Zubair Baig, Senior Lecturer, Edith Cowan University

Zubair, tell us a bit about yourself. What do you do, and what does a typical day in your life look like?

I am a senior lecturer of cyber security at Edith Cowan University in Perth, Australia.

I would start out a typical day in my life with a quick skim through my mailbox and prioritizing my responses based on several factors. I would then head out to my work place. If there’s a teaching commitment for the day, I would prepare for my lectures and labs and update the online course material and/or announcements for students.

I set aside around an hour to keep myself at pace with the latest research trends in my discipline. I conduct research training for graduate students and help them prepare their findings for publication. I also actively involve myself in leadership activities including coordination of courses and desigining of new course material.You've recently published a paper that deals with digital forensics challenges for smart cities. What prompted you to conduct this research?

Smart cities of the future will replace traditional cities pretty soon. Like any other technological advancements placing cyber-security at the bottom of the list is the norm, and I’d envisioned the same happening with these cities of the future.


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

My proposal, that was backed by our team of researchers, was to identify these cyber security challenges for smart cities and to enumerate the gaps in knowledge around forensic procedures if they were to be adopted for running investigations on cyber crime in smart cities.

Could you give us an overview of the aims and conclusions of your research?

The aims of this research were to identify the cyber security threat landscape for four components of the smart city namely, smart grids, building automation systems, unmanned aerial vehicles and smart vehicles. In addition, we also highlighted the challenges associated with securely transferring and storing smart city data in the cloud.

The second contribution of this paper was to identify the challenges associated with conducting a forensic investigation on cyber crime carried out against these smart city components.

We noted that a lot of gaps in knowledge had to be filled before the smart city is made secure for its citizens. Moreover, there has to be a mechanism within the planning and development of a smart city to ascertain that all the data that a smart city would generate is securely communicated and stored.

What are some of the potential criminal misuses of smart cities, and how might digital forensic practitioners deal with these?

Smart city traffic can be disrupted by a cyber criminal who installs a piece of malware into the smart city IoT sensors or even the cloud, causing widespread chaos.

Building airconditioning systems can be compromised and may cause temperature control problems for critical infrastructure including hospitals and schools.

A drone can be used for spying into restricted territory and get away with it.

Digital forensic practitioners can deal with these issues by having a proper procedure in place to identify the key data elements obtained from these heterogeneous and disparate data sources, and rapidly performing a forensic analysis on it.

The paper talks about the importance of learning lessons from prior incidents in order to ensure forensic readiness. In your opinion, is this being done with enough regularity at the moment, and if not how can it be improved?

Definitely not! Primarily because the cyber crimes that can be committed against a smart city have not been fully comprehended.

It is only after the intensity and volume of such crimes goes up, is an effort put in by all stakeholders including the law enforcement, government, enterprises and insurance firms, to draft laws, policies and procedures for containing the threat.

It is therefore advisable to have a working committee formed by the government, to tackle the issue of cyber crime and security of citizens in a smart city.

What are some of the main challenges concerning the forensic analysis of data from smart cities?

The key challenges concerning forensic analysis of smart city data are:

1. Heterogeneity in data structures as obtained from variable log types from disparate smart city components
2. Not all IoT devices of the smart city would have the same network architecture and would be operating through varying protocols/standards, encumbering the data massaging process
3. Information laws would have to be separately applied to each of these data categories based on the data source, device type and protocols/standards that were used
4. Methods for data extraction, preservation and analysis may be limited, as the devices of a smart city may be leading out the traditional technology landscape
5. Ad-hoc networks of smart city devices would also make it harder to obtain concrete data from various sources, to help carry out the forensic procedure.

Considering how much data each individual produces, triage is surely a huge concern in smart city data analysis. In your opinion, how might this be addressed?

Only through application of data filtering and feature ranking techniques can the smart city be triaged with a high degree of success.

Importantly, the data obtained from disparate and heterogeneous smart city components must be properly labelled and categorized based on predefined criteria in order to make the triage process efficient.

