Developing a state of the art methodology & toolkit for ICS SCADA forensics

Olajide, F. 2016. Developing a state of the art methodology & toolkit for ICS SCADA forensics. International Journal of Industrial Control Systems Security. 1 (2), pp. 44-56. https://doi.org/10.20533/ijicss.9781.9083.20346.2016.0005

TitleDeveloping a state of the art methodology & toolkit for ICS SCADA forensics
TypeJournal article
AuthorsOlajide, F.
Abstract

Supervisory Control and Data Acquisition (SCADA) systems are used in different Critical National Infrastructure (CNI), including Electric Power, Oil & Gas, Manufacturing, Utility, Transportation services and others. The underpinning control systems have unique characteristics such as being real-time and safety critical. Therefore interference and disruption of the services from cyber attack poses a significant risk to; the environment, properties, economies and human lives. Responding to such events in not trivial, and recovering the required forensic evidence to understand the cause and consequence of such an event is key. Further, developing a suitable incident response methodology to identify evidential artefacts of the causes of disruption is crucial, should security mechanisms fail. In this paper we present the state of the art methodology forensic toolkit for cyber incident response on Industrial Control System (ICS) environment of SCADA plus evaluate the applicability of current IT forensic tools and the requirements of an 'ICS forensic toolbag'. The research work presents an experimental case study of a malware USB device based attack, a man in the middle attack and a remote access attack.

JournalInternational Journal of Industrial Control Systems Security
Journal citation1 (2), pp. 44-56
Year2016
PublisherInfonomics Society
Publisher's version
File Access Level
Controlled (open metadata, closed files)
Digital Object Identifier (DOI)https://doi.org/10.20533/ijicss.9781.9083.20346.2016.0005
Publication dates
Published06 Dec 2016

Related outputs

Security and Privacy Issues in IoT Healthcare Application for Disabled Users in Developing Economies
Assa-Agyei, K., Olajide, F. and Lotfi, A. 2022. Security and Privacy Issues in IoT Healthcare Application for Disabled Users in Developing Economies. Journal of Internet Technology and Secured Transactions (JITST). 10 (1), pp. 770-779. https://doi.org/10.20533/jitst.2046.3723.2022.0095

Towards the Design of an Intelligent Automation Framework for Business Processes
Olajide, F. 2022. Towards the Design of an Intelligent Automation Framework for Business Processes. The 5th International Conference on Information and Computer Technologies (ICICT 2022). New York City, The United States 04 - 06 Mar 2022 IEEE . https://doi.org/10.1109/ICICT55905.2022.00010

A Cost-benefit Analysis of Information Security Mitigation Methods for ORVIs
Street, J. and Olajide, F. 2021. A Cost-benefit Analysis of Information Security Mitigation Methods for ORVIs. Journal of Internet Technology and Secured Transactions (JITST). 9 (1), pp. 747-755. https://doi.org/10.20533/jitst.2046.3723.2021.0092

Using Hyperledger Fabric Blockchain to Maintain the Integrity of Digital Evidence in a Containerised Cloud Ecosystem
Awuson-David, K., Al-Hadhrami, T., Olajide, F. and Lotfi, A. 2020. Using Hyperledger Fabric Blockchain to Maintain the Integrity of Digital Evidence in a Containerised Cloud Ecosystem. 4th International Conference of Reliable Information and Communication Technology 2019 (IRICT 2019). Johor, Malaysia 22 - 23 Sep 2019 Springer. https://doi.org/10.1007/978-3-030-33582-3_79

A technological approach towards the measurement of enterprise agility
Williams, O C. and Olajide, F. 2020. A technological approach towards the measurement of enterprise agility. 15th Iberian Conference on Information Systems and Technologies (CISTI). Seville, Spain 24 - 27 Jun 2020 IEEE . https://doi.org/10.23919/CISTI49556.2020.9141142

Sensor Network in Automated Hand Hygiene Systems Using IoT for Public Building
Olajide, F. 2020. Sensor Network in Automated Hand Hygiene Systems Using IoT for Public Building. 4th International Conference of Reliable Information and Communication Technology 2019 (IRICT 2019). Johor, Malaysia 22 - 23 Sep 2019 Springer. pp. 463–476 https://doi.org/10.1007/978-3-030-33582-3_44

Exploring process of information systems and information technology for enterprise agility
Williams, O., Olajide, F., Al-Hadhrami, T. and Lotfi, A. 2019. Exploring process of information systems and information technology for enterprise agility. 4th International Conference of Reliable Information and Communication Technology 2019 (IRICT 2019). Johor, Malaysia 22 - 23 Sep 2019 Springer. https://doi.org/10.1007/978-3-030-33582-3_98

