Research

Cybercrime Technologies conducts practical and theoretical research, mainly on Digital Investigation topics. This page contains a collection of more formal work being carried out, normally with the Digital Forensic Investigation Research Laboratory (DigitalFIRE).

Current Work

Research

  • Mutual Legal Assistance relating to Digital Evidence
  • Automating human inference in digital investigations
  • Investigation capacity measurement
  • Application of analytical methods
  • Cybercrime Investigation in Space

Training / Education

  • UNODC Cybercrime Investigation Training Development
  • Cybercrime awareness training for all ages with the UNODC
  • SE Asian Law Enforcement Cybercrime and Digital Forensic Investigation Training

Committees

  • TPC, IEEE Trustcom/BigDataSE/ICESS 2017
  • TPC, ARES 2017
  • International Scientific Council, Emirates Forensic
  • Board of Referees, Digital Investigation (Since 2016)
  • TPC Vice-Chair, DFRWS EU 2017
  • TPC, CLOUDFOR 2016
  • TPC, IEEE INTECH 2016
  • TPC, SADFE 2016
  • TPC, Web Chair, ICDF2C 2016
  • TPC, ARES 2016
  • TPC, IEEE TrustCom 2016
  • TPC, Web Chair, ICDF2C 2016
  • Steering Committee Member, ICDF2C (Since 2014)
  • TPC, Digital Forensic Research Workshop EU (DFRWS EU 2016)
  • General Chair, 7th International Conference on Digital Forensics & Cyber Crime
  • Editorial Board, Journal of Digital Forensics, Security and Law (JDFSL)
  • TPC, The 8th International Workshop on Digital Forensics (WSDF 2015)
  • TPC, International Conference on Availability, Reliability and Security (ARES 2015)
  • TPC, 7th IEEE International Workshop on Information Forensics and Security (WIFS 2015)
  • OC, Digital Forensic Investigation Research Workshop EU (DFRWS EU 2015)
  • TPC Chair, 6th International Conference on Digital Forensics & Cyber Crime (ICDF2C 2014)
  • TPC, 5th International Conference on Digital Forensics & Cyber Crime (ICDF2C 2013)
  • Web Chair, 3rd International Conference on Digital Forensics & Cyber Crime (ICDF2C 2011)

Invited reviewer for the following journals:

  • Digital Investigation
  • Journal of Digital Forensics, Security and Law
  • Pervasive and Mobile Computing
  • IEEE Security & Privacy
  • Journal of Criminal Justice
  • Journal of Information Security and Applications
  • Policing: An International Journal of Police Strategies and Management
  • PLOS One

Publications

Some research-related, non-peer reviewed publications may be found at the Digital Forensic Research Group’s website: DigitalFIRE.ucd.ie. Please note, this is a list of work Dr. Joshua I. James has been associated with. Other authors may have no affiliation with Cybercrime Technologies.

This site uses COinS. For full-text articles see my ResearchGate profile.

