EDITOR'S WORD

Dear Readers,

Throughout this issue, we will be discussing cryptography and cybersecurity. An excellent topic that incorporates a bit of mystery and really cutting-edge technology. Just take a look at the brief history: the earliest recorded use of cryptography was uncovered in an Egyptian inscription that was carved around 1900 BC. Then, it was known that Julius Caesar used a type of encryption to send covert messages to his army generals. Then, in the 16th century, Vigenere produced a cipher that is credited with being the first to employ an encryption key. After that, German forces utilized the Enigma device during World War II.  Businesses looking to safeguard their data have become interested in cryptography. The accepted industry standard for symmetric encryption is now AES. Today, asymmetric encryption is done using a shared public key and a sender-controlled private key. With the development of communication and technological techniques, encryption and decryption efforts for digital assets have increased. This short history reminds us of the fantastic character of the development. Just keep reading to find out what our authors had to say this time. Start learning now!

I want to express my gratitude to the author, reviewers, and our team for their help and dedication. I hope you enjoy this edition. 

Ewa and the eForensics team
[email protected] 

 

TABLE OF CONTENTS

FORENSIC FUN WITH CRYPTOGRAPHIC DATAFRAMES USING PYTHON 

ISRAEL TORRES

This is a journey into clever and interesting ways to apply cryptographic DataFrames [1] for forensic/anti-forensic purposes using Python3. In a Security Operations Center (SOC), for example, the cybersecurity team needs to determine if a detected threat is targeting their specific organization, or perhaps a temporal drive-by threat that is on the network block scanning around for one reason or another, or even just a misconfigured device installed by a vendor that didn't read the manual or the organizational policies for networked devices. You learn how to work with cryptographic DataFrames for interesting ulterior motives using Python3.

CRYPTOGRAPHY AND THE FRONTIER OF PRIVACY

WILSON MENDES

This article seeks to provide an in-depth exploration of the applications of cryptography in the context of cybersecurity. We'll cover a variety of complex and essential topics, including symmetric and asymmetric key cryptography, encryption algorithms, authentication protocols, digital signatures, and key management. In addition, we will examine practical use cases where encryption plays a critical role in mitigating cyberthreats, such as man-in-the-middle attacks, data tampering and identity theft, and the contradiction with GDPR and LGPD regulations that have angered governments and law enforcement.

CRYPTOGRAPHY AND CYBERSECURITY PARAMOUNT CHALLENGES

PAULO PEREIRA, PHD, DFIR

Modern cryptography played a key role during World War II, especially with the encoding of German messages by the Enigma machine. However, since 1932, the important work of Polish cryptologist Marian Rejewski, who used statistical analysis to break Enigma's encryption, contributed to the cracking of this cryptographic system by Alan Turing and his team. These days, encryption helps protect data in a variety of business and government endeavors. But assuming an attacker could have a quantum computer with enough computing power to factor a prime number of more than 300 digits in their hands, for example, encryption security as it currently exists would be threatened.

SOC MATURITY MODEL

CHIRATH DE ALWIS, NIPUNA MANUJAYA, MOHAMED SINAN, SINGHA DULAIN

In today's interconnected world, where digitization has become pervasive, organizations face increasing cyber threats that can severely impact their operations, reputation, and financial stability. Cyberattacks have grown in sophistication and frequency, making it essential for businesses to adopt robust cybersecurity measures. To counter these evolving threats, organizations are actively embracing Security Operations Centers (SOCs) as a crucial component of their cybersecurity strategy.

HOW CYBER THREAT INTELLIGENCE CAN BE UTILIZED TO ENHANCE SOC

CHIRATH DE ALWIS, UMESHIKA DE SERAM, JETHENDRI WATHSALA PERERA,
H.M.H SANJEEWA, VIDUSHA SHALANI

Organizations in the digital age must contend with a constantly changing list of cyber threats that endangers their operations, sensitive data, and reputation. Security Operations Centers (SOCs) must continuously adapt and enhance their capabilities to stay one step ahead of adversaries. Cyber Threat Intelligence (CTI), which offers invaluable insights into new threats and adversary strategies, is one crucial weapon in this conflict and enables SOCs to proactively defend against cyber-attacks. This article explores the value of cyber threat intelligence, how it can be used to improve SOC capabilities, and the challenges and considerations a company should consider when it comes to cyber security.

