Academic cybersecurity and digital forensics research group spanning University College Dublin and South East Technological University.
The Forensics and Security Research Group conducts research in digital forensics, cybersecurity, network investigation, artificial intelligence for forensic workflows, cloud and IoT forensics, and digital forensic education.
Founded in University College Dublin and now expanded through collaboration with South East Technological University, the group works with academic, law-enforcement, and industry partners on research that improves the reliability, scalability, and practical impact of digital investigations.
Latest
VAAS: A novel dual-module framework for image manipulation detection in digital forensics, combining global attention-based anomaly estimation with patch-level self-consistency scoring for interpretable anomaly detection and tamper localization.
This paper presents a novel approach to indoor multimedia geolocation using electrical sockets as consistent indoor markers for geolocation. A three-stage deep learning pipeline detects plug sockets, classifies them into standardized types, and maps them to countries. The approach is evaluated on the Hotels-50K dataset and demonstrates its practical utility for law enforcement in human trafficking investigations.
This paper proposes a computer vision approach to geolocation using universal visual cues, specifically electrical plug sockets, to narrow down the search space for law enforcement in combating crimes such as human trafficking and child exploitation.
The group has new work appearing at DFRWS EU 2026 and in Forensic Science International: Digital Investigation.
Recent Output
IEEE Access Vol. 13
This paper proposes a model architecture that integrates image N-dominant colours and colour histogram vectors with image embedding from deep metric learning and classification perspectives to improve image geolocation in indoor scenes.
Digital Forensics Doctoral Symposium
This paper proposes a low-overhead and non-invasive electromagnetic side-channel monitoring approach for forensic-ready industrial control systems. It uses unintentional electromagnetic radiation emitted by Ethernet network cables to detect denial of service attacks with considerable accuracy, introducing an architecture for ICS infrastructure to be forensic-ready with minimal computational resources.
ACM Digital Threats: Research and Practice pp. 3748264
This paper proposes recommendations for fine-tuning large language models (LLMs) for digital forensics tasks, addressing the gap in existing research. A case study on chat summarization showcases the applicability of the recommendations, evaluating multiple fine-tuned models to assess their performance. The study shares lessons learned from the case study, providing insights into the fine-tuning process, computational power issues, data challenges, and evaluation methods.