Staff Profile

photograph

Dr. Ian Kennedy

Senior Lecturer

School: School of Law, Criminal Justice and Computing

Campus: Canterbury

Tel: 01227 921844

Profile summary

Digital forensic practitioner experience

  • Over ten years of operational casework experience in law enforcement, corporate and government.
  • Casework experience includes (but is not limited to): Fraud, Intellectual property (IP) theft, indecent images of children, malware attacks, threats to life, kidnapping, suicide and intelligence reporting.
  • Extensive on-site experience of the challenges of LE warrant execution and civil search orders to secure digital evidence in both UK in overseas jurisdictions
  • Technical lead on questioning during police suspect interviews (Trained in the UK LE 'P.E.A.C.E investigative model)
  • Covert and overt on-site forensic data acquisition both in the UK and overseas
  • Task scoping and planning of forensic strategy, in accordance with local jurisdiction requirements and business needs
  • Author of in excess of 300 Expert reports for CPS, solicitors, senior business teams and intelligence teams
  • Oral expert Witness testimony at Crown, magistrate and youth courts
  • Use of programming/scripting to solve complex or otherwise time consuming tasks for the team, including (but not limited to) C#, Ruby, EnScript, Python and C++
  • Management of exhibits marked as Legal Professional Privilege (LPP) material
  • Ingesting, processing and shaping of e-discovery based data for provision to civil litigation teams

 

Training profile:

  • X-Ways Forensics (X-Ways Technology)
  • Mac/Linux Examinations (Guidance Software)
  • Intermediate Apple Mac Forensics (BlackBag Technologies, San Jose, CA, USA)
  • Introduction to GNU/Linux  (Centre for National Hi-Tech Crime Training)
  • Encase Advanced Analysis and Reporting (Guidance Software)
  • Advanced Internet Forensic Traces            (Centre for National Hi-Tech Crime Training)
  • Access Data Boot Camp (Access Data)
  • Forensic Document Examination (Cranfield University RMCS)
  • Courtroom skills (Bond Solon)
  • Level I Investigative Interview skills (Kent Police)
  • Forensic Computing Foundation (Cranfield University RMCS)
  • Encase Intermediate Analysis and Reporting (Guidance Software)
  • Core Skills in Data Recovery and Analysis (Centre for National High Tech Crime Training)

Research and knowledge exchange

My research interests include computer security and in particular malware artefact analysis.  My PhD explored the confidence placed in tools used to conduct malware investigations  in a criminal investigation context.  Thesis available here.  Few of the tools available to investigate malware are designed for forensic use and their scientific reliability is unknown.  My work looks to propose a framework for evaluating these tools and hence introduce a greater level of scientific rigor within the courtroom.

Teaching and subject expertise

I have been teaching part-time since 1995 where I started teaching GCSE Maths in the FE sector.  Over the years I have taught web design, programming and since 2008 I have been an Associate Lecturer for the Open University on their Digital Forensics programme.  I am a Chartered Engineer (CEng), a member of the British Computer Society (MBCS), a Chartered Information Technology Professional (CITP).

Publications and research outputs

  • A Framework for the Systematic Evaluation of Malware Forensic Tools, PhD Thesis, March 2017 (http://oro.open.ac.uk/50521/)
  • Policing Digital Crime, Ed. Robin Bryant, Ashgate, 2014 (Contrib. author)
  • The Trojan Defence, iTunesU, May 2011  (http://tinyurl.com/p6eblwd)
  • Towards scientific malware analysis, Proc. 4th International Conference on Cybercrime Forensics Education & Training, Canterbury, 2-3 September 2010
  • Playing with fire: Dissecting malicious software, Digital Forensics Mag., 2010
  • Investigating Digital Crime, Ed. Robin Bryant, Wiley, 2008 (Contrib. author)
  • The Silent Digital Witness, Solicitor’s Journal, September 2007
  • Computer CSI, Personal Computer World, April 2007, p56-57
  • Presenting digital evidence to court, BCS, October 2006  (http://tinyurl.com/ynh3r9)
  • The electronic autopsy - digital forensics Part 1, BCS, August 2006  (http://tinyurl.com/2pd424)
  • Looking for foul play - digital forensics Part 2, BCS, August 2006  (http://tinyurl.com/yd48wm)
  • It was the big wooden horse, your Honour, BCS, August 2006  (http://tinyurl.com/yb2qau)

Share

Connect with us

Last edited: 05/12/2017 03:59:00