HOW MITRE ATT&CK FRAMEWORK CAN BE UTILIZED TO ENHANCE THE SOC CAPABILITIES

CHIRATH DE ALWIS, RUSIRU KASHMEERA, SHERUNI PILAPITIYA, H.A.NEELAKA NILAKSHANA, SULAKSHA PUNSARA JAYAWIKRAMA, CHAMITH SANDARU BANDARA

To better identify and defend against threats, cybersecurity professionals can use the MITRE ATT&CK framework, which is a knowledge base of adversary tactics and techniques. A security operations center's (SOC) ability to identify, investigate, and respond to threats can be greatly enhanced by using the MITRE ATT&CK methodology. Here are some significant uses of the framework.

BREAKING WEAK IMPLEMENTATIONS OF VPN ENCRYPTION AND THE ROLE OF ENTROPY LEVELS

KATE LIBBY

In the modern era, having the ability to work remotely, maintaining solid data security and privacy are paramount. Virtual Private Networks (VPNs) have become essential tools for safeguarding sensitive online communications. VPNs provide a secure and encrypted tunnel between a user's device and a remote server, ensuring that data remains confidential and protected from potential threats. However, not all VPNs and implementations are created equal. Weak implementations of VPN encryption can expose vulnerabilities that malicious actors can exploit, compromising the very security they are intended to provide. In this article, we delve into the intricacies of breaking weak implementations of VPN encryption and explore the pivotal role that entropy levels play in bolstering cryptographic strength.

UNRAVELING DIGITAL MYSTERIES: HOW AI COPILOTS CAN REVOLUTIONIZE DIGITAL FORENSIC INVESTIGATIONS

HANS HENSELER

In hindsight, 2021 was a significant inflection point in the world of artificial intelligence, characterized by remarkable developments in deep learning, manifesting in models such as DALL·E, CLIP and in models that were surpassing GPT-3 in size and ability. These advancements hinted at a future not limited to machines performing computational tasks but also emulating intricate human-like activities. However, it was November 2022, with the emergence of ChatGPT, that the world glimpsed a truly transformative tool, suggesting potential applications even in niches like digital forensics

USING AI TO BREAK THE AUTHENTICATION PROCESS

GEORGE CHRISTOPHER ROCIO

In recent years, we have noticed an increase in the number of crimes in which criminal agents use increasingly sophisticated mechanisms to break the security barrier related to authentication processes. This article highlights the need to adopt Artificial Intelligence (AI) awareness and discusses some devices used by criminal agents to break protection authentication and security barriers and then access Information Systems or resources.  This article aims to inform, warn, and expose the practice of criminal conduct that has been carried out with the use of more sophisticated technologies and is increasingly accessible to a large part of the population.

AI-DRIVEN ANALYSIS IN DIGITAL FORENSICS: UNCOVERING PATTERNS FROM PIXELS 

GREG KIPPER

Digital forensics has become a crucial discipline in solving cybercrimes and uncovering digital evidence in today's ever-evolving landscape of technology and crime. As the volume and complexity of digital data continues to grow, traditional investigative methods are being challenged. However, artificial intelligence (AI) has emerged as a game-changing force that is transforming the field of digital forensics. In this article, we will delve into the world of AI-driven analysis and explore how it is reshaping the way investigators approach digital evidence and solve complex cases.

INTERVIEW WITH CHIRATH DE ALWIS

EWA & EFORENSICS TEAM

I would like to identify myself as a person who loves doing research in the cybersecurity domain and also loves sharing my knowledge and research findings with the community for the betterment of the community.