Logo des Repositoriums

Auflistung nach Autor:in "Hildebrandt, Mario"

1 - 4 von 4
  • Konferenzbeitrag
    On performance optimization potentials regarding data classification in forensics
    (Datenbanksysteme für Business, Technologie und Web (BTW 2015) - Workshopband, 2015) Köppen, Veit; Hildebrandt, Mario; Schäler, Martin
    Classification of given data sets according to a training set is one of the essentials bread and butter tools in machine learning. There are several application scenarios, reaching from the detection of spam and non-spam mails to recognition of malicious behavior, or other forensic use cases. To this end, there are several approaches that can be used to train such classifiers. Often, scientists use machine learning suites, such as WEKA, ELKI, or RapidMiner in order to try different classifiers that deliver best results. The basic purpose of these suites is their easy application and extension with new approaches. This, however, results in the property that the implementation of the classifier is and cannot be optimized with respect to response time. This is due to the different focus of these suites. However, we argue that especially in basic research, systematic testing of different promising approaches is the default approach. Thus, optimization for response time should be taken into consideration as well, especially for large scale data sets as they are common for forensic use cases. To this end, we discuss in this paper, in how far well-known approaches from databases can be applied
  • Konferenzbeitrag
    Proposal of a privacy-enhancing fingerprint capture for a decentralized police database system from a legal perspective using the example of Germany and the EU
    (Datenbanksysteme für Business, Technologie und Web (BTW) 2013 - Workshopband, 2013) Pocs, Matthias; Hildebrandt, Mario; Kiltz, Stefan; Dittmann, Jana
    Innovations in biometric and forensic technology promise new use cases for the fight against crime and threats to public security. For example, the police will be able to use a new scanner to capture fingerprint traces from luggage at the airport to detect dangerous manipulations and identify known criminals. Despite these potentially great benefits, such systems also entail risks for society. One aspect of such systems is the biometric and forensic database used to compare fingerprints captured with a wanted list. This paper explores a possible decentralized database system as a solution to risks entailed by central systems. It uses the German and EU law as an example to justify technology design decisions on the basis of the legal requirements.
  • Konferenzbeitrag
    A semantic framework for a better understanding, investigation and prevention of organized financial crime
    (Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit, 2016) Merkel, Ronny; Kraetzer, Christian; Hildebrandt, Mario; Kiltz, Stefan; Kuhlmann, Sven; Dittmann, Jana
    Using semantic technology for data storage and exploration is an important issue in computer science, however barely applied to forensic investigations. In this paper, a conceptual framework is proposed for the detailed modeling of structured domain knowledge in the field of organized financial crime, with a special focus on sparse information (e.g. flows of money, data and know-how, exploited vulnerabilities and attackers motivation) and the proposition of a credibility measure (to rate the reliability of used information based on open source intelligence, expert surveys and captive interviews). In addition to the ontology-based, abstract domain knowledge model, the proposed framework consists of an explorative information discovery functionality, which can couple concrete, case-related data from different knowledge bases with the abstract domain knowledge, to assist experts in the investigation of crimes and the discovery of new relations between different pieces of evidence. The proposed framework is illustrated using the exemplary use case scenario of Point-of-Sale (POS) Skimming. Furthermore, its flexibility, scalability and a potential integration into current and emerging police standards is discussed.
  • Konferenzbeitrag
    A transparent Bridge for forensic sound network traffic data acquisition
    (Sicherheit 2010. Sicherheit, Schutz und Zuverlässigkeit, 2010) Kiltz, Stefan; Hildebrandt, Mario; Altschaffel, Robert; Dittmann, Jana
    In this paper we introduce a prototype that is designed to produce forensic sound network data recordings using inexpensive hardand software, the Linux Forensic Transparent Bridge (LFTB). It supports the investigation of the network communication parameters and the investigation of the payload of network data. The basis for the LFTB is a self-developed model of the forensic process which also addresses forensically relevant data types and considerations for the design of forensic software using software engineering techniques. LFTB gathers forensic evidence to support cases such as malfunctioning hardand software and for investigating malicious activity. In the latter application the stealthy design of the proposed device is beneficial. Experiments as part of a first evaluation show its usability in a support case and a malicious activity scenario. Effects to latency and throughput were tested and limitations for packet recording analysed. A live monitoring scheme warning about potential packet loss endangering evidence has been implemented.