Versione italiana | English version
Computer forensics was born in the laboratories of the FBI in the United States to cope with the demand of analysis of digital data for the purpose of investigation and justice. For several years in Italy it comes to computer forensics as the discipline that concerns the identification, storage, protection, retrieval, documentation and any other form of treatment and interpretation of computer data to be evaluated as evidence in a trial; it also studies the processes, techniques and tools for forensic analysis of computer and telecommunications systems. The law of most recent reference for the computer forensics is the Law 48/2008, by which the Italian state has ratified the Budapest Convention on Cybercrime of 2001.
In addition, from October 15, 2012, the ISO - International Organization for Standardization - has launched the first edition of ISO / IEC 27037/12: Information technology - Security techniques - Guidelines for identification, collection, acquisition and preservation of digital evidence. This standard is the first compendium of technical and methodological rules to be followed in forensic practice regardless of the particular legal context (that is unencumbered by legal rules).
Computer forensics is one of the auxiliary sciences of criminal law (as is the forensic or forensic ballistics) instrumental in establishing the facts constituting the offense typically computer (for example, unauthorized access to the computer system), or to constitute a conduct free crime, but made with an information and communications system (e. g. a defamation via the Internet) or a crime of any kind where the evidence is contained in a computer or electronic system (e.g. geo-localization of the phone for the reconstruction of the movements of a person accused of murder).
The analysis of the data produced from the computer and the network can reveal useful elements to the reconstruction of the facts of evidence of the crime.
Following the spread of digital technology, computer forensics is used not only in the context of criminal procedural law, but also in every other legal context, e. g. in the civil, administrative, tax, financial, military law.
The forensic investigation can take place on computer systems (computer forensics), on electronic systems (network forensics), on mobile communication systems (mobile forensics), on embedded systems (embedded forensics), on multimedia file (image and video forensics), as well as on all the new digital devices that are placed on the market on a daily basis.
The goal of computer forensics is the study of techniques for the identification, acquisition, preservation, analysis and evaluation of the data produced by a computer or electronic systems without altering them. This objective is usually achieved by adopting techniques and methods that allow the law enforcer to capture all the data recorded in a digital medium to bring them unchanged on a different medium. Sometimes, the computer forenser is forced to use techniques of hacking protection system in order to acquire the data of interest.
The execution of these operations requires compliance with legal rules and techniques so that there is the need to describe and document all technical procedures, tools, hardware and software used for the acquisition and analysis of data, in order to allow at any time the control and verification of the technical and legal conclusions.
These few introductory elements show how each computer forenser, as well as a deep technical background, must also possess a relevant legal education in public law, criminal law and criminal procedural law, as well as in all areas of substantive and procedural law that from time to time require such skills. Computer scientists, in fact, need to know with precision the legal implications of their activities and therefore the principles of substantive law, procedural law and in particular the rules of seizure, collection and research of the evidence, to avoid errors during the investigation, often irreparable.
On the other hand, since the frequency and pervasiveness of technological innovation mean that there in practice is no legal trial without digital evidences, the correct application of legal rules require every legal operator (judges, lawyers, police, but also to clerks, custodians, consultants, experts, others) the obligation to be informed, receive training and continuous education in computer science, information technology and legal and computer forensics.
Since 2003 the course "Computer Forensics" has been activated at the Faculty of Law of the University of Bologna and Cirsfid has set up a laboratory dedicated to teaching the techniques of forensic investigation. This was the first course on this topic and activated in Italy and, over the years, various institutions of both the Faculty of Law and the Faculty of Mathematical, Physical and Natural Sciences have included this course in their curricula. Moreover, from school year 2003-2004 to 2006-2007 and in s. y. 2009-2010 and 2010-2011 it was held in the Faculty of Law, a seminar (three credits, 24 hours of lectures) entitled "Legal Aspects of Computer Forensics"; from s. y. 2011-2012 to the present the seminar was named " Legal and Technology Profiles of Computer Forensics", has been extended to 48 hours of lectures and has been accredited by the Council of the Bar of Bologna for training the lawyers.
A version of the course was held at the "Master in Law and Legal Informatics" of the Faculty of Law from s. y. 2002-2003 to the present. In this context, among other encouragements to start-up companies, a group of graduate students developed DEFT (Digital Evidence & Forensics Toolkit), a live Linux distribution for the activities of forensic analysis, that is being used, since several years, not only in courses but in professional investigations by law enforcement agencies at national and international level.
