DFIR.Science conducts theoretical research, practical development and education, mainly on digital investigation topics. This page contains a collection of more formal work being carried out, often with the Digital Forensic Investigation Research Laboratory.

Current Work

Research

  • Child online protection
  • Automating human inference in digital investigations
  • Optimized disk acquisition

Training / Education

For an up to date list of past training sessions and talks, please see my LinkedIn profile. For online lectures see DFIR.Science courses.

Committees

  • Editorial Board, IEEE Security & Privacy Magazine (Digital Forensics, Since 2020)
  • TPC, 2020 11th EAI International Conference on Digital Forensics & Cyber Crime
  • TPC, 2020 Digital Forensic Research Workshop APAC 2020
  • TPC, 2020 Digital Forensic Research Workshop EU 2020
  • TPC, 2019 Digital Forensic Research Workshop 2019
  • TPC, 2019 The 14th International ARES Conference on Availability, Reliability and Security
  • TPC, 2019 Fifteenth Annual IFIP WG 11.9 International Conference on Digital Forensics
  • TPC, 2019 Digital Forensics Research Workshop EU 2019
  • Reviewer, DFIR Review (Since 2019)
  • OC, TPC, 2018 Linking Organized Crime and Cybercrime
  • TPC, 2018 Digital Forensic Research Workshop 2018
  • TPC, 2018 10th EAI International Conference on Digital Forensics & Cyber Crime
  • TPC, 2018 International Conference on Availability, Reliability and Security
  • TPC, 2018 The 4th IEEE International Workshop on Cloud Security and Forensics
  • TPC, 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications
  • TPC, 2018 2nd International Workshop on Cloud Security and Forensics
  • TPC Chair, 2018 Digital Forensic Research Workshop EU 2018
  • TPC, 2017 9th EAI International Conference on Digital Forensics & Cyber Crime
  • TPC, 2017 IEEE Trustcom/BigDataSE/ICESS 2017
  • TPC Vice-Chair, Digital Forensic Research Workshop EU (DFRWS EU 2017)
  • TPC, 2017 The 12th International Conference on Availability, Reliability and Security
  • International Scientific Council, 2016 Emirates Forensic
  • Board of Referees, Digital Investigation (Since 2016) - Forensic Science International: Digital Investigation
  • TPC, 2016 2nd International Workshop on Cloud Security and Forensics
  • TPC Vice-Chair, Digital Forensic Research Workshop EU 2017
  • TPC, CLOUDFOR 2016
  • TPC, IEEE INTECH 2016
  • TPC, SADFE 2016
  • TPC, Web Chair, ICDF2C 2016
  • TPC, ARES 2016
  • TPC, IEEE TrustCom 2016
  • TPC, Web Chair, 8th International Conference on Digital Forensics & Cyber Crime (ICDF2C 2016)
  • Steering Committee Member, ICDF2C (2014 - 2018)
  • TPC, Digital Forensic Research Workshop EU (DFRWS EU 2016)
  • General Chair, 7th International Conference on Digital Forensics & Cyber Crime (ICDF2C 2015)
  • OC, Digital Forensic Research Workshop EU (DFRWS EU 2015)
  • TPC, The 8th International Workshop on Digital Forensics (WSDF 2015)
  • TPC, International Conference on Availability, Reliability and Security (ARES 2015)
  • TPC, 7th IEEE International Workshop on Information Forensics and Security (WIFS 2015)
  • OC, Digital Forensic Investigation Research Workshop EU (DFRWS EU 2015)
  • TPC Chair, 6th International Conference on Digital Forensics & Cyber Crime (ICDF2C 2014)
  • TPC, 5th International Conference on Digital Forensics & Cyber Crime (ICDF2C 2013)
  • Web Chair, 3rd International Conference on Digital Forensics & Cyber Crime (ICDF2C 2011)

Academic Journal Reviews

Publications

  • James, J.I., 2013. Automated Human Inference in Digital Forensic Investigations Using Hypothesis Reduction (Doctoral dissertation, University College Dublin). (PDF)

Updates on Google Scholar. For full-text articles see my ResearchGate profile.

