Pavel Gladyshev
University College Dublin, Computer Science, Faculty Member
No permanent magnet on a rotor or coil excitation in the synchronous motor or generator. The rotor is a ferromagnetic material block. It moves the magnetic flux created by stator coil excitation placed on a stator around the stator, like... more
No permanent magnet on a rotor or coil excitation in the synchronous motor or generator. The rotor is a ferromagnetic material block. It moves the magnetic flux created by stator coil excitation placed on a stator around the stator, like rotor with permanent magnet or rotor with coil excitation. For the simulation of the synchronous motor or generator is used Simulink with graphical notation. The Simulink model is simple and visible. The model electrical device consists of two main components: mechanical and electrical. Together, the elements create a device that operates like a control system. Such a representation facilitates analyses and designs of electrical machines. We use a space vector form description of electrical components because the model is correct in transient modes operation. The simulation of the synchronous machine helps design wireless and regular synchronous motors and generators.
Research Interests:
In recent years, the advances in computer hardware and mobile phones have finally met the demand of high-quality Virtual reality (VR) rendering. This has allowed VR simulator training to be extended into new and exciting fields. One of... more
In recent years, the advances in computer hardware and mobile phones have finally met the demand of high-quality Virtual reality (VR) rendering. This has allowed VR simulator training to be extended into new and exciting fields. One of these new-found areas is Crime scene investigative training for inexperienced police officers. It frees the inexperienced officers from the danger of damaging actual crime scenes during their training. The project aims at creating a technical prototype to prepare for making the current existing desktop based Virtual Crime Scene Simulator work in immersive VR. This demonstration paper reports on the implementation and design of this prototype.
Research Interests:
The seminar on Digital Evidence and Forensic Readiness provided the space for interdisciplinary discussions on clearly defined critical aspects of engineering issues, evaluation and processes for secure digital evidence and forensic... more
The seminar on Digital Evidence and Forensic Readiness provided the space for interdisciplinary discussions on clearly defined critical aspects of engineering issues, evaluation and processes for secure digital evidence and forensic readiness. A large gap exists between the state-of-the-art in IT security and best-practice procedures for digital evidence. Experts from IT and law used this seminar to develop a common view on what exactly can be considered secure and admissible digital evidence. In addition to sessions with all participants, a separation of participants for discussing was arranged. The outcome of these working sessions was used in the general discussion to work on a common understanding of the topic. The results of the seminar will lead to new technological developments as well as to new legal views to this points and to a change of organizational measures using ICT. Finally, various open issues and research topics have been identified. In addition to this report, ope...
Research Interests:
Research Interests:
Research Interests: Computer Science, Information Security, Computer Engineering, Forensic Science, User Experience (UX), and 13 moreMorphology, User Interface, Computer Security, Law Enforcement, Open Source, Digital Forensics, Cybercrime, User Interface Design, Morphological Analysis, Computer Law, Electrical and Computer Engineering, Computer Sciences, and Forensic Science and Technology
Abstract The proposed testbed of the cyber‐power system consists of power system simulation, substation automation, and the SCADA system. Scenarios for substation cyber security intrusions and anomaly detection concepts have been... more
Abstract The proposed testbed of the cyber‐power system consists of power system simulation, substation automation, and the SCADA system. Scenarios for substation cyber security intrusions and anomaly detection concepts have been proposed. An attack tree ...
Research Interests: Engineering, Computer Science, Network Security, Power System, Computer Security, and 12 moreAnomaly Detection, Intrusion Detection, Cyber Security, Intrusion Detection System, Real Time Application, Distributed Agents, Remote Access, Power Energy, SCADA system, Power System Simulation, Distributed Environment, and testbed
Research Interests:
Research Interests:
Research Interests:
Inconsistencies in various data structures, such as missing log records and modified operating system files, have long been used by intrusion investigators and forensic analysts as indicators of suspicious activity. This paper describes a... more
Inconsistencies in various data structures, such as missing log records and modified operating system files, have long been used by intrusion investigators and forensic analysts as indicators of suspicious activity. This paper describes a rigorous methodology for developing such inconsistency checks and verifying their correctness. It is based on the use of the B Method–a formal method of software development. The idea of the methodology is to (1) formulate a state-machine model of the (sub) system in which inconsistencies are ...
Research Interests:
Research Interests:
Abstract. When encrypted material is discovered during a digital investigation and the investigator cannot decrypt the material then s/he is faced with the problem of how to determine the evidential value of the material. This research is... more
Abstract. When encrypted material is discovered during a digital investigation and the investigator cannot decrypt the material then s/he is faced with the problem of how to determine the evidential value of the material. This research is proposing a methodology of extracting probative ...