There are several scientific contacts resulting from activities related to the courses and seminars , with the police bodies, associations of lawyers, prosecutors and judges, institutions at the international level. Currently, some doctorate students of the Interdisciplinary Doctoral Program in Law and New Technologies, managed by Cirsfid, carry out their activities in relation to this discipline.
- Maioli C. (2015) (a cura di), Questioni di Informatica Forense, Roma, Aracne.
- Maioli C. (2011), "Basic tools in forensic informatics", in Gil Perez J. (editor), Investigar y probar el delito en la sociedad de la información, Burgos University Press.
- Maioli C. (2004), "Introduzione all’informatica forense", in Pozzi P. (a cura), La sicurezza preventiva dell'informazione e della comunicazione. Sicurezza delle informazioni, Milano, Franco Angeli.
- Maioli C., Gammarota A. (2005), "Steganography and steganalysis", in Mattiucci M. (a cura), Internet investigation. International Conference on Internet investigation", Roma, Racis.
- Maioli C., Gammarota A. (2008), "Steganografia e steganalisi", in http://www.carabinieri.it/Internet/Arma/Oggi/Convegni/Roma23052005/May+23/04_p.htm, Roma, Racis.
- Maioli C., Fratepietro S. (2006), "Utilizzo di Advanced Forensic Format nell’informatica forense", in Bruschi D., Mancini V. (a cura), Atti del primo workshop italiano su Privacy e Security PRISE2006, Roma.
- Losano M. G. (2008), "La computer forensics e l’insegnamento dell’informatica giuridica", in Atti Convegno SIFD, Torino.
- Vitagliano Stendardo A. (2011), La criminalità informatica nei sistemi di pagamento digitale e con smart-card, FID Cirsfid n. 20, Bologna, Gedit.
Areas of research
Computer forensics at CIRSFID is articulated in the following research areas:
- Peer-to-peer forensics;
- Monitoring of network traffic;
- Cloud computing and computer forensics;
- ISO standards in the field of computer forensics.
Research activities are done also on the themes:
- The technical advisor and expert in computer forensics;
- Law 48/2008 and the previous doctrine and case law relating to computer forensics;
- Online criminal trial;
- Computer investigation in collaboration with the cultural Tomás y Valiente Cátedra the Universidad La Laguna.
The following list of projects includes an initiative, unrelated to Computer Forensic, in which several people of the research group are involved:
- Land Registry within the INSPIRE Directive
Peer-to-peer network forensics
The peer-to-peer architecture differs from the client-server one because the first is independent from the server; therefore the different hosts can communicate directly between them. This aspect of communication without filters reduces the possibility of control by any entity, including the investigating authorities, with the exception of cases in which one of the two hosts is just a computer system used for investigative purposes.
As part of the file sharing application by means of peer-to-peer may then happen that two hosts to exchange illegal files. Of particular interest are the applications of these principles to cases of child pornography as provided for by Articles 600-ter and 600-quater of the Italian Criminal Code. The simple detection of possession of illegal file does not imply the owner automatically guilty, being in fact the necessary concomitant existence of the element of awareness of the suspect.
This area of research aims to define a methodology for in-depth analysis of computer and electronic systems used to commit these types of crimes in order to obtain more information for reconstructing the user's intentions user of the computer system. To optimize the analytical procedures and the time required, existing file sharing software tools are studied in order to set up the computer forensic analysis tools which allow to extract useful information to support the presence or absence of elements of consciousness (e. g. keywords used for the search, the presence of fake files, file access and possible cancellation offenses, number of items of illicit files).
- Gammarota A. (2015), “Il cyberstalking: questioni aperte in tema di condotta e ricadute nella prassi applicativa”, in Maioli C. (2015) (a cura di), Questioni di Informatica Forense, Roma, Aracne.
- Colarocco V. e Ferrazzano M., “La pagina web come prova digitale nel processo civile”, in Maioli C. (2015) (a cura di), Questioni di Informatica Forense, Roma, Aracne.
- Ferrazzano M. (2015), “Disk forensic analysis of file sharing client in peer-to-peer environments”, in Maioli C. (2015) (a cura di), Questioni di Informatica Forense, Roma, Aracne.