Articles

  • M. Park and J. I. James, “Preliminary Study of a Google Home Mini,” J. Digit. Forensics, vol. 13, no. 3, pp. 163–174, 2019.
  • J. Ham and J. I. James, “A Feature Comparison of Modern Digital Forensic Imaging Software,” J. Inst. Internet, Broadcast. Commun., vol. 19, no. 6, 2019, doi: 10.7236/JIIBC.2019.19.6.15. [Online]. Available: http://koreascience.or.kr/article/JAKO201907752705794.page
  • M. M. Losavio et al., “The juridical spheres for digital forensics and electronic evidence in the insecure electronic world,” Wiley Interdiscip. Rev. Forensic Sci., vol. 1, no. 5, Sep. 2019, doi: 10.1002/wfs2.1337. [Online]. Available: https://onlinelibrary.wiley.com/doi/abs/10.1002/wfs2.1337
  • N. Akatyev and J. I. James, “Evidence identification in IoT networks based on threat assessment,” Futur. Gener. Comput. Syst., vol. 93, pp. 814–821, Apr. 2019, doi: 10.1016/j.future.2017.10.012. [Online]. Available: http://linkinghub.elsevier.com/retrieve/pii/S0167739X17300857. [Accessed: 14-Dec-2017]
  • P. Matousek, O. Rysavy, J. I. James, and Y. Jake Jang, “Interconnecting Education and Research Through International Partnership: IoT Case Study,” in 2018 28th EAEEIE Annual Conference (EAEEIE), 2018, pp. 1–6, doi: 10.1109/EAEEIE.2018.8534248 [Online]. Available: https://ieeexplore.ieee.org/document/8534248/
  • M. M. Losavio, K. P. Chow, A. Koltay, and J. James, “The Internet of Things and the Smart City: Legal challenges with digital forensics, privacy, and security,” Secur. Priv., vol. 1, no. 3, p. e23, May 2018, doi: 10.1002/spy2.23. [Online]. Available: http://doi.wiley.com/10.1002/spy2.23
  • N. Akatyev and J. James, “Legislative Requirements for Cyber Peacekeeping,” J. Digit. Forensics, Secur. Law, vol. 12, no. 3, Oct. 2017, doi: 10.15394/jdfsl.2017.1447. [Online]. Available: https://commons.erau.edu/jdfsl/vol12/iss3/4/
  • S. Park, Y. Jang, and J. James, “Possession of Child Exploitation Material in Computer Temporary Internet Cache,” J. Digit. Forensics, Secur. Law, vol. 12, no. 3, 2017, doi: 10.15394/jdfsl.2017.1446. [Online]. Available: https://commons.erau.edu/jdfsl/vol12/iss3/3
  • J. I. James and Y. Jang, “The Difficulty of Requesting Digital Evidence Using Mutual Legal Assistance Requests,” J. Digit. Forensics, vol. 11, no. 2, 2017 [Online]. Available: http://insight.dbpia.co.kr/article/metrics.do?nodeId=NODE07299110
  • J. I. James and Y. Jang, “Inferring action instances with no prior knowledge in digital investigations,” Information, vol. 20, no. 6, pp. 4153–4162, Jun. 2017.
  • K. Park, J.-M. Park, E. Kim, C. Cheon, and J. James, “Anti-Forensic Trace Detection in Digital Forensic Triage Investigations,” J. Digit. Forensics, Secur. Law, vol. 12, no. 1, Mar. 2017, doi: 10.15394/jdfsl.2017.1421. [Online]. Available: http://commons.erau.edu/jdfsl/vol12/iss1/8
  • J. I. James and Y. Jang, “Update Thresholds of More Accurate Time Stamp for Event Reconstruction,” JIIBC, vol. 17, no. 2, pp. 7–13, Apr. 2017 [Online]. Available: http://www.jiibc.kr/bbs/board.php?bo_table=collect_paper&wr_id=1509&lc=kor