Articles

  • K. Lee, J. I. James, T. G. Ejeta, and H. Kim, “Electronic Voting Service Using Block-Chain,” Journal of Digital Forensics, Security and Law, vol. 11, no. 2, pp. 123–136, Jun. 2016 [Online]. Available: http://ojs.jdfsl.org/index.php/jdfsl/article/view/414. [Accessed: 29-Sep-2016]
  • J. I. James and Y. Jang, “Digital Investigation First Responder and Preliminary Analyst Requirements,” IIBC, vol. 16, no. 5, pp. 49–54, Oct. 2016 [Online]. Available: http://bit.ly/2iWF4dT
  • J. I. James and P. Gladyshev, “A survey of mutual legal assistance involving digital evidence,” Digital Investigation, vol. 18, pp. 23–32, Sep. 2016 [Online]. Available: http://linkinghub.elsevier.com/retrieve/pii/S174228761630072X. [Accessed: 19-Jul-2016]
  • M. Losavio, Y. Song, J. I. James, A. Marrington, and K. P. Chow, “World Information Order - Privacy and Security in a Hyper-Networked World of Data and Analysis, A,” N. Ky. L. Rev., vol. 42, p. 315, 2015 [Online]. Available: http://heinonline.org/HOL/Page?handle=hein.journals/nkenlr42&id=325&div=&collection=
  • J. I. James and P. Gladyshev, “Automated inference of past action instances in digital investigations,” International Journal of Information Security, vol. 14, no. 3, pp. 249–261, Jun. 2015 [Online]. Available: http://link.springer.com/10.1007/s10207-014-0249-6. [Accessed: 19-Jul-2016]
  • J. I. James and P. Gladyshev, “A Survey of International Cooperation in Digital Investigations,” in Digital Forensics and Cyber Crime, vol. 157, J. I. James and F. Breitinger, Eds. Seoul, South Korea: Springer International Publishing, 2015, pp. 103–114 [Online]. Available: http://link.springer.com/10.1007/978-3-319-25512-5_8. [Accessed: 19-Jul-2016]
  • A. Conway, J. I. James, and P. Gladyshev, “Development and Initial User Evaluation of a Virtual Crime Scene Simulator Including Digital Evidence,” in Digital Forensics and Cyber Crime, vol. 157, J. I. James and F. Breitinger, Eds. Seoul, South Korea: Springer International Publishing, 2015, pp. 16–26 [Online]. Available: http://link.springer.com/10.1007/978-3-319-25512-5_2. [Accessed: 19-Jul-2016]
  • P. Amann and J. I. James, “Designing robustness and resilience in digital investigation laboratories,” Digital Investigation, vol. 12, pp. S111–S120, Mar. 2015 [Online]. Available: http://linkinghub.elsevier.com/retrieve/pii/S174228761500016X. [Accessed: 19-Jul-2016]
  • N. Akatyev and J. I. James, “Cyber Peacekeeping,” in Digital Forensics and Cyber Crime, vol. 157, J. I. James and F. Breitinger, Eds. Seoul, South Korea: Springer International Publishing, 2015, pp. 126–139 [Online]. Available: http://link.springer.com/10.1007/978-3-319-25512-5_10. [Accessed: 19-Jul-2016]
  • J. I. James, “Multi-Stakeholder Case Prioritization in Digital Investigations,” Journal of Digital Forensics, Security and Law, vol. 9, no. 2, pp. 59–72, Sep. 2014 [Online]. Available: http://ojs.jdfsl.org/index.php/jdfsl/article/view/264. [Accessed: 19-Jul-2016]
  • J. I. James, A. F. Shosha, and P. Gladyhsev, “Determining Training Needs for Cloud Infrastructure Investigations Using I-STRIDE,” in Digital Forensics and Cyber Crime, vol. 132, P. Gladyshev, A. Marrington, and I. Baggili, Eds. Cham: Springer International Publishing, 2014, pp. 223–236 [Online]. Available: http://link.springer.com/10.1007/978-3-319-14289-0_15. [Accessed: 19-Jan-2017]
  • J. I. James, A. Lopez-Fernandez, and P. Gladyhsev, “Measuring Accuracy of Automated Parsing and Categorization Tools and Processes in Digital Investigations,” in Digital Forensics and Cyber Crime, vol. 132, P. Gladyshev, A. Marrington, and I. Baggili, Eds. Cham: Springer International Publishing, 2014, pp. 147–169 [Online]. Available: http://link.springer.com/10.1007/978-3-319-14289-0_11. [Accessed: 19-Jul-2016]
  • J. I. James and Y. J. Jang, “Measuring Digital Crime Investigation Capacity to Guide International Crime Prevention Strategies,” in Future Information Technology, vol. 276, J. J. Park, I. Stojmenovic, M. Choi, and F. Xhafa, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2014, pp. 361–366 [Online]. Available: http://link.springer.com/10.1007/978-3-642-40861-8_51. [Accessed: 19-Jul-2016]
