Qualification: 
M.Tech
Email: 
m_ashokkumar@cb.amrita.edu

Ashok Kumar Mohan currently serves as Research Associate at TIFAC-CORE in Cyber Security. His ares of interests are Cyber Forensics, Online Social Media Analysis.

Qualification:  M. Tech. in Cyber Security

Areas of  Research

Year Areas of  Research
2017-18 Cyber Deception, Analysis and Audit of HTTP/2 traffic
2017 Rumor Prediction in Social Media Networks, Metadata Forensics, Slack Space Forensics and Wireless Security Audit
2016 Pursuing PhD in Cyber Forensics under the guidance of Dr. Sethumadhavan M. (Head, Centre for Cyber Security, AVV, Coimbatore) supported by Visvesvaraya PhD Scheme for Electronics & IT, MeitY, India
2016 Research Project on FPGA based malware analysis using Honeypots for IBM
2015     Intrusion Prediction System (DRDO), Malware Analysis, IoT and Cyber Laws
2013 OTP security (Sturdy - One Time Password) for bank sectors
2012 S6 Protocol (Sensing Shady Setups Spending Social Similarity) on Facebook Forensics

Guest Lectures/Mentorship

Year Guest Lectures/Mentorship
2018 Organized and Mentored a two day hands on workshop cum Capture The Flag (CTF) contest "Dig-For-Art'18" (February 15-16) on on Cyber Security - Digital Forensics held at Department of Computer Sciences Technology, Karunya Institute of Technology and Sciences - Deemed to be University, Karunya Nagar, Coimbatore for their National Level Technical Symposium powered by ACE, and facilitated practical training for around 80 graduate students from the state.
2017 Organized and Mentored a two day hands on workshop cum Capture The Flag (CTF) contest "Dig-For-Art'17" (September 27-28) on Digital Forensics Artifacts at Cyber Forensics Laboratory, powered by IT department, Kalasaligam University and facilitated practical training for around 120 graduate students from nearby rural areas.
2017 Mentored "Privacy and Forensics on Cloud" event for evaluating conference papers organized by Cloud Security Alliance (CSA) Coimbatore Chapter, (14th July) jointly hosted by Dr. G. R. Damodaran College of Science, Coimbatore
2017 One day hands-on workshop on "Introduction to Ethical Hacking and Cyber Security" (9th March) at Raja College of Engineering and Technology, Madurai
2017 Invited talk for "Information Security in Internet of Things" on "Security Issues in Wireless Networks" (25th February) at Sri Krishna College of Engineering & Technology, Kuniamuthur, Coimbatore
2016  Hands on Workshop as resource person on X-Ways Forensics 18.6 Professional Edition on (29th February and 1st March 2016) at Cyber Forensics Research Lab (KLU), Krishnankovil (TN)
2015          Mentored Hack-a-thon event organized by Cyber Security and Privacy Foundation, (15th December) jointly organized by Learning Links India and U.S Consulate General, Chennai at PSG College of Technology, Coimbatore
2015 Guest Lecture on Cyber Forensics in Annual Tech Fest - Anokha at ASE, Coimbatore
2014 Invited lecture on National Level Ethical Hacking Workshop in Dr. N.G.P College, Coimbatore
2013 Tech Talk on Hacking - A Technological Threat in Cyber Defence Symposium held at ASE, Coimbatore

Trainings Delivered (Institution/Government)

