RESEARCH

Mobile Forensics Research: A targeted data extraction system (TDES) for mobile devices is designed and implemented to extract a limited set of user data. Thus, only selective (or filtered) data will be extracted as per the consent available from the witness/victim (user) by implementing state-of-the-art filtering of photos using machine learning techniques.

Socio-technical Digital Forensics Framework: Though data privacy has received significant attention from both technological and legal angles, the two scholarly perspectives rarely combine to expose the interdisciplinary dependencies and synergies inherent in this topic of growing significance to our society. Using the context of digital evidence collection, this project aims at studying legal and technical angles to privacy and security concerns. From the technical side, we research on how the data can be searched in a more targeted fashion and how data can be kept from unauthorized alteration. From the legal side, new technical capabilities will motivate new scholarship on related topics.

IoT Forensics: Our work is the first of a kind for the examination of Nest IoT device artifacts produced by an iPhone and is also the first open-source research to produce a usable forensics tool we name the Forensic Evidence Acquisition and Analysis System (FEAAS). FEAAS consolidates evidentiary data into a readable report that can infer user events (like entering or leaving a home) and what triggered an event (whether it was the Google Assistant through a voice command or the use of an iPhone application).

Wearable Device Forensics: Data collected from wearable devices can help determine truths in witness testimony since these devices document several types of activities of an individual at all times. Increased use of smart home devices also opens a new window for investigators. The collective data extracted from wearables and smart home devices can help investigators view the detailed events that have happened in an environment in a larger context and give them better perspectives in the case under investigation. Our work aims to provide a solution to the challenges faced by the investigators in both extracting and analyzing the sheer volume of extracted data and illustrates techniques to automatically highlight anomalies and correlations in the time series data collected from these devices.

Content hiding (or Vault) apps are a class of applications that allow users to hide photos, videos, documents, and other content securely. In this work, we focus on iOS devices and first describe how to identify such applications from the App Store. We consider not only the US store but also give results for various International App Stores. We developed VIDE which is an automation tool built for Vault app identification, detection, and automated extraction for iOS devices. My most recent work called DECADE is about Deep Learning based content-hiding application detection system for Android. Through feature extraction from descriptions and images of applications followed by various machine learning and deep learning models, the DECADE system successfully identified several content-hiding applications producing various insights about the type, appearance, seclusion, and providence of these applications.

We have also examined the privacy implications observed in hash-tag-based social-media posts (of average users and influencers) by following the trails of online shopping platform(s) product listings, consumer reviews, social-commerce policies, and influencer posts. We have conducted a preliminary analysis considering cyberstalking as one of the avenues that an anonymous stalker may use to impact the social media user negatively. Further, we have conceptualized the trails behind hash-tagging activities in terms of a privacy threat model, the need for practical data analysis tools, and the lack of mitigation strategies at various layers.