Human Factors in Security and Forensics

Emerging technologies such as IoT and smart city infrastructure (SCI) entice adversaries and cybercriminals to execute cyber-attacks and commit criminal acts on these modern infrastructures. Given the borderless nature of cyber attacks, varying levels of understanding of emerging systems (such as SCI and IoT) and ongoing investigation workloads, law enforcement agencies and investigators are hard-pressed to respond to these kinds of cybercrime. In this project, we conceptualize and design technologies to aid forensics investigation in emerging class of systems such as SCI, IoT and beyond 5G systems. Our designed technologies have been evaluated with over 30 real-life forensic investigators working in Singapore Government agencies and was shown to significantly accelerate IoT forensic investigation. We have made pioneering contributions to develop an abstract, yet systematic framework for forensic analysis that cover all SCI systems at an appropriate level of abstraction. Such framework was developed from the foundations of threat modeling in SCI systems. Our current work focuses on instantiation of our conceptual framework for a variety of complex systems such as 5G and beyond. Apart from the forensic angle, we are investigating the user perception of software risks in critical domain. Among others, we are investigating the risks (that are due to intended features) to end users in using smart contract and how to automatically identify and highlight such risks to them.

Representative Publications:

Understanding End-User Perception of Transfer Risks in Smart Contracts
Yustynn Panicker, Ezekiel Soremekun, Sudipta Chattopadhyay, and Sun Sumei
2025 Conference on Human Factors in Computing Systems (CHI), 2025.

A Smart City Infrastructure Ontology for Threats, Cybercrime, and Digital Forensic Investigation
Yee Ching Tok, Davis Yang Zheng, and Sudipta Chattopadhyay
Elsevier Forensic Science International: Digital Investigation (FSIDIIN), 2025

Identifying Threats, Cybercrime and Digital Forensic Opportunities in Smart City Infrastructure via Threat Modeling
Yee Ching Tok and Sudipta Chattopadhyay
Elsevier Forensic Science International: Digital Investigation (FSIDIIN), 2023

STITCHER: Correlating Digital Forensic Evidence on Internet-of-Things Devices
Yee Ching Tok, Chundong Wang, and Sudipta Chattopadhyay
Elsevier Forensic Science International: Digital Investigation (FSIDIIN), 2020

Acknowledgement: We are grateful to Keysight Technologies, National Research Foundation and Infocomm Media Development Authority for generously supporting this project.