymouth University, 2013
More details | Download PDF

2 Posters

Internal publications

Design and Development of Hard Disk Images for use in Computer Forensics
Siddiqui S, Clarke NL
Advances in Communications, Computing, Networks and Security 6, ISBN: 978-1-84102-258-1, pp234-242, 2009
Can be ordered on-line.
More details | Download PDF

Information Security Leakage: A Forensic Analysis of USB Storage Disks
Adam A, Clarke NL
Advances in Communications, Computing, Networks and Security 6, ISBN: 978-1-84102-258-1, pp171-178, 2009
Can be ordered on-line.
More details | Download PDF

2 Internal publications

50 publication(s) - all categories.