  • J. I. James, “How Businesses Can Speed Up International Cybercrime Investigation,” IEEE Security & Privacy, vol. 15, no. 2, pp. 102–106, 2017 [Online]. Available: http://ieeexplore.ieee.org/document/7891498/. [Accessed: 13-Apr-2017]
  • J. I. James and Y. Jang, “Digital Investigation First Responder and Preliminary Analyst Requirements,” IIBC, vol. 16, no. 5, pp. 49–54, Oct. 2016 [Online]. Available: http://jiibc.iibc.kr/read.php?pageGubun=index&pageNm=article&search=&code=285678&issue=21244&Page=1
  • J. I. James and P. Gladyshev, “A survey of mutual legal assistance involving digital evidence,” Digital Investigation, vol. 18, pp. 23–32, Sep. 2016 [Online]. Available: http://linkinghub.elsevier.com/retrieve/pii/S174228761630072X. [Accessed: 19-Jul-2016]
  • K. Lee, J. I. James, T. G. Ejeta, and H. Kim, “Electronic Voting Service Using Block-Chain,” Journal of Digital Forensics, Security and Law, vol. 11, no. 2, pp. 123–136, Jun. 2016 [Online]. Available: http://ojs.jdfsl.org/index.php/jdfsl/article/view/414. [Accessed: 29-Sep-2016]
  • J. I. James and P. Gladyshev, “Automated inference of past action instances in digital investigations,” International Journal of Information Security, vol. 14, no. 3, pp. 249–261, Jun. 2015 [Online]. Available: http://link.springer.com/10.1007/s10207-014-0249-6. [Accessed: 19-Jul-2016]
  • P. Amann and J. I. James, “Designing robustness and resilience in digital investigation laboratories,” Digital Investigation, vol. 12, pp. S111–S120, Mar. 2015 [Online]. Available: http://linkinghub.elsevier.com/retrieve/pii/S174228761500016X. [Accessed: 19-Jul-2016]
  • M. Losavio, Y. Song, J. I. James, A. Marrington, and K. P. Chow, “World Information Order - Privacy and Security in a Hyper-Networked World of Data and Analysis, A,” N. Ky. L. Rev., vol. 42, p. 315, 2015 [Online]. Available: http://heinonline.org/HOL/Page?handle=hein.journals/nkenlr42&id=325&div=&collection=
  • J. I. James and P. Gladyshev, “A Survey of International Cooperation in Digital Investigations,” in Digital Forensics and Cyber Crime, vol. 157, J. I. James and F. Breitinger, Eds. Seoul, South Korea: Springer International Publishing, 2015, pp. 103–114 [Online]. Available: http://link.springer.com/10.1007/978-3-319-25512-5_8. [Accessed: 19-Jul-2016]
  • A. Conway, J. I. James, and P. Gladyshev, “Development and Initial User Evaluation of a Virtual Crime Scene Simulator Including Digital Evidence,” in Digital Forensics and Cyber Crime, vol. 157, J. I. James and F. Breitinger, Eds. Seoul, South Korea: Springer International Publishing, 2015, pp. 16–26 [Online]. Available: http://link.springer.com/10.1007/978-3-319-25512-5_2. [Accessed: 19-Jul-2016]
  • N. Akatyev and J. I. James, “Cyber Peacekeeping,” in Digital Forensics and Cyber Crime, vol. 157, J. I. James and F. Breitinger, Eds. Seoul, South Korea: Springer International Publishing, 2015, pp. 126–139 [Online]. Available: http://link.springer.com/10.1007/978-3-319-25512-5_10. [Accessed: 19-Jul-2016]