Are you planning or working on any new research projects at the moment?

Yes, plenty! Our research group is working on securing the Internet of Things (IoT). We are investigating protocol-level security for IoT devices and identifying drone vulnerabilities that a cyber criminal can exploit.

Secondly, we are working on ransomware trait analysis. Thirdly, we are working on intelligent analysis of network security data logs.

Finally, when you're not researching, what do you enjoy doing in your spare time?

I like counselling others and helping out my family and friends with issues that they may be facing. I also play a variety of sports with my wife and kids.

Zubair Baig (CISSP, MIEEE, MACS, B.S. (KFUPM), M.S. (Maryland), Ph.D. (Monash)) is a Senior Lecturer of Cyber Security in the School of Science, Edith Cowan University, Perth, W.A., Australia. He is also affiliated to the Security Research Institute at Edith Cowan University. He has authored over 50 journal and conference articles and book chapters. His research interests are in the areas of cyber-security, artificial intelligence and optimization algorithms. He is serving as the editor of the IET Wireless Sensor Systems Journal and the PSU – A Review Journal, Emerald Publishing House. He has served on numerous technical program committees of international conferences and has delivered three keynote talks on computer security.

Leave a Comment

Latest Videos

In this episode of the Forensic Focus podcast, Si and Desi explore how artificial intelligence is being leveraged to uncover crucial evidence in investigations involving child sexual abuse material (CSAM) and examine the importance of exercising caution when implementing these tools. 

They also discuss a recent murder case in which cyber experts played a vital role in securing a conviction, and explore the unique challenges associated with using digital evidence as an alibi.

Show Notes:

A Practitioner Survey Exploring the Value of Forensic Tools, AI, Filtering, & Safer Presentation for Investigating Child Sexual Abuse Material (CSAM) - https://dfrws.org/wp-content/uploads/2019/06/2019_USA_paper-a_practitioner_survey_exploring_the_value_of_forensic_tools_ai_filtering_safer_presentation_for_investigating_child_sexual_abuse_material_csam.pdf

Man charged with NI murder ‘faked live stream to provide alibi’ (The Guardian) - https://www.theguardian.com/uk-news/2023/feb/02/man-charged-with-ni-faked-live-stream-to-provide-alibi

A YouTuber accused of murder faked a 6-hour livestream to produce an alibi (Sportskeeda) - https://www.sportskeeda.com/esports/news-a-youtuber-accused-murder-faked-6-hour-livestream-produce-alibi

European Interdisciplinary Cybersecurity Conference (EICC) 2023 - https://www.forensicfocus.com/event/european-interdisciplinary-cybersecurity-conference-eicc-2023/#more-493234

YouTuber reportedly faked GTA livestream to have an alibi while he committed murder (Dexerto) - https://www.dexerto.com/entertainment/youtuber-reportedly-faked-gta-livestream-to-have-an-alibi-while-he-committed-murder-2052974/

Forensic Europe Expo - https://www.forensicfocus.com/event/forensic-europe-expo/#more-493225

In this episode of the Forensic Focus podcast, Si and Desi explore how artificial intelligence is being leveraged to uncover crucial evidence in investigations involving child sexual abuse material (CSAM) and examine the importance of exercising caution when implementing these tools.

They also discuss a recent murder case in which cyber experts played a vital role in securing a conviction, and explore the unique challenges associated with using digital evidence as an alibi.

Show Notes:

A Practitioner Survey Exploring the Value of Forensic Tools, AI, Filtering, & Safer Presentation for Investigating Child Sexual Abuse Material (CSAM) - https://dfrws.org/wp-content/uploads/2019/06/2019_USA_paper-a_practitioner_survey_exploring_the_value_of_forensic_tools_ai_filtering_safer_presentation_for_investigating_child_sexual_abuse_material_csam.pdf

Man charged with NI murder ‘faked live stream to provide alibi’ (The Guardian) - https://www.theguardian.com/uk-news/2023/feb/02/man-charged-with-ni-faked-live-stream-to-provide-alibi