- Ferrazzano, M. (2014) Indagini forensi in tema di scambio di file pedopornografici mediante software di file sharing a mezzo peer-to-peer, Alma Mater Studiorum Università di Bologna. Dottorato di ricerca in Diritto e nuove tecnologie, 26 Ciclo, DOI 10.6092, /unibo/amsdottorato/6697.
- Maioli C., Ferrazzano M. (2011), "Control of File Exchange of Illicit Materials in Peer-to-Peer Environments", in Bottis M. (a cura), Proceedings of the 4th International Conference on Information Law, Tessalonica, ICIL.
- Ferrazzano M. (2011), "Reati di pedopornografia in ambiente eMule: analisi dei log per ricostruire attività di scambio tra vari utenti indagati", in Costabile G., Attanasio A. (a cura), IISFA Memberbook 2010, Forlì, Experta.
- Novario F. (2009), "Pornografia minorile e file sharing: l’influenza della tecnologia informatica sull’asse probatorio", in Diritto penale e processo, n. 10.
- Walden I. (2007), Computer crimes and digital investigations, Oxford, Oxford University Press.
Monitoring network traffic
The monitoring, interception and filtering of outgoing traffic from the national telecommunication network can help to address some critical profiles related to the evolution of transmission systems in the world and the use of the computer as a tool to conceal people’s identity.
For the Internet, in fact, the first problem is the identification of users, if the user is connected through the Internet Service Provider for indirectly through the Access Service Provider.
The identification of connections established by people belonging to national Internet Service Provider with a target site located, for example, outside the Italian territory, through extensive use of protocols such as http, ftp, or through file sharing networks is, at present, not a goal easy to get to because of the limitations imposed by technology and by law.
This area of research aims to address the experimental phase aimed at developing techniques, in collaboration with national operators and at acquiring routing information and user data within an intranet (using the Internet backbone), while preserving the confidentiality the same user data.
The law, art. 13 of Law 23.12.1993, n. 547, gives the possibility of having telematico interceptions in relation to so-called "preventive wiretapping", where art. 25-ter permits to capture the "flow of communications relating to computer or telecommunications systems." The aim is to analyze the instrument for prior interception, which is a very powerful tool in tackling technological activities of organized crime.
- Bardari U. (2015), “Le identità nei social network: strumenti tecnici virtuali con conseguenze giuridiche reali”, in Maioli C. (2015) (a cura di), Questioni di Informatica Forense, Roma, Aracne.
- Bardari, U. (2013) Caratteristiche innovative nell'acquisizione di dati di informatica forense in ambienti virtuali, Alma Mater Studiorum Università di Bologna. Dottorato di ricerca in Diritto e nuove tecnologie, 25 Ciclo, DOI 10.6092, unibo/amsdottorato/6107.
- Paselli A. (2015), “Pedopornografia online, metodologie di contrasto e analisi forense”, in Maioli C. (2015) (a cura di), Questioni di Informatica Forense, Roma, Aracne.
- Maioli C., Cugnasco R. (2008), Profili normativi e tecnici delle intercettazione telefoniche: dai sistemi analogici al Voice over IP, Bologna, Gedit.
- Vaciago G. (2012)., Digital evidence, Torino, Giappichelli.
- Maggipinto A., Iaselli M. (a cura) (2005), Sicurezza e anonimato in rete, Milano, Nyberg.
- Mariotti S., Tacconi S. (2008), "Riflessioni sulle problematiche investigative e di sicurezza connesse alle comunicazioni VoIP", in Diritto dell’Internet, n. 6.
