Forensic analysis of GPT disks and GUID partition tables
نویسنده
چکیده
Modern computers are beginning to surpass the design limitations of the aging DOS/MBR partition tables and BIOS boot system. As disk sizes begin to exceed two terabytes and hardware vendors begin to transition from BIOS to EFI, understanding GPT disks in forensic examinations becomes useful. This practitioner paper provides an overview of the GUID Partition Table (GPT) scheme from the perspective of the digital forensic investigator. Methods of analysis and acquisition are shown, and artifacts of forensic relevance are identi ed. The target audience for this paper is digital forensic practitioners and forensic tool developers.
منابع مشابه
The Generalized Pignistic Transformation
This paper presents in detail the generalized pignistic transformation (GPT) succinctly developed in the Dezert-Smarandache Theory (DSmT) framework as a tool for decision process. The GPT allows to provide a subjective probability measure from any generalized basic belief assignment given by any corpus of evidence. We mainly focus our presentation on the 3D case and provide the complete result ...
متن کاملModified GPT Cryptosystem for Information Network Security
To provide information security in network we use the public key GPT (Gabidulin–Paramonov–Tretiyakov) cryptosystem based on rank codes. This cryptosystem was the subject of several attacks. Some of them were structural attacks, others were decoding attacks. In our opinion the most dangerous are structural attacks because decoding attacks can be prevented by proper choice of parameters. To preve...
متن کاملField Evaluation of the Nutrient Removal Performance of a Gross Pollutant Trap (GPT) in Australia
Field testing of a proprietary stormwater treatment device (GPT) was undertaken over a one year period at a commercial site located in Sippy Downs, Queensland. The focus of the study was primarily on evaluating the effectiveness of the GPT device in removing pollution in the form of nutrients (Total Suspended Solids, Total Nitrogen, Total Phosphorus) from stormwater runoff. Water quality analys...
متن کاملTESLA Report 2003-04 3D Space-charge model for GPT simulations of high-brightness electron bunches
Abstract. For the simulation of high-brightness electron bunches, a new 3D space-charge model is being implemented in the General Particle Tracer (GPT) code. It is based on a non-equidistant multigrid solver, allowing smooth transitions from a high to a low-aspect ratio bunch during a single run. The algorithm scales linearly in CPU time with the number of particles and the insensitivity to asp...
متن کاملCombating Information Hiding Using Forensic Methodology
Advancement in disk technology led to the development of hard disks of terra byte sizes. Users have the option to divide the storage into a number of partitions based on the nature of uses. In case of Master Boot Record partitioning scheme, whenever a partition is created, the complete track containing MBR/EMBR of the storage media is reserved to store boot information and partition table infor...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Digital Investigation
دوره 6 شماره
صفحات -
تاریخ انتشار 2009