Academic cybersecurity and digital forensics research group spanning University College Dublin and South East Technological University.
The Forensics and Security Research Group conducts research in digital forensics, cybersecurity, network investigation, artificial intelligence for forensic workflows, cloud and IoT forensics, and digital forensic education.
Founded in University College Dublin and now expanded through collaboration with South East Technological University, the group works with academic, law-enforcement, and industry partners on research that improves the reliability, scalability, and practical impact of digital investigations.
Latest
VAAS: A novel dual-module framework for image manipulation detection in digital forensics, combining global attention-based anomaly estimation with patch-level self-consistency scoring for interpretable anomaly detection and tamper localization.
This paper presents a novel approach to indoor multimedia geolocation using electrical sockets as consistent indoor markers for geolocation. A three-stage deep learning pipeline detects plug sockets, classifies them into standardized types, and maps them to countries. The approach is evaluated on the Hotels-50K dataset and demonstrates its practical utility for law enforcement in human trafficking investigations.
This paper proposes a computer vision approach to geolocation using universal visual cues, specifically electrical plug sockets, to narrow down the search space for law enforcement in combating crimes such as human trafficking and child exploitation.
The group has new work appearing at DFRWS EU 2026 and in Forensic Science International: Digital Investigation.
Recent Output
Digital Forensics Doctoral Symposium
This paper proposes a low-overhead and non-invasive electromagnetic side-channel monitoring approach for forensic-ready industrial control systems. It uses unintentional electromagnetic radiation emitted by Ethernet network cables to detect denial of service attacks with considerable accuracy, introducing an architecture for ICS infrastructure to be forensic-ready with minimal computational resources.
Forensic Science International: Digital Investigation Vol. 54S pp. 301982
This paper proposes a standardized methodology for evaluating the performance of Large Language Models (LLMs) in digital forensic timeline analysis tasks, such as event summarization. The methodology includes a dataset, timeline generation, and ground truth development, and recommends the use of BLEU and ROUGE metrics for quantitative evaluation.
2024 Cyber Research Conference - Ireland (Cyber-RCI)
This paper introduces the Network Forensic Readiness for Edge Devices (NetFoREdge) framework, which deploys lightweight AI models in resource-constrained environments for attack detection, evidence collection, and preservation. The framework is evaluated on two datasets, achieving accuracy rates exceeding 99.60% and 99.98% for multiclassification.