Year Trainings Delivered (Institutions/Government)
2018 Cyber Awareness Session on "Cyber Bullying" at Queen Mira International School, Melakkal Road, Kochadai,Madurai titled "A Step towards Bully-Proof Cyberspace" (24th April) for High School Students.
2017 Faculty Development program on "Bits n Bytes of Digital Forensics" at AICTE sponsored short term course titled "Cyber Security and Cyber Forensics" (28th November) for the Members of Staff, Department of Information Technology, Dept. of Computer Applications, CIT (Coimbatore) and faculty members from other colleges.
2017 Delivered special sessions as resourced person for Tamil Nadu Voluntary Health Association, East Zone meeting on "Awareness on Internet Safety for all age NETizens" (September 23) at Poondi Matha Basilica Auditorium, Thanjavur.
2017 Faculty Development program on "Cyber Impact on Cashless Financial Transactions" and "Introduction to Digital Foreniscs and Security", (23rd June) for the Members of Staff, Department of Information Technology, Dr.N.G.P. Institute of Technology, (Coimbatore)
2017 Facilitated "capacity building training programme" on "Online Safety for Children in Cyber Space" for members of Childline India Foundation (21st and 22nd June) and state Directors of Kerala at Amrita Vishwa Vidyapeetham Vallikavu, Kerala, jointly with Department of Social Work, Amrita Vishwa Vidyapeetham, Vallikavu and UNICEF(Childline 1098), India
2017 Invited talk for "Information Security in Internet of Things" on "Security Issues in Wireless networks" (25th February) at Sri Krishna College of Engineering & Technology, Kuniamuthur, Coimbatore
2017 Created awareness on "Cyber Crime Awareness for Youth" as a part of  National Service Scheme (NSS) inauguration event (25th January)at Amriteshwari Hall, Amrita Vishwa Vidyapeetham, Coimbatore
2016 Facilitated "capacity building training programme" on "Online Safety for Children in Cyber Space" for 160 members of Childline India Foundation (20th, 24th October and 1st November) and 69 state Directors of Tamil Nadu at Muralikrishna Hall (CIR), jointly with Department of Social Work, Amrita Vishwa Vidyapeetham, Coimbatore and UNICEF(Childline 1098), India
2016          Faculty Development program on  Introduction to Practical VA/PT,  setting up of Honeypots, demonstration of Encase 7 and Paraben Bundle cyber forensic tools (13th August) for Kalasaingam university Members of the Staff and Research Scholars
 2015 Trained a team of 30 students as a preplacement activity on Ethical Hacking, Cyber Forencis, Network Security and OWASP secure coding, (22nd September 2015) Kalsaligam University(KLU), Krishnankovil (TN) and 9 of them got placed in Paladion Networks, Bangalore.
URL (under tab, Training Programmes organized)
2015 Facilitated two days Student Development Program on Cyber Security, (31st July, 1st August 2015) headed by Dr. Sethumadhavan M. (Head, Centre for Cyber Security, AVV) at KLN college of I.T, Madurai
2014 Given cyber security training for 150 senior police officers on Cybercrime Training Salem City and Rural Police Officers, (14 June 2014) under the guidance of Mr. A.Amalraj I.P.S., (Commissioner, Salem City) and Mr. S.Prabakaran I.P.S., (Asst., Commissioner Crime, Salem City) with HANS (Gujarat)

Volunteer Activities in Cyber Security

Category  Details
Rural Education Anaadi VIBE
Welfare UNICEF India
NGO HANS India, Gujarat
Global Vision NGO, Salem
Govt., Research Groups NCDRC−National Cyber Defense Research Centre 
Companies Rex Cyber Solutions, Chennai
Colleges/Universities Cyber Forensics Laboratory, Kalasalingam University