Cloud computing for computer forensics
Cloud computing is a business model in which IT resources are not purchased, but rather consumed as a service. The idea of computational resources payable in an amount proportional to user requirements and accordingly priced out dates back to the 60s, but only in the last decade, tremendous progress has been made in the management of the data center by pioneers such as Amazon or Google have resulted in savings of scale such as to reduce costs at the level of traditional utilities such as gas or water. The Cloud is transforming the traditional approach of private companies and public administrations have always had towards information technology, and seems destined to assume an importance comparable to that of mobile phones. The pervasive availability of computing power and storage space at low cost can be translated from one side of the extraordinary opportunities for forensic experts to find in the Cloud a formidable ally to conduct the analysis of digital artefacts in a more efficient and timely manner. On the other hand, however, this implies an increased possibility that such services can be used to accommodate and process data on computer crime and traditional, such as credit card numbers or stolen user credentials. Research is done therefore to develop this dual role played by the Cloud in respect of computer forensics and thus it has the following objectives:
- analyze the requirements, design and implement a prototype of a platform for forensic analysis of digital artefacts, based on web services that can be delivered by cloud providers and accessible by a browser client installed on fixed or mobile;
- assess under what conditions the provider can be a private entity or a business one;
- evaluate the problems of adherence to the Privacy Code (Legislative Decree no. 196/2003, applicable pursuant to art. 5 for treatments performed within the state of information held abroad), connected with the transfer into the "cloud" of data of investigative nature, especially as regards to the criteria for the sharing of responsibilities between customer and supplier in order to implement the security measures provided for by the Code;
- analyze the requirements, design and implement a prototype for an application that could allow remote browsing of personal data in such areas as Dropbox and Google Drive logic, copying all the contents including deleted files and historical revisions of documents;
- revisit the concept of repeatability of the technical assessments (Art. 360 and 117 Cpp Reg. Att. cpp) in the case of acquisitions from remote areas of personal storage.
- Federici C. (2015), “Nuovi orizzonti per l’acquisizione remota di Personal Cloud Storage”, in Maioli C. (2015) (a cura di), Questioni di Informatica Forense, Roma, Aracne.
- Federici C. (2014) The twofold role of Cloud Computing in Digital Forensics: target of investigations and helping hand to evidence analysis, Alma Mater Studiorum Università di Bologna. Dottorato di ricerca in Diritto e nuove tecnologie, 26 Ciclo. DOI 10.6092, /unibo/amsdottorato/6694.
- Federici C. (2014), "Cloud Data Imager: a unified answer to remote acquisition of cloud storage areas", in Digital Investigation, 11 (1), ScienceDirect.
- Federici C. (2013), "AlmaNebula: a computer forensics framework for the Cloud", in Proceedings Computer Science 19, Elsevier.
- Federici C., Mauro A. (2011), "Cloud Computing for Government and Military" in Security and Privacy in organizational Cloud Computing, Hershey e New York, IGI Global.
- National Institute for Standards and Technology (2010), The NIST definition of Cloud Computing, http://csrc.nist.gov/groups/SNS/cloud-computing/index.html.
- Istituto italiano privacy, (2009), Cloud computing e protezione dei dati personali: la privacy ed il web globale, rischi e risorse per i cittadini della rete, in http://download.microsoft.com/download/F/7/E/F7E62AF8-9126-4184-B2A6-9A43F51C1995/Cloud_Computing_Privacy.pdf.
ISO standards in the field of computer forensics
Recently, the ISO issued ISO/IEC 27037:2012 in the final version. It provides guidelines regarding the identification, collection, acquisition and preservation of computer artifacts. Compared to the past, when the guidelines were disseminated and updated regularly by various bodies and organizations, in this case the source is the international organization that deals with Standard.
This line of research aims to study in depth, possibly identifying deficiencies, the guidelines, identifying points of contact with other standards (technical regulations) and laws (legislation).
The technical advisor and expert in computer forensics
This line of research based on the study of national and supranational legislative framework, the ISO / IEC 27037/12 (Information technology - Security techniques - Guidelines for identification, collection, acquisition and preservation of digital evidence), as well as cases from the jurisprudence, identifies best practices that the consultant of the judge, the expert of the prosecutor office and the technical consultants are required to take when providing advice and litigation in court, ex officio or for a part.
- Caccavella D e Ferrazzano M. (2015), “Identificazione di furto (copia) di dati riservati tra analisi stocastica ed eventi sentinella”, in Maioli C. (2015) (a cura di), Questioni di Informatica Forense, Roma, Aracne.
- Maioli C., Gammarota A., Rabbito C. (2004), "L’attività del perito e le best practices", in Ziccardi G. (a cura), Atti ICLC.
- Caccavella D. (2005), "Sugli accertamenti tecnici”, in Costabile G. (a cura), Sicurezza e privacy: dalla carta ai bit - Manuale per aziende, studi professionali, pubblica amministrazione, Forlì, Experta.
- Caccavella D. (2006), "Gli accertamenti tecnici in ambito informatico e telematico", in Aterno S., Mazzotta P. (a cura), La perizia e la consulenza tecnica, Padova, Cedam.
