Digital Forensics & Incident Response

"tableau usb write blocker" flickr photo by jon crel https://flickr.com/photos/joncrel/8530411859 shared under a Creative Commons (BY-ND) license

“tableau usb write blocker” flickr photo by jon crel https://flickr.com/photos/joncrel/8530411859 shared under a Creative Commons (BY-ND) license

 

Our research informs the collection, analysis, and reporting of digital data to support criminal investigations, and the timely response of incidents.  Our work also benefits from close links with law enforcement agencies within the UK and across Europe.

Contacts:  Vasilis Katos, Alexios Mylonas

Projects: IRecU

Related Publications

  • N. Serketzis, V. Katos, C. Ilioudis, D. Baltatzis, and G. J. Pangalos, “A Socio-Technical Perspective on Threat Intelligence Informed Digital Forensic Readiness,” International Journal of Systems and Society, vol. 4, iss. 2, p. 57–68, 2017.
    [Bibtex]
    @article{seka17,
    author = {Nikolaos Serketzis and Vasilios Katos and Christos Ilioudis and Dimitrios Baltatzis and George J. Pangalos},
    journal = {{International Journal of Systems and Society}},
    publisher = {IGI-Global},
    title = {{A Socio-Technical Perspective on Threat Intelligence Informed Digital Forensic Readiness}},
    volume = {4},
    number = {2},
    pages = {57--68},
    year = {2017}}
  • N. Serketzis, V. Katos, C. Ilioudis, D. Baltatzis, and G. Pangalos, “Towards a threat intelligence informed digital forensics readiness framework,” in Proceedings of the 25th European Conference on Information Systems, 2017.
    [Bibtex]
    @inproceedings{skib17,
    Author = {Nikolaos Serketzis and Vasileios Katos and Christos Ilioudis and Dimitrios Baltatzis and Georgios Pangalos},
    Booktitle = {{Proceedings of the 25th European Conference on Information Systems}},
    Note = {To Appear},
    Publisher = {Association for Information Systems},
    Title = {Towards A Threat Intelligence Informed Digital Forensics Readiness Framework},
    Year = {2017}}
  • I. Tsimperidis, S. Rostami, and V. Katos, “Age Detection Through Keystroke Dynamics from User Authentication Failures,” International journal of digital crime and forensics, vol. 9, iss. 1, p. 1–16, 2016.
    [Bibtex]
    @article{tskr16,
    Author = {I. Tsimperidis and S. Rostami and V. Katos},
    Journal = {International Journal of Digital Crime and Forensics},
    Number = {1},
    Pages = {1--16},
    Title = {{Age Detection Through Keystroke Dynamics from User Authentication Failures}},
    Volume = {9},
    Year = {2016}}
  • P. Bednar and V. Katos, “Diversity networks in digital investigations,” in Proceedings of the 4th international workshop on digital forensics & incident analysis, 2009, p. 63–71.
    [Bibtex]
    @inproceedings{beka09,
    Author = {P. Bednar and V. Katos},
    Booktitle = {Proceedings of the 4th International Workshop on Digital Forensics \& Incident Analysis},
    Pages = {63--71},
    Title = {Diversity Networks in Digital Investigations},
    Year = {2009}}
  • T. Spyridopoulos and V. Katos, “Requirements for a forensically ready cloud storage service,” International journal of digital crime and forensics, vol. 3, iss. 3, p. 19–36, 2011.
    [Bibtex]
    @article{spka111,
    Author = {Theodoros Spyridopoulos and Vasilios Katos},
    Journal = {International Journal of Digital Crime and Forensics},
    Number = {3},
    Pages = {19--36},
    Title = {Requirements for a Forensically Ready Cloud Storage Service},
    Volume = {3},
    Year = {2011}}
  • S. Karayianni, V. Katos, and C. K. Georgiadis, “A framework for password harvesting from volatile memory,” International journal of electronic security and digital forensics, vol. 4, iss. 2/3, p. 154–163, 2012.
    [Bibtex]
    @article{skkg12,
    Author = {Stavroula Karayianni and Vasilios Katos and Christos K. Georgiadis},
    Journal = {International Journal of Electronic Security and Digital Forensics},
    Number = {2/3},
    Pages = {154--163},
    Title = {A framework for password harvesting from volatile memory},
    Volume = {4},
    Year = {2012}}
  • S. Shiaeles, A. Chryssanthou, and V. Katos, “On-scene triage open source forensic tool chests: are they effective?,” Digital investigation, vol. 10, iss. 2, pp. 99-115, 2013.
    [Bibtex]
    @article{shck13,
    Author = {Stavros Shiaeles and Anargyros Chryssanthou and Vasilios Katos},
    Journal = {Digital Investigation},
    Number = {2},
    Pages = {99 - 115},
    Title = {On-scene triage open source forensic tool chests: Are they effective?},
    Volume = {10},
    Year = {2013}}
  • A. Provataki and V. Katos, “Differential malware forensics,” Digital investigation, vol. 10, iss. 4, pp. 311-322, 2013.
    [Bibtex]
    @article{prka13,
    Author = {Athina Provataki and Vasilios Katos},
    Journal = {Digital Investigation},
    Number = {4},
    Pages = {311 - 322},
    Title = {Differential malware forensics},
    Volume = {10},
    Year = {2013}}
  • K. Barmpatsalou, D. Damopoulos, G. Kambourakis, and V. Katos, “A critical review of 7 years of mobile device forensics,” Digital investigation, vol. 10, iss. 4, pp. 323-349, 2013.