  • J. I. James and Y. Jang, “Practical and Legal Challenges of Cloud Investigations,” The Journal of the Institute of Webcasting, Internet and Telecommunication, vol. 14, no. 6, pp. 33–39, Dec. 2014 [Online]. Available: http://jiibc.iibc.kr/read.php?pageGubun=journalsearch&pageNm=article&search=&journal=��14�� ��6ȣ&code=237818&issue=18011&Page=1&year=2014&searchType=all&searchValue=. [Accessed: 19-Jul-2016]
  • J. I. James, “Multi-Stakeholder Case Prioritization in Digital Investigations,” Journal of Digital Forensics, Security and Law, vol. 9, no. 2, pp. 59–72, Sep. 2014 [Online]. Available: http://ojs.jdfsl.org/index.php/jdfsl/article/view/264. [Accessed: 19-Jul-2016]
  • J. I. James, A. F. Shosha, and P. Gladyhsev, “Determining Training Needs for Cloud Infrastructure Investigations Using I-STRIDE,” in Digital Forensics and Cyber Crime, vol. 132, P. Gladyshev, A. Marrington, and I. Baggili, Eds. Cham: Springer International Publishing, 2014, pp. 223–236 [Online]. Available: http://link.springer.com/10.1007/978-3-319-14289-0_15. [Accessed: 19-Jan-2017]
  • J. I. James, A. Lopez-Fernandez, and P. Gladyhsev, “Measuring Accuracy of Automated Parsing and Categorization Tools and Processes in Digital Investigations,” in Digital Forensics and Cyber Crime, vol. 132, P. Gladyshev, A. Marrington, and I. Baggili, Eds. Cham: Springer International Publishing, 2014, pp. 147–169 [Online]. Available: http://link.springer.com/10.1007/978-3-319-14289-0_11. [Accessed: 19-Jul-2016]
  • J. I. James and Y. J. Jang, “Measuring Digital Crime Investigation Capacity to Guide International Crime Prevention Strategies,” in Future Information Technology, vol. 276, J. J. Park, I. Stojmenovic, M. Choi, and F. Xhafa, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2014, pp. 361–366 [Online]. Available: http://link.springer.com/10.1007/978-3-642-40861-8_51. [Accessed: 19-Jul-2016]
  • M. B. Koopmans and J. I. James, “Automated network triage,” Digital Investigation, vol. 10, no. 2, pp. 129–137, Sep. 2013 [Online]. Available: http://linkinghub.elsevier.com/retrieve/pii/S1742287613000273. [Accessed: 19-Jul-2016]
  • J. I. James and P. Gladyshev, “A survey of digital forensic investigator decision processes and measurement of decisions based on enhanced preview,” Digital Investigation, vol. 10, no. 2, pp. 148–157, Sep. 2013 [Online]. Available: http://linkinghub.elsevier.com/retrieve/pii/S1742287613000340. [Accessed: 19-Jul-2016]
  • N. Son, Y. Lee, D. Kim, J. I. James, S. Lee, and K. Lee, “A study of user data integrity during acquisition of Android devices,” Digital Investigation, vol. 10, pp. S3–S11, Aug. 2013 [Online]. Available: http://linkinghub.elsevier.com/retrieve/pii/S1742287613000479. [Accessed: 19-Jul-2016]
