Based in Sheffield, UK, Dr. Ali Dehghantanha is a researcher in cyber security and digital forensics with special focus on application of machine learning and data analytic techniques in cyber threat hunting and intelligence. 

SugarSync forensic analysis

Hi All,


Another research paper of our cyber forensics research team titled "" is published at Australian Journal of Forensics Science. Here is the link to the paper final version. The paper abstract is as follows:

Cloud storage services are popular with both individuals and businesses as they offer cost-effective, large capacity storage and multi-functional services on a wide range of devices such as personal computers (PCs), Mac computers, and smart mobile devices (e.g. iPhones). However, cloud services have also been known to be exploited by criminals, and digital forensics in the cloud remains a challenge, partly due to the diverse range of cloud services and devices that can be used to access such services. Using SugarSync (a popular cloud storage service) as a case study, research was undertaken to determine the types and nature of volatile and non-volatile data that can be recovered from Windows 8, Mac OS X 10.9, Android 4 and iOS 7 devices when a user has carried out different activities such as upload and download of files and folders. We then document the various digital artefacts that could be recovered from the respective devices.

Please cite the paper as:

Mohammad Shariati, Ali Dehghantanha, Raymond Choo, “Sugar Sync Forensics”- Australian Journal of Forensic Sciences, Vol 48, Issue 1, pp.95-117 (JCR IF 2013IF:0.704) – DOI:10.1080/00450618.2015.1021379


Malware Trends and Lessons for Law Enforcement Agents (LEAs)

Windows Instant Messaging App Forensics: Facebook and Skype as Case Studies