  • J. I. James and Y. Jang, “Practical and Legal Challenges of Cloud Investigations,” The Journal of the Institute of Webcasting, Internet and Telecommunication, vol. 14, no. 6, pp. 33–39, Dec. 2014 [Online]. Available: http://bit.ly/2iFoD7r. [Accessed: 19-Jul-2016]
  • N. Son, Y. Lee, D. Kim, J. I. James, S. Lee, and K. Lee, “A study of user data integrity during acquisition of Android devices,” Digital Investigation, vol. 10, pp. S3–S11, Aug. 2013 [Online]. Available: http://linkinghub.elsevier.com/retrieve/pii/S1742287613000479. [Accessed: 19-Jul-2016]
  • A. F. Shosha, J. I. James, A. Hannaway, C.-C. Liu, and P. Gladyshev, “Towards Automated Malware Behavioral Analysis and Profiling for Digital Forensic Investigation Purposes,” in Digital Forensics and Cyber Crime, vol. 114, M. Rogers and K. C. Seigfried-Spellar, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2013, pp. 66–80 [Online]. Available: http://link.springer.com/10.1007/978-3-642-39891-9_5. [Accessed: 19-Jan-2017]
  • M. B. Koopmans and J. I. James, “Automated network triage,” Digital Investigation, vol. 10, no. 2, pp. 129–137, Sep. 2013 [Online]. Available: http://linkinghub.elsevier.com/retrieve/pii/S1742287613000273. [Accessed: 19-Jul-2016]
  • J. I. James and P. Gladyshev, “A survey of digital forensic investigator decision processes and measurement of decisions based on enhanced preview,” Digital Investigation, vol. 10, no. 2, pp. 148–157, Sep. 2013 [Online]. Available: http://linkinghub.elsevier.com/retrieve/pii/S1742287613000340. [Accessed: 19-Jul-2016]
  • A. F. Shosha, J. I. James, and P. Gladyshev, “A Novel Methodology for Malware Intrusion Attack Path Reconstruction,” in Digital Forensics and Cyber Crime, vol. 88, P. Gladyshev and M. K. Rogers, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2012, pp. 131–140 [Online]. Available: http://link.springer.com/10.1007/978-3-642-35515-8_11. [Accessed: 19-Jan-2017]
  • K. Ruan, J. James, J. Carthy, and T. Kechadi, “Key Terms for Service Level Agreements to Support Cloud Forensics,” in Advances in Digital Forensics VIII, vol. 383, G. Peterson and S. Shenoi, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2012, pp. 201–212 [Online]. Available: http://link.springer.com/10.1007/978-3-642-33962-2_14. [Accessed: 19-Jul-2016]
  • J. I. James, P. Gladyshev, and Y. Zhu, “Signature Based Detection of User Events for Post-mortem Forensic Analysis,” in Digital Forensics and Cyber Crime, vol. 53, I. Baggili, Ed. Berlin, Heidelberg: Springer Berlin Heidelberg, 2011, pp. 96–109 [Online]. Available: http://link.springer.com/10.1007/978-3-642-19513-6_8. [Accessed: 19-Jan-2017]
  • Y. Zhu, J. James, and P. Gladyshev, “A Consistency Study of the Windows Registry,” in Advances in Digital Forensics VI, vol. 337, K.-P. Chow and S. Shenoi, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2010, pp. 77–90 [Online]. Available: http://link.springer.com/10.1007/978-3-642-15506-2_6. [Accessed: 19-Jul-2016]
  • J. James, P. Gladyshev, M. T. Abdullah, and Y. Zhu, “Analysis of Evidence Using Formal Event Reconstruction,” in Digital Forensics and Cyber Crime, vol. 31, S. Goel, Ed. Berlin, Heidelberg: Springer Berlin Heidelberg, 2010, pp. 85–98 [Online]. Available: http://link.springer.com/10.1007/978-3-642-11534-9_9. [Accessed: 19-Jan-2017]
  • Y. Zhu, J. James, and P. Gladyshev, “A comparative methodology for the reconstruction of digital events using windows restore points,” Digital Investigation, vol. 6, no. 1–2, pp. 8–15, Sep. 2009 [Online]. Available: http://linkinghub.elsevier.com/retrieve/pii/S1742287609000280. [Accessed: 19-Jul-2016]
  • Y. Zhu, P. Gladyshev, and J. James, “Using shellbag information to reconstruct user activities,” Digital Investigation, vol. 6, pp. S69–S77, Sep. 2009 [Online]. Available: http://linkinghub.elsevier.com/retrieve/pii/S1742287609000413. [Accessed: 19-Jul-2016]
  • Y. Zhu, P. Gladyshev, and J. James, “Temporal Analysis of Windows MRU Registry Keys,” in Advances in Digital Forensics V, vol. 306, G. Peterson and S. Shenoi, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2009, pp. 83–93 [Online]. Available: http://link.springer.com/10.1007/978-3-642-04155-6_6. [Accessed: 19-Jul-2016]