  • A. F. Shosha, J. I. James, A. Hannaway, C.-C. Liu, and P. Gladyshev, “Towards Automated Malware Behavioral Analysis and Profiling for Digital Forensic Investigation Purposes,” in Digital Forensics and Cyber Crime, vol. 114, M. Rogers and K. C. Seigfried-Spellar, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2013, pp. 66–80 [Online]. Available: http://link.springer.com/10.1007/978-3-642-39891-9_5. [Accessed: 19-Jan-2017]
  • A. F. Shosha, J. I. James, and P. Gladyshev, “A Novel Methodology for Malware Intrusion Attack Path Reconstruction,” in Digital Forensics and Cyber Crime, vol. 88, P. Gladyshev and M. K. Rogers, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2012, pp. 131–140 [Online]. Available: http://link.springer.com/10.1007/978-3-642-35515-8_11. [Accessed: 19-Jan-2017]
  • K. Ruan, J. James, J. Carthy, and T. Kechadi, “Key Terms for Service Level Agreements to Support Cloud Forensics,” in Advances in Digital Forensics VIII, vol. 383, G. Peterson and S. Shenoi, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2012, pp. 201–212 [Online]. Available: http://link.springer.com/10.1007/978-3-642-33962-2_14. [Accessed: 19-Jul-2016]
  • J. I. James, P. Gladyshev, and Y. Zhu, “Signature Based Detection of User Events for Post-mortem Forensic Analysis,” in Digital Forensics and Cyber Crime, vol. 53, I. Baggili, Ed. Berlin, Heidelberg: Springer Berlin Heidelberg, 2011, pp. 96–109 [Online]. Available: http://link.springer.com/10.1007/978-3-642-19513-6_8. [Accessed: 19-Jan-2017]
  • Y. Zhu, J. James, and P. Gladyshev, “A Consistency Study of the Windows Registry,” in Advances in Digital Forensics VI, vol. 337, K.-P. Chow and S. Shenoi, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2010, pp. 77–90 [Online]. Available: http://link.springer.com/10.1007/978-3-642-15506-2_6. [Accessed: 19-Jul-2016]
  • J. James, P. Gladyshev, M. T. Abdullah, and Y. Zhu, “Analysis of Evidence Using Formal Event Reconstruction,” in Digital Forensics and Cyber Crime, vol. 31, S. Goel, Ed. Berlin, Heidelberg: Springer Berlin Heidelberg, 2010, pp. 85–98 [Online]. Available: http://link.springer.com/10.1007/978-3-642-11534-9_9. [Accessed: 19-Jan-2017]
  • Y. Zhu, J. James, and P. Gladyshev, “A comparative methodology for the reconstruction of digital events using windows restore points,” Digital Investigation, vol. 6, no. 1–2, pp. 8–15, Sep. 2009 [Online]. Available: http://linkinghub.elsevier.com/retrieve/pii/S1742287609000280. [Accessed: 19-Jul-2016]
  • Y. Zhu, P. Gladyshev, and J. James, “Using shellbag information to reconstruct user activities,” Digital Investigation, vol. 6, pp. S69–S77, Sep. 2009 [Online]. Available: http://linkinghub.elsevier.com/retrieve/pii/S1742287609000413. [Accessed: 19-Jul-2016]
  • Y. Zhu, P. Gladyshev, and J. James, “Temporal Analysis of Windows MRU Registry Keys,” in Advances in Digital Forensics V, vol. 306, G. Peterson and S. Shenoi, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2009, pp. 83–93 [Online]. Available: http://link.springer.com/10.1007/978-3-642-04155-6_6. [Accessed: 19-Jul-2016]