Forensic Use Case Analysis of User Input in Windows Application
Olajide, F., Al-hadrami, T. and James-Taylor, A. 2018. Forensic Use Case Analysis of User Input in Windows Application. 3rd International Conference of Reliable Information and Communication Technology (IRICT 2018). Kuala Lumpur, Malaysia 23 - 24 Jul 2018 Springer. https://doi.org/10.1007/978-3-319-99007-1_58

Digital Investigation and Forensic User Analysis
Olajide, F., Al-Hadrami, T. and James-Taylor, A. 2018. Digital Investigation and Forensic User Analysis. 3rd International Conference of Reliable Information and Communication Technology (IRICT 2018). Kuala Lumpur, Malaysia 23 - 24 Jul 2018 Springer. https://doi.org/10.1007/978-3-319-99007-1_59

Power aware routing algorithms (PARA) in wireless mesh networks for emergency management
Olajide, F. 2018. Power aware routing algorithms (PARA) in wireless mesh networks for emergency management. PLoS ONE. 13 (10). https://doi.org/10.1371/journal.pone.0204751

Framework Design for Implementation of Secured TPM on E-commerce
Kennedy, C.G., Cho, D., Olajide, F. and John, S. 2017. Framework Design for Implementation of Secured TPM on E-commerce. 12th International Conference on Cyber Warfare and Security ICCWS 2017. Wright State University with the Air Force Institute of Technology, Dayton, USA ACPI.

Network forensics tools in a mixed-network environment and the adoption of e-voting system in developing countries
Olajide, F. 2016. Network forensics tools in a mixed-network environment and the adoption of e-voting system in developing countries. International Journal of Pharmacy and Technology. 8 (4), pp. 23115-23128.

On the investigation of social network analysis for E-commerce transaction in south-west region of Nigeria
Olajide, F., Adeshakin, K., Misra, S. and Ayo, C.K. 2016. On the investigation of social network analysis for E-commerce transaction in south-west region of Nigeria. International Journal of Pharmacy & Technology. 8 (4).

Towards the investigation of using social network analysis for counter terrorism in West Africa: case study of Boko Haram in Nigeria
Olajide, F. and Adeshakin, K. 2016. Towards the investigation of using social network analysis for counter terrorism in West Africa: case study of Boko Haram in Nigeria. Journal of Engineering Science and Technology. 11 (11), pp. 1629 - 1638.

Realtime fraud detection in the banking sector using data mining techniques/algorithm
Olajide, F. 2016. Realtime fraud detection in the banking sector using data mining techniques/algorithm. 2016 International Conference on Computational Science and Computational Intelligence (CSCI). Las Vegas, NV 15 - 16 Dec 2016 IEEE . https://doi.org/10.1109/CSCI.2016.0224

Sequences of numbers obtained by digit and iterative digit sums of Sophie Germain primes and its variants
Olajide, F. 2016. Sequences of numbers obtained by digit and iterative digit sums of Sophie Germain primes and its variants. Global Journal of Pure and Applied Mathematics. 12 (2), pp. 1473-1480.

Implementation of the enhanced fingerprint authentication in the ATM system using ATmega128
Olajide, F. 2016. Implementation of the enhanced fingerprint authentication in the ATM system using ATmega128. International Conference on Security and Management (SAM). Las Vegas, USA 25 - 28 Jul 2016 The Steering Committee of The World Congress in Computer Science, Computer Engineering and Applied Computing (WorldComp).

Forensic Live Response: Why an Object May be Evidence in the Court of Law?
Olajide, F. 2015. Forensic Live Response: Why an Object May be Evidence in the Court of Law? International Conference on Cyberspace Governance: The Imperative for National and Economic Security (CyberAbuja2015). Abuja 04 - 07 Nov 2015 IEEE .

On some suggested applications of sudoku in information systems security
Olajide, F. 2015. On some suggested applications of sudoku in information systems security. Asian Journal of Information Technology. 14 (4), pp. 117 - 121. https://doi.org/10.36478/ajit.2015.117.121

FALI: Time Memory Information of Windows Computer Systems
Olajide, F. 2013. FALI: Time Memory Information of Windows Computer Systems. International Journal of Intelligent Computing Research. 4 (4).

