Time Analysis of Hard Drive Imaging Tools
نویسندگان
چکیده
Computer hard drives often contain evidence that is vital to digital forensic investigations. However, an authenticated working copy or “forensic image” of a suspect hard drive must be created before any data can be analyzed. As the capacities of modern hard drives increase, the time taken to create a forensic image, let alone analyze the data, increases significantly. This paper investigates two popular hard drive imaging tools, ICS ImageMASSter SOLO III and Logicube Talon. The results of the imaging experiments and timing analysis provide valuable guidance on selecting the appropriate imaging tool for digital forensic
منابع مشابه
Software Tools for the Analysis of Functional Magnetic Resonance Imaging
Functional magnetic resonance imaging (fMRI) has become the most popular method for imaging of brain functions. Currently, there is a large variety of software packages for the analysis of fMRI data, each providing many features for users. Since there is no single package that can provide all the necessary analyses for the fMRI data, it is helpful to know the features of each software package. ...
متن کاملManipulation of hard drive firmware to conceal entire partitions
Tools created by the computer hacking community to circumvent security protection on hard drives can have unintentional consequences for digital forensics. Tools originally developed to circumvent Microsoft’s Xbox 360 hard drive protection can be used, independently of the Xbox 360 system, to change the reported size/model of a hard drive enabling criminals to hide data from digital forensic so...
متن کاملLow Budget Forensic Drive Imaging Using ARM Based Single Board Computers
Traditional forensic analysis of hard disks and external media typically involves a “dead analysis” of a powered down machine. Forensic acquisition of hard drives and external media has traditionally been accomplished by one of several means: standalone forensic duplicator; using a hardware write-blocker or dock attached to a laptop, computer, workstation, etc.; forensic operating systems that ...
متن کاملLin4Neuro: a customized Linux distribution ready for neuroimaging analysis
BACKGROUND A variety of neuroimaging software packages have been released from various laboratories worldwide, and many researchers use these packages in combination. Though most of these software packages are freely available, some people find them difficult to install and configure because they are mostly based on UNIX-like operating systems. We developed a live USB-bootable Linux package nam...
متن کاملThe Impact of Hard Disk Firmware Steganography on Computer Forensics
The hard disk drive is probably the predominant form of storage media and is a primary data source in a forensic investigation. The majority of available software tools and literature relating to the investigation of the structure and content contained within a hard disk drive concerns the extraction and analysis of evidence from the various file systems which can reside in the user accessible ...
متن کامل