William Glisson | University of South Alabama (original) (raw)
Uploads
Papers by William Glisson
Medical training devices are becoming increasingly dependent on technology, creating opportunitie... more Medical training devices are becoming increasingly dependent on technology, creating opportunities that are inherently conducive to security breaches. Previous medical device research has focused on individual device security breaches and the technical aspects involved with these breaches. This research examines the viability of breaching a production-deployed medical training mannequin. The results of the proof of concept research indicate that it is possible to breach a medical training mannequin in a live environment. The research contribution is an initial empirical analysis of the viability of compromising a medical training mannequin along with providing the foundation for future research.
The continued amalgamation of Global Positioning Systems (GPS) into everyday activities stimulate... more The continued amalgamation of Global Positioning Systems (GPS) into everyday activities stimulates the idea that these devices will increasingly contribute evidential importance in digital forensics cases. This study investigates the extent to which GPS devices are being used in criminal and civil court cases in the United Kingdom through the inspection of Lexis Nexis, Westlaw, and the British and Irish Legal Information Institute (BAILII) legal databases. The research identified 83 cases which involved GPS evidence from within the United Kingdom and Europe for the time period from 01 June 1993 to 01 June 2013. The initial empirical analysis indicates that GPS evidence in court cases is rising over time and the majority of those court cases are criminal cases.
Industrial reports indicate that security incidents continue to inflict large financial losses on... more Industrial reports indicate that security incidents continue to inflict large financial losses on organizations. Researchers and industrial analysts contend that there are fundamental problems with existing security incident response process solutions. This paper presents the Security Incident Response Criteria (SIRC) which can be applied to a variety of security incident response approaches. The criteria are derived from empirical data based on in-depth interviews conducted within a Global Fortune 500 organization and supporting literature. The research contribution of this paper is twofold. First, the criteria presented in this paper can be used to evaluate existing security incident response solutions and second, as a guide, to support future security incident response improvement initiatives.
2015 48th Hawaii International Conference on System Sciences, 2015
Rethinking Security Incident Response: The Integration of Agile Principles, Aug 1, 2014
In today‟s globally networked environment, information security incidents can inflict s... more In today‟s globally networked environment, information security incidents can inflict staggering financial losses on organizations. Industry reports indicate that fundamental problems exist with the application of current linear plan-driven security incident response approaches being applied in many organizations. Researchers argue that traditional approaches value containment and eradication over incident learning.
While previous security incident response research focused on best practice development, linear plan-driven approaches and the technical aspects of security incident response, very little research investigates the integration of agile principles and practices into the security incident response process. This paper proposes that the integration of disciplined agile principles and practices into the security incident response process is a practical solution to strengthening an organization‟s security incident response posture.
Industrial reports indicate that security incidents continue to inflict large financial losses on... more Industrial reports indicate that security incidents continue to inflict large financial losses on organizations. Researchers and industrial analysts contend that there are fundamental problems with existing security incident response process solutions. This paper presents the Security Incident Response Criteria (SIRC) which can be applied to a variety of security incident response approaches. The criteria are derived from empirical data based on in-depth interviews conducted within a Global Fortune 500 organization and supporting literature. The research contribution of this paper is twofold. First, the criteria presented in this paper can be used to evaluate existing security incident response solutions and second, as a guide, to support future security incident response improvement initiatives.
The purpose of this paper is to encourage the discussion of the potential place and value of digi... more The purpose of this paper is to encourage the discussion of the potential place and value of digital forensics techniques when dealing with acquisitions on removable media in the field of digital curation. It examines a basic computer forensics process, discusses a typical file system for removable media, and raises questions about necessary processes and incentives for addressing data capture in the field of digital curation.