    [Bibtex]
    @article{bdkk13,
    Author = {Konstantia Barmpatsalou and Dimitrios Damopoulos and Georgios Kambourakis and Vasilios Katos},
    Journal = {Digital Investigation},
    Number = {4},
    Pages = {323 - 349},
    Title = {A critical review of 7 years of Mobile Device Forensics},
    Volume = {10},
    Year = {2013}}
  • C. Wilson, V. Katos, and C. Strevens, “An interdisciplinary approach to forensic it and forensic psychology education,” in Fifth world conference on information security education, Springer US, 2007, pp. 65-71.
    [Bibtex]
    @incollection{wiks07,
    Author = {Wilson, Clare and Katos, Vasilios and Strevens, Caroline},
    Booktitle = {Fifth World Conference on Information Security Education},
    Pages = {65-71},
    Publisher = {Springer US},
    Title = {An Interdisciplinary Approach to Forensic IT and Forensic Psychology Education},
    Year = {2007}}
  • G. Pangalos and V. Katos, “Information assurance and forensic readiness,” in Next generation society. technological and legal issues, Springer Berlin Heidelberg, 2010, pp. 181-188.
    [Bibtex]
    @incollection{paka10,
    Author = {Pangalos, Georgios and Katos, Vasilios},
    Booktitle = {Next Generation Society. Technological and Legal Issues},
    Pages = {181-188},
    Publisher = {Springer Berlin Heidelberg},
    Title = {Information Assurance and Forensic Readiness},
    Year = {2010}}
  • T. Spyridopoulos and V. Katos, “Towards a forensically ready cloud storage service,” in Proceedings of the 6th international workshop on digital forensics and incident analysis, 2011, p. 93–107.
    [Bibtex]
    @inproceedings{spka11,
    Author = {Theodoros Spyridopoulos and Vasilios Katos},
    Booktitle = {Proceedings of the 6th International Workshop on Digital Forensics and Incident Analysis},
    Pages = {93--107},
    Publisher = {Plymouth University},
    Title = {Towards a forensically ready cloud storage service},
    Year = {2011}}
  • P. Bednar and V. Katos, “Ssd: new challenges for digital forensics,” in Proceedings of the 8th conference of the italian chapter of the association for information systems, 2011.
    [Bibtex]
    @inproceedings{beka11,
    Author = {P. Bednar and V. Katos},
    Booktitle = {Proceedings of the 8th Conference of the Italian Chapter of the Association for Information Systems},
    Title = {SSD: New Challenges for Digital Forensics},
    Year = {2011}}
  • A. Chrysanthou and V. Katos, “Assessing forensic readiness,” in Proceedings of the 7th international workshop on digital forensics and incident analysis, .
    [Bibtex]
    @inproceedings{chka12,
    Author = {Anargyros Chrysanthou and Vasilios Katos},
    Booktitle = {Proceedings of the 7th International Workshop on Digital Forensics and Incident Analysis},
    Publisher = {Plymouth University},
    Title = {Assessing forensic readiness}}
  • I. Tsimperidis and V. Katos, “Keystroke forensics: are you typing on a desktop or a laptop?,” in Proceedings of the 6th balkan conference in informatics, 2013, p. 89–94.
    [Bibtex]
    @inproceedings{tska13,
    Author = {Tsimperidis, Ioannis and Katos, Vasilios},
    Booktitle = {Proceedings of the 6th Balkan Conference in Informatics},
    Pages = {89--94},
    Publisher = {ACM},
    Series = {BCI '13},
    Title = {Keystroke Forensics: Are You Typing on a Desktop or a Laptop?},
    Year = {2013}}
  • C. Tsochatridou, A. Arampatzis, and V. Katos, “Improving digital forensics through data mining,” in Proceedings of the 4th international conference on advances in information mining and management, 2014, p. 20–25.
    [Bibtex]
    @inproceedings{tsak14,
    Author = {C. Tsochatridou and A. Arampatzis and V. Katos},
    Booktitle = {Proceedings of the 4th International Conference on Advances in Information Mining and Management},
    Pages = {20--25},
    Title = {Improving Digital Forensics Through Data Mining},
    Year = {2014}}
  • T. Spyridopoulos and V. Katos, “Data recovery strategies for cloud environments,” in Cybercrime and cloud forensics: applications for investigation processes, IGI Global, 2012, p. 251–265.
    [Bibtex]
    @incollection{spka12,
    Author = {T. Spyridopoulos and V. Katos},
    Booktitle = {Cybercrime and Cloud Forensics: Applications for Investigation Processes},
    Pages = {251--265},
    Publisher = {IGI Global},
    Title = {Data recovery strategies for cloud environments},
    Year = {2012}}
  • [PDF] R. Ali, J. McAlaney, S. Faily, K. Phalp, and V. Katos, “Mitigating Circumstances in Cybercrime: A Position Paper,” in Proceedings of the 3rd International Workshop on Cybercrime and Emerging Web Environments, 2015.
    [Bibtex]
    @inproceedings{aafp15,
    Author = {Raian Ali and John McAlaney and Shamal Faily and Keith Phalp and Vasilos Katos},
    Booktitle = {{Proceedings of the 3rd International Workshop on Cybercrime and Emerging Web Environments}},
    Note = {To Appear},
    Publisher = {IEEE},
    Title = {{Mitigating Circumstances in Cybercrime: A Position Paper}},
    Year = {2015}}