Digital Evidence Handling Using Autopsy
نویسندگان
چکیده
The Autopsy Forensics Browser is a graphical interface to The Sleuth Kit (TASK). Autopsy is a free and open Source Windows-based digital forensics platform for diagnose an event. It is capable of analysing disk images, local drives and directories in order to determine possible causes of an event in a read-only environment. It was designed to be an extensible platform so that it can be an end-to-end digital forensics solution that incorporates plug-in modules from both open and closed source projects. This paper represents the process of installation of Autopsy 3.1.1, ingestion of data, analysing of data and features of the current version of software.
منابع مشابه
Digital Evidence Cabinets: A Proposed Framework for Handling Digital Chain of Custody
Chain of custody is the procedure to do a chronological documentation of evidence, and it is an important procedure in the investigation process. Both physical and digital evidence is an important part in the process of investigation and courtroom. However, handling the chain of custody for digital evidence is more difficult than the handling of physical evidence. Nevertheless, the handling of ...
متن کاملویرتوپسی، مکملی برای اتوپسی
Background & Aims: A utopsies are recognized as valuable medical procedures. A number of digital radiology techniques, including multislice CT, MRI, and photogrammetry with 3D surface scanning have the potential to change traditional autopsy and improve the reliability of results. Virtual Autopsy is a non-invasive procedure with no damage to the tissues. Noninvasive virtual autopsying could...
متن کاملDigital Forensics Compute Cluster: A High Speed Distributed Computing Capability for Digital Forensics
We have developed a distributed computing capability, Digital Forensics Compute Cluster (DFORC2) to speed up the ingestion and processing of digital evidence that is resident on computer hard drives. DFORC2 parallelizes evidence ingestion and file processing steps. It can be run on a standalone computer cluster or in the Amazon Web Services (AWS) cloud. When running in a virtualized computing e...
متن کاملUsing Keyword Search Terms in E-Discovery and How They Relate to Issues of Responsiveness, Privilege, Evidence Standards, and Rube Goldberg
[1] The emergence of digital evidence and the widespread implementation of e-discovery has brought both benefit and repercussion. In many respects, digital evidence has proven to be a better truth detector than its paper counterpart. At the same time, the volumes in which digital evidence exists make time-tested discovery techniques impractical. In fact, so significant are the technological dif...
متن کاملDigital Evidence Bag Selection for P2P Network Investigation
The collection and handling of court admissible evidence is a fundamental component of any digital forensic investigation. While the procedures for handling digital evidence take much of their influence from the established policies for the collection of physical evidence, due to the obvious differences in dealing with non-physical evidence, a number of extra policies and procedures are require...
متن کامل