Other Publications

  • Joshua I. James. (2016). Science in brief. Science, 353(6294), 22–24. http://doi.org/10.1126/science.353.6294.22. Available from http://science.sciencemag.org/content/353/6294/22
  • James J.I. Full Speed Ahead to the City on the Hill. Science. 2016; 352 (6288): 886–889. doi: 10.1126/science.aag1520. Available from: http://science.sciencemag.org/content/352/6288/886
  • James J.I. Funding Dreams. Science. 2015; 350 (6256): 30–1. doi: 10.1126/science.350.6256.30. Available from: http://www.sciencemag.org/content/350/6256/30
  • James, J.I. (2015) Brain-Computer Interfaces: the new Trojan defense. VFAC. [Link]
  • James, J. I., Kim, M. S., Choi, J., Lee, S. S., & Kim, E. (2014). A General Approach to Anti-Forensic Activity Detection. eForensics Magazine, vol.3(5). 30–35. [Link]
  • James, J.I. (July, 2013) “An Argument for Assumed Extra-territorial Consent During Cybercrime Investigations.” VFAC Review. Issue 25. Korean Institute of Criminology. [PDF]
  • James, J.I. (April, 2013) “Legal Protest and Distributed Denial of Service”. Virtual Forum Against Cybercrime. Issue 22. Korean Institute of Criminology. [PDF]
  • James, J.I. (2012) “Social Media and Intelligence Gathering”. Virtual Forum Against Cybercrime. Issue 16. Korean Institute of Criminology.
  • James, J.I. and P. Gladyshev. (2010) “2010 Report of digital forensic standards, processes and accuracy measurement.” Retrieved from http://articles.forensicfocus.com/2011/07/21/2010-report-of-digital-forensic-standards-processes-and-accuracy-measurement/
  • James, J.I. (2010) Survey of Evidence and Forensic Tool Usage in Digital Investigations. Dublin, Centre for Cybercrime Investigation, UCD. In corporation with INTERPOL Working Party on IT Crime. http://digitalfire.ucd.ie/?p=858.

Conferences/Presentations

  • Nikolay Akatyev, & Joshua I. James. (2016). Legislative Requirements for Cyber Peacekeeping. In Proceedings of the 2016 International Symposium “Security of Individual, State and Society: Challenges and Perspectives.” Perm, Russian Federation.
  • Sungmi Park, & Joshua I. James. (2016). Possession of Child Exploitation Material in Computer Temporary Internet Cache. In Proceedings of the 2016 International Symposium “Security of Individual, State and Society: Challenges and Perspectives.” Perm, Russian Federation.
  • James, J. I., & Gladyshev, P. (2016). Modeling Timestamp Update Patterns for Automated Event Reconstruction. In Proceedings of the 11th International Conference on the Systematic Approaches to Digital Forensics Engineering (pp. 79–94). Kyoto, Japan.
  • Park, K. J., Park, J.-M., Kim, E.-J., Cheon, C. G., & James, J. I. (2016). Anti-Forensic Trace Detection in Digital Forensic Triage Investigations. In Proceedings of the 11th International Conference on the Systematic Approaches to Digital Forensics Engineering (pp. 21–29). Kyoto, Japan.
  • Akatyev, N., J.I. James. (2015). “Cyber Peacekeeping”. 7th International ICST Conference on Digital Forensics & Cybercrime (ICDF2C). Soeoul, South Korea.
  • James, J.I., P. Gladyshev. (2015) “A Survey of International Cooperation in Digital Investigations”. 7th International ICST Conference on Digital Forensics & Cybercrime (ICDF2C). Soeoul, South Korea.
  • Conway, A., J.I. James, P. Gladyshev. (2015) “Development and Initial User Evaluation of a Virtual Crime Scene Simulator Including Digital Evidence”. 7th International ICST Conference on Digital Forensics & Cybercrime (ICDF2C). Seoul, South Korea.
  • Amann, P., J.I. James. (2015) “Designing Robustness and Resilience in Digital Investigation Laboratories”. DFRWS EU 2015. Dublin, Ireland.
  • James, J. I., P. Gladyshev (2014). “Estimating More Accurate Times of Suspect Actions”. Poster session presented at the World Forensic Festival. Seoul, South Korea.
  • James, J. I., P. Gladyshev (2014). “Inferring Action Instances with Limited Information”. World Forensic Festival. Seoul, South Korea.
  • James, J. I. (2014). “Multi-Stakeholder Case Prioritization in Digital Investigations”. 5th International ICST Conference on Digital Forensics and Cyber Crime (ICDF2C). New Haven, CT. USA.
  • Best Paper Award James, J.I., P. Gladyshev (2013) “Measuring Accuracy of Digital Forensic Analysis Processes”. 5th International ICST Conference on Digital Forensics & Cyber Crime (ICDF2C). Moscow, Russia.
  • James, J.I., A.F. Shosha, P. Gladyshev (2013) “Determining Training Needs for Cloud Infrastructure Investigations using I-STRIDE”. 5th International ICST Conference on Digital Forensics & Cyber Crime (ICDF2C). Moscow, Russia.
  • James, J.I., Jang, Y.J. (2013). “Measuring digital crime investigation capacity to guide international crime prevention strategies”. The 7th International Symposium on Digital Forensics and Information Security.
  • James, J.I., Jang, Y.J. (2013). “An Assessment Model for Cybercrime Investigation Capacity”. In proceedings of the World Crime Forum 1st Asian Regional Conference on Information Security and Cybercrime. Korean Institute of Criminology.
  • Namheun, S., Y. Lee, D. Kim, J.I. James, S. Lee, K. Lee (2013). “A Study of User Data Integrity During Acquisition of Android Devices.” Digital Forensic Research Workshop (DFRWS) 2013.
  • Shosha, A.F., J.I. James, C. Liu, P. Gladyshev. (2012, Sept. 12-14) “Towards Automated Forensic Event Reconstruction of Malicious Code.” Poster session presented at: 15th Symposium on Research in Attacks, Intrusions, and Defenses (RAID12); 2012 Sept. 12-14; Amsterdam, NL.
  • Shosha, A.F., J.I. James, and P. Gladyshev. (2011) “A Novel Methodology for Malware Intrusion Attack Path Reconstruction”. 3rd International ICST Conference on Digital Forensics & Cyber Crime (ICDF2C). Dublin, Ireland.
  • James, J. I., P. Gladyshev. (2011, Oct. 3-7). “Abstract: On communication between Prosecutors, Law Enforcement and Researchers of digital crime.” Forensic Computing Seminar, Schloss Dagstuhl. http://www.dagstuhl.de/11401
  • James, J. I., M. Koopmans, P. Gladyshev. (2011, June 14). Rapid Evidence Acquisition Project for Event Reconstruction. The Sleuth Kit & Open Source Digital Forensics Conference, McLean, VA, Basis Technology. http://www.basistech.com/about-us/events/open-source-forensics-conference/2011/
  • James, J., P. Gladyshev, and Y. Zhu. (2010) “Signature Based Detection of User Events for Post-Mortem Forensic Analysis”. 2nd International ICST Conference on Digital Forensics & Cyber Crime (ICDF2C). Abu Dhabi, UAE.
  • Zhu, Y., P. Gladyshev, and J. James. (2009) “Identifying Newly Updated Data Values of MRU Keys Between Registry Snapshots”. Fifth Annual IFIP WG 11.9 International Conference on Digital Forensics.