Research Interests:
ABSTRACT Given a disk image of a CCTV system with a non-standard file system, how is the data interpreted? Work has been done in the past detailing the reverse engineering of proprietary file systems and on the process of recovering data... more
ABSTRACT Given a disk image of a CCTV system with a non-standard file system, how is the data interpreted? Work has been done in the past detailing the reverse engineering of proprietary file systems and on the process of recovering data from CCTV systems. However, if given a disk image without the CCTV system itself, or if under time constraints, the task becomes much more difficult. This paper explains a different approach to recovering the data and how to make sense of data on a CCTV disk. The method does not require extensive reverse engineering of the CCTV system, or even to have access to the CCTV system itself.
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
ABSTRACT This work focuses on two studies: a survey of digital forensic investigators' investigation and decision processes, and a study of the accuracy of decisions to exclude an exhibit from receiving further in-depth analysis... more
ABSTRACT This work focuses on two studies: a survey of digital forensic investigators' investigation and decision processes, and a study of the accuracy of decisions to exclude an exhibit from receiving further in-depth analysis based on an enhanced preview. This study describes the surveyed investigators' generalized investigation process model in terms of the investigators' decisions, including social considerations. It is shown that decision-making based on a less in-depth enhanced preview of exhibits helped to accurately exclude unrelated exhibits before receiving an in-depth analysis while always including exhibits that contained relevant suspect data in child exploitation material investigations.
Research Interests:
The paper describes a distributed brute-force attack on RC5 cipher using Java applets. It introduces a novel model for long-term parallel computing based on the abstraction of solvers with limited lifetime. The associated problems and... more
The paper describes a distributed brute-force attack on RC5 cipher using Java applets. It introduces a novel model for long-term parallel computing based on the abstraction of solvers with limited lifetime. The associated problems and scheduling policy are ...
Research Interests:
Research Interests:
Research Interests:
Abstract. A call for formalizing digital forensic investigations has been proposed by academics and practitioners alike [1, 2]. Many currently proposed methods of malware analysis for forensic investigation purposes, however, are derived... more
Abstract. A call for formalizing digital forensic investigations has been proposed by academics and practitioners alike [1, 2]. Many currently proposed methods of malware analysis for forensic investigation purposes, however, are derived based on the investigators ’ practical experience. This paper presents a formal approach for reconstructing the activities of a malicious executable found in a victim’s system during a post-mortem analysis. The behavior of a suspect executable is modeled as a finite state automaton where each state represents behavior that results in an observable modification to the victim’s system. The derived model of the malicious code allows for accurate reasoning and deduction of the occurrence of malicious activities even when anti-forensic methods are employed to disrupt the investigation process.
Research Interests:
Research Interests:
Abstract. A recent emerging trend in the underground economy is malware dissemination as a service. Complex botnet infrastructures are developed to spread and install malware for third-party customers. In this research work, a botnet... more
Abstract. A recent emerging trend in the underground economy is malware dissemination as a service. Complex botnet infrastructures are developed to spread and install malware for third-party customers. In this research work, a botnet forensic investigation model is proposed to investigate and analyze large-scale botnets. The proposed investigation model is applied to a real-world law-enforcement investigation case that involves investigation of a large-scale malware dissemination botnet called BredoLab. The results of the forensic investigation show the effectiveness of the proposed model in assisting law-enforcement to conduct a successful forensic analysis of BredoLab botnet and its related resources.
Research Interests:
As the amount of digital devices suspected of containing digital evidence increases, case backlogs for digital investigations are also increasing in many organizations. To ensure timely investigation of requests, this work proposes the... more
As the amount of digital devices suspected of containing digital evidence increases, case backlogs for digital investigations are also increasing in many organizations. To ensure timely investigation of requests, this work proposes the use of signature-based methods for automated action in-stance approximation to automatically reconstruct past user activities within a compromised or suspect system. This work specifically explores how multiple instances of a user action may be detected using signature-based methods during a post-mortem digital forensic analysis. A system is formally defined as a set of objects, where a subset of objects may be altered on the occurrence of an action. A novel action-trace update time threshold is proposed that enables objects to be categorized by their respective update patterns over time. By integrating time into event re-construction, the most recent action instance approximation as well as limited past instances of the action may be differentiated a...
Research Interests:
Abstract—Forensic analysis of a suspect program is a daily challenge encounters forensic analysts and law-enforcement. It requires determining the behavior of a suspect program found in a computer system subject to investigation and... more
Abstract—Forensic analysis of a suspect program is a daily challenge encounters forensic analysts and law-enforcement. It requires determining the behavior of a suspect program found in a computer system subject to investigation and attempting to reconstruct actions that have been invoked in the system. In this research paper, a forensic analysis approach for suspect programs in an executable binary form is introduced. The proposed approach aims to reconstruct high level forensic actions and approximate action arguments from low level machine instructions; That is, reconstructed actions will assist in forensic inferences of evidence and traces caused by an action invocation in a system subject to forensics investigation.