Law 48/2008 and earlier rules and judgments
The standard reference for computer forensics activities in Italian law is the law no. 48 of 18/03/2008 of Ratification of the Budapest Convention. It provides the normative elements of reference, identifies the powers of investigation and preparation of the means of international cooperation and presents a set of tools for computer investigations to be addressed on the basis of scientific and technical principles of reliability, the adoption of which have committed all signatory countries.
However, the application of this law still has many critical point of legal, theoretical and practical nature.
This research topic covers issues related to: scientific laws, technology, and investigations; investigations on digital artefacts; investigation and processing of personal data; investigations done by defence counsel regarding informatics; defensive investigations and privacy; legal education; consultancy and technical expert witness in the field of computer science; legal and practical aspects of the adoption of open source and proprietary tools.
Moreover, part of this area of research treats the analysis of the case law of merit and legitimacy on issues pertaining to the computer evidences in both criminal and civil legal environments, and in all other areas of forensic (military, fiscal, administrative, accounting, etc.) in which it arises the need for research, analysis and evaluation of digital evidences.
- Sanguedolce E. (2012), “Informatica forense e legge 48/2008”, in www.bit2law.wordpress.com.
- E. Sanguedolce (2012), Modalità di acquisizione e valutazione della prova informatica, Ilmiolibro, Feltrinelli.
- A. Gammarota (2010), Appunti del ciclo di seminari su Profili giuridici dell'Informatica Forense, A.A. 2010/2011, Bologna, Facoltà di Giurisprudenza.
- G. Corasaniti, Corrias Lucente G. (Eds.) (2009), Cybercrime, responsabilità degli utenti, prova digitale, Padova, Cedam.
The Online criminal trial
The research project is framed within legal informatics (e-justice) in the use of ICT in the criminal trial, less studied than the civil trial, although it is also plagued by a significant crisis of efficiency. The analysis and design of such a system is parameterized with respect to an ideal conceptual model that sees all the software applications developed for the various stages and degrees of judgment entered in a single "value chain" of the criminal process; from this perspective it becomes clear the importance of proper management of information: non-redundancy, quantity, accuracy, updating, fast access to the same factors that are crucial to the criminal trial so that the efficiency of the information system and the quality of justice dispensed are strongly interrelated.
The aim of the research is to identify what are the conditions in which the efficiency can be actually achieved and, more importantly, to check what are the technological choices that can preserve or even enhance the principles and safeguards of the criminal process without affecting on the balance of the process itself, i.e., without altering the delicate balance of power between the rights at stake (rights of the accused/convicted - social rights of the defence).
The classification and evaluation of projects has been prepared in view of the different process phases (preliminary investigations to criminal enforcement) of the parties involved, regulatory and organizational procedures of the criminal process.
The research considers the international scene with particular attention to the context of the European Union and examines the responses to the phenomena of transnational crime that favour the use of information and communication technologies, focusing in particular on cross-border exchange of information, cooperation disclosures, made with the interconnection of different information systems of national, judicial and enforcing nature.
- De Rugeriis G. (2015), “Effetti delle innovazioni tecnologiche sul processo penale”, in Maioli C. (2015) (a cura di), Questioni di Informatica Forense, Roma, Aracne.
- Moffa S. (2015), “Verso il processo penale telematico”, in Maioli C. (2015) (a cura di), Questioni di Informatica Forense, Roma, Aracne.
- De Rugeriis, G. (2012) L'utilizzo delle ICT nel processo penale, Alma Mater Studiorum Università di Bologna. Dottorato di ricerca in Diritto e nuove tecnologie, 24 Ciclo, DOI 10.6092, /unibo/amsdottorato/5070.
- De Rugeriis G. (2010), "The Online Criminal Trial in Italy Seeks an Identity", in Proceedings of the 10th European Conference on e-Government, 2010, Academic Publishing Limited, pp. 492 - 499
Computer investigation in collaboration with the cultural Tomás y Valiente Cátedra the Universidad La Laguna
The Cultural Cátedra "Francisco Tomás y Valiente" carries out activities of interest to judges, magistrates, academics, police, lawyers and professionals interested in the law.
It has initiated a research collaboration with Cirsfid on issues of computer forensics.