Awards/Certifications

Year

Awards/Certifications

2017 Best Paper Award in "Forensic Analysis of Cyber Crimes" for the paper on "Linking Hazy Dots in Favor of Digital Evidences - PoC using Metadata Association" at The INternational COnference on Data Security-INCODS2017 (12th December), Department of Information Technology, Kalasalingam University, Krishnankoil, Virudhunagar, Tamil Nadu.
2017 CEH (Certified Ethical Hacker, EC-Council India) and CHFI (Computer Hacking Forensic Investigator , EC-Council India)
2017 Best Paper Award in "Web Services and Semantic Web" for the paper on "The Forensic Future of Social media Analysis using Web Ontology" at International Conference on Advanced Computing and Communication Systems (7th January) Sri Eshwar College of Engineering, Coimbatore.
2016 FAFE (Forensic Accounting and Fraud Examination #CQUAP8BYY6L4 - West Virginia University)
2015 Coursework on CEC (Certified Ethical Cracker - InfySEC)
2012 PGCCL (Post-Graduate Certificate in Cyber Law-IGNOU)
2011-2012 Coursework on CPCL(Certificate Program in Cyber Law-SYMBIOSIS) and ACISE(Advanced Certificate in Information Security-IGNOU)
2010 DCL (Diploma in Cyber Laws)
2009 RHCT (Red Hat Certified Technician)
2008 Coursework on CCNA (Cisco Certified Network Associate) and MCP (Microsoft Certified Professional)
2007 Coursework on A+ and N+ (Hardware and Networking - IIHT)

 

Video Tutorials

Publications

Publication Type: Journal Article

Year of Publication Publication Type Title

2018

Journal Article

Ashok Kumar Mohan, Dr. Nirmala Devi M., Dr. M. Sethumadhavan, and R., S., “A Selective Generation of Hybrid Random Numbers via Android Smart Phones”, International Journal of Pure and Applied Mathematics, vol. 118, 2018.[Abstract]


The True Random Number Generator (TRNG) is an important module for countless cryptographically secure appliances. TRNG generation technique requires custom made hardware with quantum phenomena, which on the whole are expensive research components. A secure and sound TRNG design is anticipated at this time, which is based on the permutation of sensor feeds and combination of noise patterns from the peripherals of any Android smartphone. The source for this generator is the selected features from the in-built hardware components namely accelerometer, gyroscope, magnetometer, WiFi signal measure, cell tower information, GPS coordinates and battery thermal noise. Additionally, Process ID (PID) of the corresponding Android processes is given as key vector to augment the entropy and also addresses some of the security concern like confidentiality, integrity and availability of the authentic sources. . Hardware-Based Random Number Generator (HRNG) can be achieved by combing the source of the user, their corresponding parameters and the measure of imperfection. More »»

2018

Journal Article

Ashok Kumar Mohan, Thampy, R. V., and Praveen, K., “Data Hiding in Slack Space Revisited”, International Journal of Pure and Applied Mathematics, vol. 118, pp. 3017-3025, 2018.[Abstract]


In the current world scenario storing of any data securely in any storage medium is of major concern. Transferring any secret data without being compromised by the attacker is becoming difficult day by day. In such a situation, using the slack space for storing and retrieving secret information can be a great boon. Slack space is nothing but the unused space in a disk cluster. Here, the slack space of private cloud and slack space of the files which is being uploaded to the private cloud is considered for hiding and retrieving the secret information. Slack sizes of files are determined using hex editors. MD5 hashes of the path of the files containing slack and key are taken and sorted in the ascending order. Message to be hidden is encrypted and is divided into chunks of data depending on slack sizes of files which has been reordered by its corresponding sorting of MD5 hashes of file paths along with the key. Divided chunks of data are hidden in the slack spaces accordingly. Mapping of MD5 hashes of file paths along with the key and slack size will help in the retrieval of hidden information from slack spaces. The secret data will be securely hidden in the slack spaces of the private cloud. The idea of keeping secret data in slack space of private cloud is more advantageous because cloud itself provides security than usual physical storage media and moreover that, the possibility of being detected by an attacker is often less as slack space often contains data which could not be easily detected by normal analysis. Along with this, a secret sharing algorithm is proposed for splitting and sharing the secret data among cloud users and the file slack space in the cloud gives the accessibility of secret data

More »»

2018

Journal Article

A. Gopalakrishnan, Vineti, E., Ashok Kumar Mohan, and Dr. M. Sethumadhavan, “The Art of Piecewise Hashing: A step toward better evidence provability”, Journal of Cyber Security and Mobility, vol. 7, pp. 109-130, 2018.[Abstract]


