Sean McKeown

Sean McKeown

Dr Sean McKeown

Lecturer

Biography

Sean McKeown is an early career academic at Edinburgh Napier University, a post which he began at the end of his PhD work. He obtained a BSc in Computer Science from the university of Glasgow in 2007, followed by an MA (Hons) in Philosophy (2011) and MSc in Digital Forensics and E-Discovery (2013) form the same institution. He subsequently joined the Information Retrieval group at the University of Glasgow as a researcher for two years and worked closely with a local investigation company on Web based, person-centric, Open-Source Intelligence (OSINT) investigations. This early work produced both research papers and prototype applications to enhance the efficacy of OSINT investigators in the real world, reducing the time taken for investigators them to find relevant information. This work was aimed at quickly finding information on subjects relating to various types of fraud, which costs the UK economy approximately 200 billion pounds each year. As such, even a small reduction in the time taken to pursue such investigations may have a large economic impact.

After joining Edinburgh Napier, Sean’s research switched focus to facilitating faster Digital Forensics processing for contraband media investigations. This area is of great importance as police departments across the country are underfunded and faced with huge investigative backlogs, deferring sentences for the guilty, and placing innocent parties under great social and mental strain.

The research from Sean’s PhD addressed this issue through a form of file level data reduction, meaning that less data needs to be read and processed from a typical computer. The techniques have been shown to be particularly effective on solid state media, reducing contraband detection times by up to two orders of magnitude in some cases. Substantial improvements were also recorded for hard disks, however, as more devices make use of non-magnetic media, the proposed techniques will only increase in value. This research gained the attention of a local digital forensics technology company following an exhibition at SICSA DemoFest in 2017, resulting in talks about how such an approach may be incorporated in commercial products. An additional strand of this work focuses on incredibly rapid initial forensics triage by making use of existing thumbnails found on the device, which can detect contraband on a terabyte disk in a matter of seconds. This level of rapid triage allows law enforcement personnel to quickly assess a property for contraband during the execution of a search warrant. This allows for a selective seizure of devices, saving an enormous number of person and processing hours, while cutting down on evidence storage costs.

More recent research focuses on the analysis of the High Efficiency Image File Format (HEIF) which is used by modern Apple devices. The format does not have wide software support, neither for consumers nor investigators, which poses a particular problem as the HEIF container format allows for complex data structures, which can be difficult to analyse.

Sean is module leader of Computer Systems and is also involved in the delivery of several cyber security and forensics modules, as well as overseeing a number of student projects. He is also the student demonstrator coordinator for the School of Computing.


Esteem
• Reviewer for the Journal of Digital Forensics, Security and Law (JDFSL) (https://commons.erau.edu/jdfsl/)
• Reviewer for the Journal of Cyber Security Technology (https://www.tandfonline.com/toc/tsec20/current)
• Programme Committee - IEEE International Conference on Cyber Science comprising Cyber Situational Awareness, Social Media, Cyber Security and Cyber Incident Response (CYBER 2020)
• Technical programme committee member for IARIA Cyber 2019
(https://www.iaria.org/conferences2019/CYBER19.html)
• Invited speaker to University of Glasgow HATII SHAKE seminars (2014).
(https://blogs.arts.gla.ac.uk/hatii/hatii-shake-investigating-information-online-not-only-nsa/)
• Co-exhibitor with Petra Leimich at SICSA DemoFest (2017): "Copies and Contraband: Fast Forensic Identification of Duplicate Images".

• Funding: SICSA First Step Award (£5000 - 2013) + SICSA Postgraduate Industry Internship (£10,400 - 2014), Edinburgh Napier Researcher Development Fund (£850 - 2017), Napier Research Funding Competition (Approx. £7000, 2019-2020)

Events

Esteem

Fellowships and Awards

  • Edinburgh Napier Researcher Development Fund
  • Edinburgh Napier 50th Anniversary PhD Scholarship

 

Invited Speaker

  • University of Glasgow - HATII SHAKE Seminar

 

Membership of Professional Body

  • Associate Fellow of the Higher Education Academy

 

Reviewing

  • Programme Committee - IEEE International Conference on Cyber Science comprising Cyber Situational Awareness, Social Media, Cyber Security and Cyber Incident Response (CYBER 2020)
  • Journal of Digital Forensics, Security and Law
  • Technical Comittee Member - IARIA Cyber 2019

 

Date


14 results

Fingerprinting JPEGs With Optimised Huffman Tables

Journal Article
McKeown, S., Russell, G., & Leimich, P. (2018)
Fingerprinting JPEGs With Optimised Huffman Tables. Journal of Digital Forensics, Security and Law, 13(2), https://doi.org/10.15394/jdfsl.2018.1451
A common task in digital forensics investigations is to identify known contraband images. This is typically achieved by calculating a cryptographic digest, using hashing algor...

Fast Filtering of Known PNG Files Using Early File Features

Conference Proceeding
McKeown, S., Russell, G., & Leimich, P. (2017)
Fast Filtering of Known PNG Files Using Early File Features. In Proceedings of the Conference on Digital Forensics, Security and Law
A common task in digital forensics investigations is to identify known contraband images. This is typically achieved by calculating a cryptographic digest, using hashing algor...

InfoScout: An interactive, entity centric, person search tool.

Conference Proceeding
McKeown, S., Buivys, M., & Azzopardi, L. (2016)
InfoScout: An interactive, entity centric, person search tool. In SIGIR '16 Proceedings of the 39th International ACM SIGIR conference on Research and Development in Information Retrieval, (1113-1116). https://doi.org/10.1145/2911451.2911468
Individuals living in highly networked societies publish a large amount of personal, and potentially sensitive, information online. Web investigators can exploit such informat...

Investigating people: a qualitative analysis of the search behaviours of open-source intelligence analysts

Conference Proceeding
McKeown, S., Maxwell, D., Azzopardi, L., & Glisson, W. B. (2014)
Investigating people: a qualitative analysis of the search behaviours of open-source intelligence analysts. In IIiX '14: Proceedings of the 5th Information Interaction in Context Symposium, (175-184). https://doi.org/10.1145/2637002.2637023
The Internet and the World Wide Web have become integral parts of the lives of many modern individuals, enabling almost instantaneous communication, sharing and broadcasting o...

Pre-Napier Funded Projects

  • SICSA Elevate Business Accelerator Training
  • SICSA Postgraduate Industry Internship

Current Post Grad projects

Previous Post Grad projects