last revision 2413 by tws on 2011-08-09 10:55:05Z Cloud computing is a rapidly evolving technolog... more last revision 2413 by tws on 2011-08-09 10:55:05Z Cloud computing is a rapidly evolving technological phenomenon. Rather than procure, deploy and manage a physical IT infrastructure to host its software applications, organizations are increasingly deploying the same into remote, virtualized environments, which can be hosted and manage by third party providers. This development in the IT landscape has significant implications for digital forensic investigators, toolkit developers and corporate compliance and audit departments. Much of digital forensic practice assumes careful control and management of IT assets (particularly data storage) during the conduct of an investigation. This paper summarises the key aspects of cloud computing and analyses how established digital forensic procedures will be invalidated in this new environment. Several immediate research
Mobile devices, such as phones, tablets and laptops, expose businesses and governments to a multi... more Mobile devices, such as phones, tablets and laptops, expose businesses and governments to a multitude of information security risks. While Information Systems research has focused on the security and privacy aspects from the end-user perspective regarding mobile devices, very little research has been conducted within corporate environments. In this work, thirty-two mobile devices were returned by employees in a global Fortune 500 company. In the empirical analysis, a number of significant security risks were uncovered which may have led to leakage of valuable intellectual property or exposed the organization to future legal conflicts. The research contribution is an initial empirical report highlighting examples of corporate policy breaches by users along with providing a foundation for future research on the security risks of the pervasive presence of mobile devices in corporate environments.
The continued amalgamation of Global Positioning Systems (GPS) into everyday activities stimulate... more The continued amalgamation of Global Positioning Systems (GPS) into everyday activities stimulates the idea that these devices will increasingly contribute evidential importance in digital forensics cases. This study investigates the extent to which GPS devices are being used in criminal and civil court cases in the United Kingdom through the inspection of Lexis Nexis, Westlaw, and the British and Irish Legal Information Institute (BAILII) legal databases. The research identified 83 cases which involved GPS evidence from within the United Kingdom and Europe for the time period from 01 June 1993 to 01 June 2013. The initial empirical analysis indicates that GPS evidence in court cases is rising over time and the majority of those court cases are criminal cases.
In The Cloud Security Ecosystem, edited by Ryan Ko and Kim - Kwang Raymond Choo, Syngress, Boston, Pages 347 - 382
There is a growing demand for cloud storage services such as Dropbox, Box, Syncplicity an... more There is a growing demand for cloud storage services such as Dropbox, Box, Syncplicity and SugarSync. These public cloud storage services can store gigabytes of corporate and personal data in remote data centres around the world, which can then be synchronized to multiple devices. This creates an environment which is potentially conducive to security incidents, data breaches and other malicious activities. The forensic investigation of public cloud environments presents a number of new challenges for the digital forensics community. However, it is anticipated that end-devices such as smartphones, will retain data from these cloud storage services. This research investigates how forensic tools that are currently available to practitioners can be used to provide a practical solution for the problems related to investigating cloud storage environments. The research contribution is threefold. First, the findings from this research support the idea that end-devices which have been used to access cloud storage services can be used to provide a partial view of the evidence stored in the cloud service. Second, the research provides a comparison of the number of files which can be recovered from different versions of cloud storage applications. In doing so, it also supports the idea that amalgamating the files recovered from more than one device can result in the recovery of a more complete dataset. Third, the chapter contributes to the documentation and evidentiary discussion of the artefacts created from specific cloud storage applications and different versions of these applications on iOS and Android smartphones.
2013 46th Hawaii International Conference on System Sciences, 2013
Proceedings of the 5th Information Interaction in Context Symposium on - IIiX '14, 2014
IFIP Advances in Information and Communication Technology, 2013
2014 47th Hawaii International Conference on System Sciences, 2014
2013 46th Hawaii International Conference on System Sciences, 2013
ABSTRACT The magnification of mobile devices in everyday life prompts the idea that these devices... more ABSTRACT The magnification of mobile devices in everyday life prompts the idea that these devices will increasingly have evidential value in criminal cases. While this may have been assumed in digital forensics communities, there has been no empirical evidence to support this idea. This research investigates the extent to which mobile phones are being used in criminal proceedings in the United Kingdom thorough the examination of appeal judgments retrieved from the Westlaw, Lexis Nexis and British and Irish Legal Information Institute (BAILII) legal databases. The research identified 537 relevant appeal cases from a dataset of 12,763 criminal cases referring to mobile phones for a period ranging from 1st of January, 2006 to 31st of July, 2011. The empirical analysis indicates that mobile phone evidence is rising over time with some correlations to particular crimes.