The integrity of digital evidence is believed to be the paramount trait in the world of cyber forensics. Cybercrime investigators face myriad challenges in the process similar to accommodating the call for bulk digital evidence. In due course extraction of useful information while maintaining the integrity and absolute protection against data degradation is mandatory. In this manuscript, we propose a novel approach by applying cryptographic hashing technique to only selected significant portions of the digital evidence, so even if the overall hash does not match, investigators could still verify the integrity of those critical sections of the evidence.We put forward two notions in this manuscript; former is heterogeneous piecewise hashing which is a flexible version of the piecewise hashing strategy, and latter is a novel evidence certification strategy which formalizes evidence provability process completely. © 2018 the Author(s).

More »»

2017

Journal Article

Ashok Kumar Mohan, Dr. M. Sethumadhavan, and A, A. Devi, “Wireless Security Auditing: Attack Vectors and Mitigation Strategies”, Procedia Computer Science, vol. 115, pp. 674–682, 2017.[Abstract]


Wireless security is concise on protecting the resources connected to the wireless network from unauthorized access. Wi-Fi Protected Access II (WPA2) is a predominant variety of cryptography based wireless security protocol, which is crafted to be robust and can prevent all the wireless attacks. But numerous organizations explicitly like educational institutions remains vulnerable due to lack of security. By auditing the vulnerabilities and performing the penetration testing, it is possible to review the causes of the issues indicted over the network. Wireless security auditing is anticipated to be an exact blend of attack scenario and the well matched audit policy checklist provides a benchmark for a sheltered wireless network in safe hands.

More »»

Publication Type: Conference Paper

Year of Publication Publication Type Title

2018

Conference Paper

T. Prem, Selwin, V. P., and Ashok Kumar Mohan, “Disk memory forensics: Analysis of memory forensics frameworks flow”, in 2017 Innovations in Power and Advanced Computing Technologies, i-PACT 2017, 2018, vol. 2017-January, pp. 1-7.[Abstract]


We have heard of Cyber Espionage where a spy was able to hide data and go unnoticed virtually. Using some forensics frameworks we can able to hide and retrieve data in any format both in Windows and Linux operating systems. Whatever the data are made to be hidden in the disk, some frameworks are very good at its carving technique which it analyze and give all the parts of the disk or any other memory devices. In this paper I have clearly explained how memory forensics frameworks analyze the memory of the hard disk drives. Some specific utilities are capable and designed specifically only for windows Operating system and at the same way some forensics frameworks are designed specifically for Linux based distributions. Here I have analyzed few frameworks that are currently good in conducting a digital forensic investigation. These frameworks are for a human resources internal investigation where unauthorized investigation into the server, or to select frameworks to conduct new investigation and these frameworks and suits will assist to conduct analysis of memory forensic, forensic analysis of hard drive, forensic imaging, forensic image exploration, forensic imaging and mobile forensics. Such that, they all designed in such a way that it has the features to bring back in whole depth analyzed report of its merits in its technique flow and about what's under the system hood.

More »»

2018

Conference Paper

A. Thomas, T. Kumar, G., and Ashok Kumar Mohan, “Neighbor Attack Detection in Internet of Things”, in Advanced Computational and Communication Paradigms, Singapore, 2018.[Abstract]


Internet of Things (IoT) hegemonies all other technological development the world has seen so far. 6LoWPAN is emerging as the next generation protocol of IoT. 6LoWPAN protocol enables the resource constrained embedded device to connect to the Internet through IPv6. Routing Protocol for Low Power and Lossy Networks (RPL) is specifically designed as a routing protocol for resource constrained device and it is adaptable with the 6LoWPAN. There are many attacks which make RPL insignificant to achieve its desired objectives. Neighbor attack is momentous and is capable of disrupting possible routing path. In this paper, we proposed intrusion detection system which can detect neighbor attack in RPL protocol and a secure root process to prevent the effect of attack on this protocol. The IDS is incorporated by considering location information and received signal strength to identify malicious node. We have also incorporated secure root process which can rectify disruption in routing path after detecting attacks. This method can act as an optimum method for resources constrained environment.