Formally, two symposia were held in 2012 and 2013, where all members of the research teams gave presentations and seminars; the topics of interest are:
- The activity of investigation and analysis in computer forensics;
- Field applications of computer forensics.
In 2014 bitcoin issues were considered as a new research field.
- Perugini M. L. (2015), “Digital curency” in Maioli C. (2015) (a cura di), Questioni di Informatica Forense, Roma, Aracne.
- Perugini M. L. e Maioli C. (2015), “Bitcoin between digital currency and financial commodity”, SSRN n. 2526207.
Land Registry within the INSPIRE Directive
The name of the project, funded by the Ministry of Research and Technology of Spain, 2008-2014, is "El Registro de la Propiedad vertebrador como instrumento de la Información territorial; datos, metadatos espaciales y INSPIRE-directive". In 2015 it was approved an extension, until 2018, entitled "Situación actual y Perspectivas de futuro de la información registral: hacia un nuevo modelo de administración the territory."
The research starts considering the role of the Cadstre, seen from the plans of e-government as a geographic information system specializing in real estate tax information for all purposes, in view of its integration into the wider context of Geographic Information Systems of PA, with other geographic information systems, through actions and definition of specific arrangements. The agreements that have been signed are aimed at improving geographical interoperability .
Cadastral information are an important component of the European Spatial Information Infrastructure as defined in Directive 2007/2 / EC (INSPIRE): the cadastral parcel is of vital importance for this infrastructure, providing reference data crucial for interoperability of spatial information .
Creating Spatial Information Infrastructures at local, national and supranational provides distributed access to information on the properties and map layers that are needed by the users of spatial data dealing with the environment, housing, transport, culture, agriculture, tourism. A cadastral system and public availability of real estate data that function efficiently is the backbone of the administration of the territory, and support many administrative and economic activities in the territory. The integration into Geographic Information Infrastructure - mainly with geographical data on real estate, such as map data and toponomastic information - provides effective tools for users to access information on the ownership, value and use.
- Sánchez Jordán M. E. (2015), “La mediación como mecanismo de intercambio de la información en el ámbito de la Directiva INSPIRE”, in Gestión territorial y posibilidad de mediación, Alicante.
- Sánchez Jordán M. E. (2014), “Informazione territoriale e Direttiva INSPIRE: il caso spagnolo” in Le prospettive dell’investimento immobiliare per una buona economia, Convegno del Notariato, Bologna.
- Sánchez Jordán M. E. (2014), “Bancos de conservación de la naturaleza y Registro de la propiedad Nombre del congreso” in XVI Congreso Nacional de Tecnologías de la Información Geográfica, Alicante.
- Maioli C. (2014), “Spatial Information and Big Data”, ” in XVI Congreso Nacional de Tecnologías de la Información Geográfica, Alicante.
- Sánchez Jordán M. E. (2013), El impacto de las nuevas tecnologías en la publicidad registral, monografía asociada a la revista Aranzadi Derecho y Nuevas Tecnologías, Cizur Menor, Thomson-Reuters Aranzadi.
- Maioli C. (2013), "Linked open data and Inspire", nel precedente
- Sánchez Jordan M. E. (2012), "Nuevas técnicas de identificación de las fincas: su aplicación al deslinde" in Anuario de Derecho Anuario de Derecho Civil. LXV - III, Madrid.
- Sánchez Jordán M. E. (2011), La información territorial en el registro de la propiedad : la incidencia de la directiva Inspire y de las bases gráficas registrales, monografía asociada a la revista Aranzadi de Derecho patrimonial, Cizur Menor, Thomson-Reuters Aranzadi.
- Maioli C. (2011), "Sul recepimento della Direttiva INSPIRE in Italia", nel precedente
- Sánchez Jordán M. E., Falcinelli A. (2010), The New European Infrastructure for Spatial Data: the Implementation of the INSPIRE Directive in the United Kingdom, FID Cirsfid n. 19, Bologna, Gedit.
- Maioli C., Sánchez Jordán M. E. (2009), "The role of the Land Registry within the INSPIRE Directive", in GSDI World Conference and 3rd INSPIRE Conference, Rotterdam.
- Maioli C., Sánchez Jordán M. E. (2008), "A comparative Italian-Spanish analysis of spatial information and right of access", in International Conference on Information & Communication Technologies (ITTCA and IEEE) Proceedings, Damascus, IEEE.