Other Publications

  • Contributor to Outstanding (Korean)
  • D. Steinhauff et al., “NextGen advises ‘Trying to Manage,’” Science (80-. )., vol. 366, no. 6461, pp. 28–30, Oct. 2019, doi: 10.1126/science.aaz5828. [Online]. Available: http://www.sciencemag.org/lookup/doi/10.1126/science.aaz5828
  • J. I. James, “Right to privacy,” Science (80-. )., vol. 358, no. 6359, pp. 37–37, 2017.
  • J. I. James, “[Letters to President Moon] ‘National security includes cybersecurity,’” The Korea Times, 25-May-2017. [Online]. Available: http://www.koreatimes.co.kr/www/tech/2017/05/133_229990.html. [Accessed: 26-May-2017]
  • J. I. James, “When national security turns against you,” The Korea Times, 17-May-2017. [Online]. Available: http://www.koreatimes.co.kr/www/tech/2017/05/133_229498.html. [Accessed: 26-May-2017]
  • J. I. James, “How to prevent ransomware?,” NewsTapa, 15-May-2017. [Online]. Available: http://blog.newstapa.org/joshua/4488. [Accessed: 26-May-2017]
  • R. C. Buckley, D. F. Arcos, D. L. Clinciu, D. Scarf, M. Trinder, E. J. Santee, K. Kirk, T. Watkins, A. Merluzzi, H. A. Shishmahal, R. Morrow, E. D. Maier, F. R. Beardsley, K. da Silva Lopes, J. I. James, H. Qasim, J. Rosenberg, S. Kitsinelis, and S. VanWees, “Why science? Scientists share their stories,” Science, vol. 356, no. 6338, pp. 590–592, May 2017 [Online]. Available: http://www.sciencemag.org/lookup/doi/10.1126/science.aan4988. [Accessed: 12-May-2017]
  • J. I. James, “Science in brief,” Science, vol. 353, no. 6294, pp. 22–24, Jul. 2016 [Online]. Available: http://www.sciencemag.org/cgi/doi/10.1126/science.353.6294.22. [Accessed: 19-Jul-2016]
  • J. I. James, “Full speed ahead to the City on the Hill,” Science, vol. 352, no. 6288, pp. 886–889, May 2016 [Online]. Available: http://www.sciencemag.org/cgi/doi/10.1126/science.aag1520. [Accessed: 21-May-2016]
  • J. I. James, “Funding dreams,” Science, vol. 350, no. 6256, pp. 30–31, Oct. 2015 [Online]. Available: http://www.sciencemag.org/cgi/doi/10.1126/science.350.6256.30. [Accessed: 19-Jul-2016]
  • J. I. James, “Brain-Computer Interfaces: the new Trojan defense,” Virtual Forum Against Cybercrime Review, no. 8, 25-Aug-2015 [Online]. Available: https://www.cybercrimeforum.org/Find/Journals/Read.jsp?paramNttID=4981&paramPage=3
  • J. I. James, M. S. Kim, J. Choi, S. S. Lee, and E. Kim, “A General Approach to Anti-Forensic Activity Detection,” eForensics, vol. 3, no. 5, Mar-2014 [Online]. Available: https://eforensicsmag.com/download/anti-forensics-techniques-detection-and-countermeasures/. [Accessed: 19-Jul-2016]
  • J. I. James, “An Argument for Assumed Extra-territorial Consent During Cybercrime Investigations,” Virtual Forum Against Cybercrime Review, no. 25, Jul-2013 [Online]. Available: http://digitalfire.ucd.ie/wp-content/uploads/2013/08/An-Argument-for-Assumed-Extra-territorial-Consent-During-Cybercrime-Investigations.pdf
  • J. I. James, “Legal Protest and Distributed Denial of Service,” Virtual Forum Against Cybercrime Review, no. 22, Apr-2013 [Online]. Available: http://digitalfire.ucd.ie/wp-content/uploads/2013/03/Legal-Protest-and-Distributed-Denial-of-Service.pdf
  • J. I. James and P. Gladyshev, “Challenges with Automation in Digital Forensic Investigations,” arXiv:1303.4498 [cs], Mar. 2013 [Online]. Available: http://arxiv.org/abs/1303.4498. [Accessed: 19-Jul-2016]
  • J. I. James, “Automated human inference in digital forensic investigations using hypothesis reduction,” University College Dublin, Dublin, 2013 [Online]. Available: https://library.ucd.ie/iii/encore/record/C__Rb2088216
  • J. I. James, “Social Media and Intelligence Gathering,” Virtual Forum Against Cybercrime Review, no. 16, Oct-2012 [Online]. Available: http://digitalfire.ucd.ie/wp-content/uploads/2013/05/Social-Media-and-Intelligence-Gathering.pdf
  • J. I. James and P. Gladyshev, “2010 report of digital forensic standards, processes and accuracy measurement,” Forensic Focus - Articles. 21-Jul-2011 [Online]. Available: https://articles.forensicfocus.com/2011/07/21/2010-report-of-digital-forensic-standards-processes-and-accuracy-measurement/. [Accessed: 04-Jul-2017]
  • J. I. James, “Survey of Evidence and Forensic Tool Usage in Digital Investigations,” Centre for Cybercrime Investigation, Dublin, Ireland, 2010 [Online]. Available: http://digitalfire.ucd.ie/?p=858

Conferences / Presentations

This section will only be updated when there is not an article reference above.