Medical training devices are becoming increasingly dependent on technology, creating opportunitie... more Medical training devices are becoming increasingly dependent on technology, creating opportunities that are inherently conducive to security breaches. Previous medical device research has focused on individual device security breaches and the technical aspects involved with these breaches. This research examines the viability of breaching a production-deployed medical training mannequin. The results of the proof of concept research indicate that it is possible to breach a medical training mannequin in a live environment. The research contribution is an initial empirical analysis of the viability of compromising a medical training mannequin along with providing the foundation for future research.
The continued amalgamation of Global Positioning Systems (GPS) into everyday activities stimulate... more The continued amalgamation of Global Positioning Systems (GPS) into everyday activities stimulates the idea that these devices will increasingly contribute evidential importance in digital forensics cases. This study investigates the extent to which GPS devices are being used in criminal and civil court cases in the United Kingdom through the inspection of Lexis Nexis, Westlaw, and the British and Irish Legal Information Institute (BAILII) legal databases. The research identified 83 cases which involved GPS evidence from within the United Kingdom and Europe for the time period from 01 June 1993 to 01 June 2013. The initial empirical analysis indicates that GPS evidence in court cases is rising over time and the majority of those court cases are criminal cases.
Industrial reports indicate that security incidents continue to inflict large financial losses on... more Industrial reports indicate that security incidents continue to inflict large financial losses on organizations. Researchers and industrial analysts contend that there are fundamental problems with existing security incident response process solutions. This paper presents the Security Incident Response Criteria (SIRC) which can be applied to a variety of security incident response approaches. The criteria are derived from empirical data based on in-depth interviews conducted within a Global Fortune 500 organization and supporting literature. The research contribution of this paper is twofold. First, the criteria presented in this paper can be used to evaluate existing security incident response solutions and second, as a guide, to support future security incident response improvement initiatives.
2015 48th Hawaii International Conference on System Sciences, 2015
Rethinking Security Incident Response: The Integration of Agile Principles, Aug 1, 2014
In today‟s globally networked environment, information security incidents can inflict s... more In today‟s globally networked environment, information security incidents can inflict staggering financial losses on organizations. Industry reports indicate that fundamental problems exist with the application of current linear plan-driven security incident response approaches being applied in many organizations. Researchers argue that traditional approaches value containment and eradication over incident learning.
While previous security incident response research focused on best practice development, linear plan-driven approaches and the technical aspects of security incident response, very little research investigates the integration of agile principles and practices into the security incident response process. This paper proposes that the integration of disciplined agile principles and practices into the security incident response process is a practical solution to strengthening an organization‟s security incident response posture.
Industrial reports indicate that security incidents continue to inflict large financial losses on... more Industrial reports indicate that security incidents continue to inflict large financial losses on organizations. Researchers and industrial analysts contend that there are fundamental problems with existing security incident response process solutions. This paper presents the Security Incident Response Criteria (SIRC) which can be applied to a variety of security incident response approaches. The criteria are derived from empirical data based on in-depth interviews conducted within a Global Fortune 500 organization and supporting literature. The research contribution of this paper is twofold. First, the criteria presented in this paper can be used to evaluate existing security incident response solutions and second, as a guide, to support future security incident response improvement initiatives.
The purpose of this paper is to encourage the discussion of the potential place and value of digi... more The purpose of this paper is to encourage the discussion of the potential place and value of digital forensics techniques when dealing with acquisitions on removable media in the field of digital curation. It examines a basic computer forensics process, discusses a typical file system for removable media, and raises questions about necessary processes and incentives for addressing data capture in the field of digital curation.