On the Analysis of Information Found on Windows Application Memory
Olajide, F., Savage, N., Akmayeva, G. and Shoniregun, C.A. 2013. On the Analysis of Information Found on Windows Application Memory. International Journal of Intelligent Computing Research. 4 (2). https://doi.org/10.20533/ijicr.2042.4655.2013.0042

On the Identification of Information Extracted from Windows Physical Memory
Olajide, F. and Savage, N. 2012. On the Identification of Information Extracted from Windows Physical Memory. International Journal for Information Security Research (IJISR). 2 (3), pp. 164-168. https://doi.org/10.20533/ijisr.2042.4639.2012.0020

Extracting Forensically Relevant Information From Windows Applications
Olajide, F., Savage, N., Akmayeva, G. and Shoniregun, C. 2012. Extracting Forensically Relevant Information From Windows Applications. 2012 International Conference on Information Society (i-Society). London, United Kingdom 25 - 28 Jun 2018 IEEE .

Extracting forensically relevant information from windows application
Olajide, F., Savage, N., Akmayeva, G. and Shoniregun, C. 2012. Extracting forensically relevant information from windows application. International Conference on Information Society. London, UK 27 - 29 Jun 2011 IEEE .

Forensic memory evidence of windows application
Olajide, F., Savage, N., Akmayeva, G. and Trafford, R. 2012. Forensic memory evidence of windows application. 2012 International Conference for Internet Technology and Secured Transactions. London, UK 10 - 12 Dec 2012 IEEE .

Digital forensic research—The analysis of user input on volatile memory of Windows application
Olajide, F., Savage, N., Akmayeva, G. and Shoniregun, C. 2012. Digital forensic research—The analysis of user input on volatile memory of Windows application. World Congress on Internet Security (WorldCIS-2012). Guelph, ON, Canada 10 - 12 Jun 2012 IEEE .

Digital Forensic Research and Method of Extracting Relevant Information From Physical Memory Of Windows Systems
Olajide, F. 2011. Digital Forensic Research and Method of Extracting Relevant Information From Physical Memory Of Windows Systems. Fourth International Conference on Internet Technologies and Applications (ITA 11). Glyndwr University, North Wales, UK 06 - 09 Sep 2011

Dispersal of time aspect of information stored on physical memory
Olajide, F. and Savage, N. 2011. Dispersal of time aspect of information stored on physical memory. Cyberforensics 2011 - International conference on cybercrime, security and digital forensics. Glasgow, UK 27 - 28 Jun 2018

Extraction of user information by pattern matching techniques in windows physical memory
Olajide, F. and Savage, N. 2011. Extraction of user information by pattern matching techniques in windows physical memory. Digital Enterprise and Information Systems International Conference, DEIS 2011. London, UK 20 - 22 Jul 2011 Springer. https://doi.org/10.1007/978-3-642-22603-8_40

Forensic extraction of user information in continuous block of evidence
Olajide, F. 2011. Forensic extraction of user information in continuous block of evidence. International Conference on Information Society. London, UK 27 - 29 Jun 2011 IEEE . https://doi.org/10.1109/i-Society18435.2011.5978501

On the extraction of forensically relevant information from physical memory
Olajide, F. 2011. On the extraction of forensically relevant information from physical memory. 2011 World Congress on Internet Security. London, UK 21 - 23 Feb 2011 IEEE . https://doi.org/10.1109/WorldCIS17046.2011.5749861

A Study of Application Level Information From The Volatile Memory of Windows Computer Systems
Olajide, F. 2011. A Study of Application Level Information From The Volatile Memory of Windows Computer Systems. PhD thesis University of Portsmouth

Application Level Evidence and Event Reconstruction
Olajide, F. 2010. Application Level Evidence and Event Reconstruction. Journal of Computing in Systems & Engineering. 10, pp. 171-175.

Application level evidence from volatile memory
Olajide, F. and Savage, N. 2009. Application level evidence from volatile memory. Journal of Computing in Systems and Engineering. 10, pp. 171-175.

Forensic live response and event reconstruction methods in Linux systems
Olajide, F. 2009. Forensic live response and event reconstruction methods in Linux systems. 10th Annual PostGraduate Symposium on The Convergence of Telecommunications, Networking and Broadcasting. 10th Annual PostGraduate Symposium on The Convergence of Telecommunications, Networking and Broadcasting

Permalink - https://westminsterresearch.westminster.ac.uk/item/w4664/developing-a-state-of-the-art-methodology-toolkit-for-ics-scada-forensics


Share this

Usage statistics

28 total views
0 total downloads
These values cover views and downloads from WestminsterResearch and are for the period from September 2nd 2018, when this repository was created.