Internal Publications

Internal publications are works that constitute a significant amount of novel research, but are not released to the public due to organizational policy. When possible, non-sensitive key findings are extracted and published elsewhere.

  • James, J. I. (2014). Assessment of the Mutual Legal Assistance Process Considering Digital Evidence. United Nations Office on Drugs and Crime.
  • Kang, W, YS Jang, YJ Song, J.I. James. (2014). Status and Countermeasures of Online Pornography. Korean National Police University.
  • Jang, YS, J.I. James (2013). Digital Forensic Investigation Training Development focusing on Developing Countries. KOICA/Korean National Police University.
  • Jeong, CW, YS Jang, YJ Song, J.I. James. (2013). Design of Cyber-Terror Profiling System. Korean National Police Agency.
  • Contributing Author (2012). Implementing a Cybercrime Intelligence Analysis Framework. Institute of Police Science.
  • James, J. I. (2012). An Garda Síochána Preliminary Analysis Unit Process Model Definition and Verification DRAFT 2012-05-17. Dublin: University College Dublin Centre for Cybersecurity and Cybercrime Investigation.
  • James, J. I. (2011). An Garda Síochána Computer Crime Investigation Preliminary Analyst and First Responder Requirements. Dublin: An Garda Síochána.
  • James, J. I. (2011). An Garda Síochána Computer Crime Investigation Capability and Needs Analysis. Dublin: Centre for Cybercrime Investigaiton, UCD.
  • James, J., T. Lu, P. Gladyshev. (2009). Validation of NW3C Results: COFEE v1.1.2 - Runner & NW3C Profiles, INTERPOL.
  • Lu, T., J. James, P. Gladyshev. (2009). Validation of NW3C Results: COFEE GUI CONSOLE v1.1.2, INTERPOL.
  • Contributor. European Working Party on Information Technology Crime, Sections on Live Data Forensics and Encryption Detection. (2009). “Information Technology Crime Investigation Manual”. Published by INTERPOL.

This work is heavily influenced by Dr. Pavel Gladyshev. His work in formalization of digital investigation can be found at formalforensics.org