Research Interests:
The seminar on Digital Evidence and Forensic Readiness provided the space for interdisciplinary discussions on clearly defined critical aspects of engineering issues, evaluation and processes for secure digital evidence and forensic... more
The seminar on Digital Evidence and Forensic Readiness provided the space for interdisciplinary discussions on clearly defined critical aspects of engineering issues, evaluation and processes for secure digital evidence and forensic readiness. A large gap exists between the state-of-the-art in IT security and best-practice procedures for digital evidence. Experts from IT and law used this seminar to develop a common view on what exactly can be considered secure and admissible digital evidence. In addition to sessions with all participants, a separation of participants for discussing was arranged. The outcome of these working sessions was used in the general discussion to work on a common understanding of the topic. The results of the seminar will lead to new technological developments as well as to new legal views to this points and to a change of organizational measures using ICT. Finally, various open issues and research topics have been identified. In addition to this report, ope...
Introduction Nowadays, the Internet represents sufficient technical base for a distributed brute-force attack on block ciphers with the key length up to 56 bits. Over the past two years successful attacks have been made on several popular... more
Introduction Nowadays, the Internet represents sufficient technical base for a distributed brute-force attack on block ciphers with the key length up to 56 bits. Over the past two years successful attacks have been made on several popular ciphers including RC4, RC5, and DES. The "traditional" approach to distributed brute-force cipher breaking employs C programming. The code needs to be manually configured and started on every participating computer. Alternatively, Java applets provide a convenient way for automated attack propagation. Java applets do not require recompiling or manual starting when downloaded from the network. They are as simple to download as browsing a Web page. It makes the attack much easier to distribute and increases the number of potential participants. A suitable cipher breaking contest was started by RSA Data Security on 28 January 1997 [7]. The contest enabled a very straightforward implementation of the brute-force attack in Java. Although our s...
Research Interests:
Despite many research and development efforts in the area of data communications security, importance of internal LAN security is still underestimated. This paper proposes a prospective solution for building of secure encrypted Ethernet... more
Despite many research and development efforts in the area of data communications security, importance of internal LAN security is still underestimated. This paper proposes a prospective solution for building of secure encrypted Ethernet LANs. The architecture presented allows for employment of the existing office network infrastructure, does not require changes to workstations’ software, and provides high level of protection.
Research Interests:
The paper describes the results of the KEYSTONE project developed a unifying reference model (framework) for integrating existing Public Key Infrastructure systems across Europe in a Pan-European Public Key Infrastructure. The major... more
The paper describes the results of the KEYSTONE project developed a unifying reference model (framework) for integrating existing Public Key Infrastructure systems across Europe in a Pan-European Public Key Infrastructure. The major result of the project, the KEYSTONE architecture, is reviewed in this paper, and its elements supporting legal framework and anonymity of users are examined.
Research Interests:
The tampering of the digital crime scene has become more common. When tampering behaviour is successful, it does not leave a trace of either the incriminating evidence or the act of tampering and the digital evidence that digital... more
The tampering of the digital crime scene has become more common. When tampering behaviour is successful, it does not leave a trace of either the incriminating evidence or the act of tampering and the digital evidence that digital investigators seek will be absent. The research into the automatic detection of digital evidence tampering has been ongoing for over one decade. Many approaches had been proposed, but the practical tools for automatic detection of evidence tampering are still missing. Automatic analysis is hard due to the complexity of real-world computers and differences between software installed on different computers. A similar problem exists in medical imaging. Despite the common grand design, every human is unique and complex, and it is hard to come up with the exact rules for detecting lesions in medical images. Visualization for forensic analysis of the data stored on a specific device has received much less attention, while the use of visualization for detection of...
Research Interests:
Research Interests:
Research Interests:
Inconsistencies in various data structures, such as missing log records and modified operating system files, have long been used by intrusion investigators and forensic analysts as indicators of suspicious activity. This paper describes a... more
Inconsistencies in various data structures, such as missing log records and modified operating system files, have long been used by intrusion investigators and forensic analysts as indicators of suspicious activity. This paper describes a rigorous methodology for developing such inconsistency checks and verifying their correctness. It is based on the use of the B Method – a formal method of software development. The idea of the methodology is to (1) formulate a state-machine model of the (sub)system in which inconsistencies are being detected, (2) formulate consistency criteria for the state of that model, (3) rigorously verify correctness of these criteria using the B Method, and (4) automatically search evidential data for violations of the formulated consistency criteria using ConAlyzer utility developed for this purpose. The methodology is illustrated on an FTP server example. Automated checking for inconsistencies in evidential data Much of advanced digital forensics comes from...
Research Interests:
Research Interests:
Cybercrime has been a growing concern for the past two decades. What used to be the responsibility of specialist national police has become routine work for regional and district police. Unfortunately, funding for law enforcement agencies... more
Cybercrime has been a growing concern for the past two decades. What used to be the responsibility of specialist national police has become routine work for regional and district police. Unfortunately, funding for law enforcement agencies is not growing as fast as the amount of digital evidence.In this paper, we present a forensic platform that is tailored for cost effectiveness, extensibility, and ease of use. The software for this platform is open source and can be deployed on practically all commercially available hardware devices such as standard desktop motherboards or embedded systems such as Raspberry Pi and Gizmosphere’s Gizmo board. A novel user interface was designed and implemented, based on Morphological Analysis.