last revision 2413 by tws on 2011-08-09 10:55:05Z Cloud computing is a rapidly evolving technolog... more last revision 2413 by tws on 2011-08-09 10:55:05Z Cloud computing is a rapidly evolving technological phenomenon. Rather than procure, deploy and manage a physical IT infrastructure to host its software applications, organizations are increasingly deploying the same into remote, virtualized environments, which can be hosted and manage by third party providers. This development in the IT landscape has significant implications for digital forensic investigators, toolkit developers and corporate compliance and audit departments. Much of digital forensic practice assumes careful control and management of IT assets (particularly data storage) during the conduct of an investigation. This paper summarises the key aspects of cloud computing and analyses how established digital forensic procedures will be invalidated in this new environment. Several immediate research
Mobile devices, such as phones, tablets and laptops, expose businesses and governments to a multi... more Mobile devices, such as phones, tablets and laptops, expose businesses and governments to a multitude of information security risks. While Information Systems research has focused on the security and privacy aspects from the end-user perspective regarding mobile devices, very little research has been conducted within corporate environments. In this work, thirty-two mobile devices were returned by employees in a global Fortune 500 company. In the empirical analysis, a number of significant security risks were uncovered which may have led to leakage of valuable intellectual property or exposed the organization to future legal conflicts. The research contribution is an initial empirical report highlighting examples of corporate policy breaches by users along with providing a foundation for future research on the security risks of the pervasive presence of mobile devices in corporate environments.
The continued amalgamation of Global Positioning Systems (GPS) into everyday activities stimulate... more The continued amalgamation of Global Positioning Systems (GPS) into everyday activities stimulates the idea that these devices will increasingly contribute evidential importance in digital forensics cases. This study investigates the extent to which GPS devices are being used in criminal and civil court cases in the United Kingdom through the inspection of Lexis Nexis, Westlaw, and the British and Irish Legal Information Institute (BAILII) legal databases. The research identified 83 cases which involved GPS evidence from within the United Kingdom and Europe for the time period from 01 June 1993 to 01 June 2013. The initial empirical analysis indicates that GPS evidence in court cases is rising over time and the majority of those court cases are criminal cases.
In The Cloud Security Ecosystem, edited by Ryan Ko and Kim - Kwang Raymond Choo, Syngress, Boston, Pages 347 - 382
There is a growing demand for cloud storage services such as Dropbox, Box, Syncplicity an... more There is a growing demand for cloud storage services such as Dropbox, Box, Syncplicity and SugarSync. These public cloud storage services can store gigabytes of corporate and personal data in remote data centres around the world, which can then be synchronized to multiple devices. This creates an environment which is potentially conducive to security incidents, data breaches and other malicious activities. The forensic investigation of public cloud environments presents a number of new challenges for the digital forensics community. However, it is anticipated that end-devices such as smartphones, will retain data from these cloud storage services. This research investigates how forensic tools that are currently available to practitioners can be used to provide a practical solution for the problems related to investigating cloud storage environments. The research contribution is threefold. First, the findings from this research support the idea that end-devices which have been used to access cloud storage services can be used to provide a partial view of the evidence stored in the cloud service. Second, the research provides a comparison of the number of files which can be recovered from different versions of cloud storage applications. In doing so, it also supports the idea that amalgamating the files recovered from more than one device can result in the recovery of a more complete dataset. Third, the chapter contributes to the documentation and evidentiary discussion of the artefacts created from specific cloud storage applications and different versions of these applications on iOS and Android smartphones.
2013 46th Hawaii International Conference on System Sciences, 2013
Proceedings of the 5th Information Interaction in Context Symposium on - IIiX '14, 2014
IFIP Advances in Information and Communication Technology, 2013
2014 47th Hawaii International Conference on System Sciences, 2014
2013 46th Hawaii International Conference on System Sciences, 2013
ABSTRACT The magnification of mobile devices in everyday life prompts the idea that these devices... more ABSTRACT The magnification of mobile devices in everyday life prompts the idea that these devices will increasingly have evidential value in criminal cases. While this may have been assumed in digital forensics communities, there has been no empirical evidence to support this idea. This research investigates the extent to which mobile phones are being used in criminal proceedings in the United Kingdom thorough the examination of appeal judgments retrieved from the Westlaw, Lexis Nexis and British and Irish Legal Information Institute (BAILII) legal databases. The research identified 537 relevant appeal cases from a dataset of 12,763 criminal cases referring to mobile phones for a period ranging from 1st of January, 2006 to 31st of July, 2011. The empirical analysis indicates that mobile phone evidence is rising over time with some correlations to particular crimes.