  • K. J. Park, S. M. Park, and J. I. James, “A Case Study of the 2016 Korean Cyber Command Compromise,” in Proceedings of the 16th European Conference on Cyber Warfare and Security, Dublin, Ireland, 2017, vol. ACPI, p. 774.
  • N. Akatyev and J. I. James, “United Nations Digital Blue Helmets as a Starting Point for Cyber Peacekeeping,” in Proceedings of the 16th European Conference on Cyber Warfare and Security, Dublin, Ireland, 2017, vol. ACPI, p. 774.
  • Nikolay Akatyev, & Joshua I. James. (2016). Legislative Requirements for Cyber Peacekeeping. 2016 International Symposium “Security of Individual, State and Society: Challenges and Perspectives.” Perm, Russian Federation.
  • Sungmi Park, & Joshua I. James. (2016). Possession of Child Exploitation Material in Computer Temporary Internet Cache. 2016 International Symposium “Security of Individual, State and Society: Challenges and Perspectives.” Perm, Russian Federation.
  • James, J. I., & Gladyshev, P. (2016). Modeling Timestamp Update Patterns for Automated Event Reconstruction. In Proceedings of the 11th International Conference on the Systematic Approaches to Digital Forensics Engineering (pp. 79–94). Kyoto, Japan.
  • Park, K. J., Park, J.-M., Kim, E.-J., Cheon, C. G., & James, J. I. (2016). Anti-Forensic Trace Detection in Digital Forensic Triage Investigations. In Proceedings of the 11th International Conference on the Systematic Approaches to Digital Forensics Engineering (pp. 21–29). Kyoto, Japan.
  • Akatyev, N., J.I. James. (2015). “Cyber Peacekeeping”. 7th International ICST Conference on Digital Forensics & Cybercrime (ICDF2C). Seoul, South Korea.
  • James, J.I., P. Gladyshev. (2015) “A Survey of International Cooperation in Digital Investigations”. 7th International ICST Conference on Digital Forensics & Cybercrime (ICDF2C). Seoul, South Korea.
  • Conway, A., J.I. James, P. Gladyshev. (2015) “Development and Initial User Evaluation of a Virtual Crime Scene Simulator Including Digital Evidence”. 7th International ICST Conference on Digital Forensics & Cybercrime (ICDF2C). Seoul, South Korea.
  • Amann, P., J.I. James. (2015) “Designing Robustness and Resilience in Digital Investigation Laboratories”. DFRWS EU 2015. Dublin, Ireland.
  • James, J. I., P. Gladyshev (2014). “Estimating More Accurate Times of Suspect Actions”. Poster session presented at the World Forensic Festival. Seoul, South Korea.
  • James, J. I., P. Gladyshev (2014). “Inferring Action Instances with Limited Information”. World Forensic Festival. Seoul, South Korea.
  • James, J. I. (2014). “Multi-Stakeholder Case Prioritization in Digital Investigations”. 5th International ICST Conference on Digital Forensics and Cyber Crime (ICDF2C). New Haven, CT. USA.
  • Best Paper Award James, J.I., P. Gladyshev (2013) “Measuring Accuracy of Digital Forensic Analysis Processes”. 5th International ICST Conference on Digital Forensics & Cyber Crime (ICDF2C). Moscow, Russia.
  • James, J.I., A.F. Shosha, P. Gladyshev (2013) “Determining Training Needs for Cloud Infrastructure Investigations using I-STRIDE”. 5th International ICST Conference on Digital Forensics & Cyber Crime (ICDF2C). Moscow, Russia.
  • James, J.I., Jang, Y.J. (2013). “Measuring digital crime investigation capacity to guide international crime prevention strategies”. The 7th International Symposium on Digital Forensics and Information Security.
  • James, J.I., Jang, Y.J. (2013). “An Assessment Model for Cybercrime Investigation Capacity”. In proceedings of the World Crime Forum 1st Asian Regional Conference on Information Security and Cybercrime. Korean Institute of Criminology.
  • Namheun, S., Y. Lee, D. Kim, J.I. James, S. Lee, K. Lee (2013). “A Study of User Data Integrity During Acquisition of Android Devices.” Digital Forensic Research Workshop (DFRWS) 2013.
  • Shosha, A.F., J.I. James, C. Liu, P. Gladyshev. (2012, Sept. 12-14) “Towards Automated Forensic Event Reconstruction of Malicious Code.” Poster session presented at: 15th Symposium on Research in Attacks, Intrusions, and Defenses (RAID12); 2012 Sept. 12-14; Amsterdam, NL.
  • Shosha, A.F., J.I. James, and P. Gladyshev. (2011) “A Novel Methodology for Malware Intrusion Attack Path Reconstruction”. 3rd International ICST Conference on Digital Forensics & Cyber Crime (ICDF2C). Dublin, Ireland.
  • James, J. I., P. Gladyshev. (2011, Oct. 3-7). “Abstract: On communication between Prosecutors, Law Enforcement and Researchers of digital crime.” Forensic Computing Seminar, Schloss Dagstuhl. http://www.dagstuhl.de/11401
  • James, J. I., M. Koopmans, P. Gladyshev. (2011, June 14). Rapid Evidence Acquisition Project for Event Reconstruction. The Sleuth Kit & Open Source Digital Forensics Conference, McLean, VA, Basis Technology. http://www.basistech.com/about-us/events/open-source-forensics-conference/2011/
  • James, J., P. Gladyshev, and Y. Zhu. (2010) “Signature Based Detection of User Events for Post-Mortem Forensic Analysis”. 2nd International ICST Conference on Digital Forensics & Cyber Crime (ICDF2C). Abu Dhabi, UAE.
  • Zhu, Y., P. Gladyshev, and J. James. (2009) “Identifying Newly Updated Data Values of MRU Keys Between Registry Snapshots”. Fifth Annual IFIP WG 11.9 International Conference on Digital Forensics.

