PhD Research assistant in Cybercrime Investigation Centre at School of Computer Science and Informatics at University College Dublin. Research interests in Cyber Security, Information Warfare, Cybercrime Investigation and Digital Forensics Computing and Software quality assessment.
Given a disk image of a CCTV system with a non-standard file system, how is the data interpreted?... more Given a disk image of a CCTV system with a non-standard file system, how is the data interpreted? Work has been done in the past detailing the reverse engineering of proprietary file systems and on the process of recovering data from CCTV systems. However, if given a disk image without the CCTV system itself, or if under time constraints, the task becomes much more difficult. This paper explains a different approach to recovering the data and how to make sense of data on a CCTV disk. The method does not require extensive reverse engineering of the CCTV system, or even to have access to the CCTV system itself.
Power and Energy Society General Meeting, 2011 IEEE, Jul 24, 2011
The proposed testbed of the cyber-power system consists of power system simulation, substation au... more The proposed testbed of the cyber-power system consists of power system simulation, substation automation, and the SCADA system. Scenarios for substation cyber security intrusions and anomaly detection concepts have been proposed. An attack tree method can be used to identify vulnerable substations and intrusions through remote access points. Specific substation vulnerability scenarios have been tested. Temporal anomaly is determined by data and information acquired at different time points. This is a metric to determine the anomaly between two snapshots. In a distributed intrusion detection algorithm, distributed agents are trained with a large number of scenarios and intended for real-time applications. In a distributed environment, if an anomaly is detected by one agent, it is able to distribute critical information to other agents in the network.
Given a disk image of a CCTV system with a non-standard file system, how is the data interpreted?... more Given a disk image of a CCTV system with a non-standard file system, how is the data interpreted? Work has been done in the past detailing the reverse engineering of proprietary file systems and on the process of recovering data from CCTV systems. However, if given a disk image without the CCTV system itself, or if under time constraints, the task becomes much more difficult. This paper explains a different approach to recovering the data and how to make sense of data on a CCTV disk. The method does not require extensive reverse engineering of the CCTV system, or even to have access to the CCTV system itself.
Power and Energy Society General Meeting, 2011 IEEE, Jul 24, 2011
The proposed testbed of the cyber-power system consists of power system simulation, substation au... more The proposed testbed of the cyber-power system consists of power system simulation, substation automation, and the SCADA system. Scenarios for substation cyber security intrusions and anomaly detection concepts have been proposed. An attack tree method can be used to identify vulnerable substations and intrusions through remote access points. Specific substation vulnerability scenarios have been tested. Temporal anomaly is determined by data and information acquired at different time points. This is a metric to determine the anomaly between two snapshots. In a distributed intrusion detection algorithm, distributed agents are trained with a large number of scenarios and intended for real-time applications. In a distributed environment, if an anomaly is detected by one agent, it is able to distribute critical information to other agents in the network.
Uploads
Papers by Ahmed Shosha