A YouTuber accused of murder faked a 6-hour livestream to produce an alibi (Sportskeeda) - https://www.sportskeeda.com/esports/news-a-youtuber-accused-murder-faked-6-hour-livestream-produce-alibi

European Interdisciplinary Cybersecurity Conference (EICC) 2023 - https://www.forensicfocus.com/event/european-interdisciplinary-cybersecurity-conference-eicc-2023/#more-493234

YouTuber reportedly faked GTA livestream to have an alibi while he committed murder (Dexerto) - https://www.dexerto.com/entertainment/youtuber-reportedly-faked-gta-livestream-to-have-an-alibi-while-he-committed-murder-2052974/

Forensic Europe Expo - https://www.forensicfocus.com/event/forensic-europe-expo/#more-493225

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_7QiFTiuY7Vw

AI In CSAM Investigations And The Role Of Digital Evidence In Criminal Cases

Forensic Focus 22nd March 2023 12:44 pm

Throughout the past few years, the way employees communicate with each other has changed forever.<br /><br />69% of employees note that the number of business applications they use at work has increased during the pandemic.<br /><br />Desk phones, LAN lines and even VOIP have become technologies of the past workplace environment as employees turn to cloud applications on their computers and phones to collaborate with each other in today’s workplace environment.<br /><br />Whether it’s conversations in Teams, file uploads in Slack chats, or confidential documents stored in Office 365, the amount of data stored and where it is stored, is growing quicker than IT and systems administrators can keep up with.<br /><br />Corporate investigators and eDiscovery professionals need to seamlessly collect relevant data from cloud sources and accelerate the time to investigative and discovery review.<br /><br />With the latest in Cellebrite’s remote collection suite of capabilities, investigators and legal professionals can benefit from secure collection with targeted capabilities for the most used workplace applications.<br /><br />Join Monica Harris, Product Business Manager, as she showcases how investigators can:<br /><br />- Manage multiple cloud collections through a web interface<br />- Cull data prior to collection to save time and money by gaining these valuable insights of the data available<br />- Collect data from the fastest growing cloud collaboration applications like Office365, Google Workspace, Slack and Box<br />- Login to a single source for workplace app collection without logging into every app and pulling data from multiple sources for every employee<br />- Utilize a single unified collection workflow for computer, mobile and workplace cloud applications without the need to purchase multiple tools for different types of collections – a solution unique to Cellebrite’s enterprise solution capabilities

Throughout the past few years, the way employees communicate with each other has changed forever.

69% of employees note that the number of business applications they use at work has increased during the pandemic.

Desk phones, LAN lines and even VOIP have become technologies of the past workplace environment as employees turn to cloud applications on their computers and phones to collaborate with each other in today’s workplace environment.

Whether it’s conversations in Teams, file uploads in Slack chats, or confidential documents stored in Office 365, the amount of data stored and where it is stored, is growing quicker than IT and systems administrators can keep up with.

Corporate investigators and eDiscovery professionals need to seamlessly collect relevant data from cloud sources and accelerate the time to investigative and discovery review.

With the latest in Cellebrite’s remote collection suite of capabilities, investigators and legal professionals can benefit from secure collection with targeted capabilities for the most used workplace applications.

Join Monica Harris, Product Business Manager, as she showcases how investigators can:

- Manage multiple cloud collections through a web interface
- Cull data prior to collection to save time and money by gaining these valuable insights of the data available
- Collect data from the fastest growing cloud collaboration applications like Office365, Google Workspace, Slack and Box
- Login to a single source for workplace app collection without logging into every app and pulling data from multiple sources for every employee
- Utilize a single unified collection workflow for computer, mobile and workplace cloud applications without the need to purchase multiple tools for different types of collections – a solution unique to Cellebrite’s enterprise solution capabilities

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_g6nTjfEMnsA

Tips And Tricks Data Collection For Cloud Workplace Applications

Forensic Focus 20th March 2023 12:00 pm

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Share to...