More »»

Publication Type: Conference Proceedings

Year of Publication Publication Type Title

2017

Conference Proceedings

Ashok Kumar Mohan and Dr. Venkataraman D., “The Forensic Future of Social media Analysis using Web Ontology”, International Conference on Advanced Computing and Communication Systems (ICACCS -2017). 2017.[Abstract]


Whenever some user posts on social media networks, knowingly or unknowingly their activity is registered in countless online repositories. This exposes parts of the data to be publicly available; as a consequence of this a forensic analyst can reveal past activities, reconstruct a biased timeline and recover deleted data of the suspect. Movie ontology maps the input from movies and videos of user via facebook graph API to produce adaptive results of user activity related to their entertainment activities. Movie ontology will demonstrate how to reconstruct the social behavior of the user from the file and how to interpret the gained information as a potential source of evidence in digital forensic investigations. More »»

Publication Type: Book Chapter

Year of Publication Publication Type Title

2017

Book Chapter

R. Krithika, Ashok Kumar Mohan, and Sethumadhavan, M., “Jordan Center Segregation: Rumors in Social Media Networks”, in Security in Computing and Communications: 5th International Symposium, SSCC 2017, Manipal, India, September 13–16, 2017, Proceedings, vol. 746, S. M. Thampi, Pérez, G. Martínez, Westphall, C. Becker, Hu, J., Fan, C. I., and Mármol, F. Gómez Singapore: Springer Singapore, 2017, pp. 146–158.[Abstract]


Social media networks have gained a lot of popularity among the people by rapidly spreading rumors inquiring a variety of human affairs. Nowadays people simply tend to hype over social media for publicity or promotion which is the prime source for all deception activities online. The data shared in the midst of social media may be spreading a bogus news online and sooner or later they will be sorted off the record as rumors, but meanwhile the rumor might have done an adequate amount of damage to the subject. Current day rumor Segregation practice aims no more than identifying the rumor in the reign, days after its first forecast. The anticipated model will serves as a precise way out for isolating a rumor by calculating the preparatory source of the rumor by the use of Jordan source center with SI, SIR, and SIRI infection models. Jordan source center is the best optimal source calculator which overcomes the error rate, infection rates and other parameters when compared to other centrality estimators from the marketplace. It helps in finding the source of a common social media rumor and proceeding further to cleanse the infections and trim down their forged impact over the social media networks.

More »»

2015

Book Chapter

Ashok Kumar Mohan and Dr. Gireesh K. T., “Secure Seed-Based Sturdy OTP via Convenient Carry-on Device”, in Artificial Intelligence and Evolutionary Algorithms in Engineering Systems: Proceedings of ICAEES 2014, Volume 1, P. L. Suresh, Dash, S. Subhransu, and Panigrahi, K. Bijaya New Delhi: Springer India, 2015, pp. 447–455.[Abstract]


The Internet users for the purpose of easy memorizing select a weak password and reuse it along many Web sites vulnerable to password stealing and reuse due to rapid growth of cloud computing. Sturdy one-time password (S-OTP) provides with easy remembrance and prevention of password reuse using personal Android mobile phone without the necessity of sending an SMS and can be integrated into any original user authentication system without contradicting the overall security. Also, in the worst cases, if the mobile phones are stolen, it is made unfeasible by means of two-dimensional SHA3 and MD5 forward hashing with unique and secure hard-coded seed information from mobile device. More »»
Faculty Research Interest: 
207
PROGRAMS
OFFERED
5
AMRITA
CAMPUSES
15
CONSTITUENT
SCHOOLS
A
GRADE BY
NAAC, MHRD
8th
RANK(INDIA):
NIRF 2018
150+
INTERNATIONAL
PARTNERS