Internal Publications

Internal publications are works that constitute a significant amount of novel research, but are not released to the public due to organizational policy. When possible, non-sensitive key findings are extracted and published elsewhere.

  • James, J. I. (2014). Assessment of the Mutual Legal Assistance Process Considering Digital Evidence. United Nations Office on Drugs and Crime.
  • Kang, W, YS Jang, YJ Song, J.I. James. (2014). Status and Countermeasures of Online Pornography. Korean National Police University.
  • Jang, YS, J.I. James (2013). Digital Forensic Investigation Training Development focusing on Developing Countries. KOICA/Korean National Police University.
  • Jeong, CW, YS Jang, YJ Song, J.I. James. (2013). Design of Cyber-Terror Profiling System. Korean National Police Agency.
  • Contributing Author (2012). Implementing a Cybercrime Intelligence Analysis Framework. Institute of Police Science.
  • James, J. I. (2012). An Garda Síochána Preliminary Analysis Unit Process Model Definition and Verification DRAFT 2012-05-17. Dublin: University College Dublin Centre for Cybersecurity and Cybercrime Investigation.
  • James, J. I. (2011). An Garda Síochána Computer Crime Investigation Preliminary Analyst and First Responder Requirements. Dublin: An Garda Síochána.
  • James, J. I. (2011). An Garda Síochána Computer Crime Investigation Capability and Needs Analysis. Dublin: Centre for Cybercrime Investigation, UCD.
  • James, J., T. Lu, P. Gladyshev. (2009). Validation of NW3C Results: COFEE v1.1.2 - Runner & NW3C Profiles, INTERPOL.
  • Lu, T., J. James, P. Gladyshev. (2009). Validation of NW3C Results: COFEE GUI CONSOLE v1.1.2, INTERPOL.
  • Contributor. European Working Party on Information Technology Crime, Sections on Live Data Forensics and Encryption Detection. (2009). “Information Technology Crime Investigation Manual”. Published by INTERPOL.

This work is heavily influenced by Dr. Pavel Gladyshev. His work in formalization of digital investigation can be found at formalforensics.org