Sean McKeown is an early career academic at Edinburgh Napier University, a post which he began at the end of his PhD work. He obtained a BSc in Computer Science from the university of Glasgow in 2007, followed by an MA (Hons) in Philosophy (2011) and MSc in Digital Forensics and E-Discovery (2013) form the same institution. He subsequently joined the Information Retrieval group at the University of Glasgow as a researcher for two years and worked closely with a local investigation company on Web based, person-centric, Open-Source Intelligence (OSINT) investigations. This early work produced both research papers and prototype applications to enhance the efficacy of OSINT investigators in the real world, reducing the time taken for investigators them to find relevant information. This work was aimed at quickly finding information on subjects relating to various types of fraud, which costs the UK economy approximately 200 billion pounds each year. As such, even a small reduction in the time taken to pursue such investigations may have a large economic impact.
After joining Edinburgh Napier, Sean’s research switched focus to facilitating faster Digital Forensics processing for contraband media investigations. This area is of great importance as police departments across the country are underfunded and faced with huge investigative backlogs, deferring sentences for the guilty, and placing innocent parties under great social and mental strain.
The research from Sean’s PhD addressed this issue through a form of file level data reduction, meaning that less data needs to be read and processed from a typical computer. The techniques have been shown to be particularly effective on solid state media, reducing contraband detection times by up to two orders of magnitude in some cases. Substantial improvements were also recorded for hard disks, however, as more devices make use of non-magnetic media, the proposed techniques will only increase in value. This research gained the attention of a local digital forensics technology company following an exhibition at SICSA DemoFest in 2017, resulting in talks about how such an approach may be incorporated in commercial products. An additional strand of this work focuses on incredibly rapid initial forensics triage by making use of existing thumbnails found on the device, which can detect contraband on a terabyte disk in a matter of seconds. This level of rapid triage allows law enforcement personnel to quickly assess a property for contraband during the execution of a search warrant. This allows for a selective seizure of devices, saving an enormous number of person and processing hours, while cutting down on evidence storage costs.
Seah is module leader of Computer Systems and is also involved in the delivery of several cyber security and forensics modules, as well as overseeing a number of student projects.
• Reviewer for the Journal of Digital Forensics, Security and Law (JDFSL) (https://commons.erau.edu/jdfsl/)
• Technical programme committee member for IARIA Cyber 2019
• Invited speaker to University of Glasgow HATII SHAKE seminars (2014).
• Funding: SICSA First Step Award (£5000 - 2013) + SICSA Postgraduate Industry Internship (£10,400 - 2014), Edinburgh Napier Researcher Development Fund (£850 - 2017)
• Co-exhibitor with Petra Leimich at SICSA DemoFest (2017): "Copies and Contraband: Fast Forensic Identification of Duplicate Images".