Defining Digital Forensic Examination and Analysis Tool Using Abstraction Layers
نویسنده
چکیده
This paper uses the theory of abstraction layers to describe the purpose and goals of digital forensic analysis tools. Using abstraction layers, we identify where tools can introduce errors and provide requirements that the tools must follow. Categories of forensic analysis types are also defined based on the abstraction layers. Abstraction layers are not a new concept, but their usage in digital forensic analysis is not well documented.
منابع مشابه
Cloud Computing Log Evidence Forensic Examination Analysis
Forensic analysis in the context of physical evidence is a relatively mature field. The computerization of society has led to the emergence of digital forensics and now the popularity of cloud computing has sparked interest into cloud forensics. Our goal in this paper is to enable cloud forensics, by using the theory of abstraction layers to describe the purpose and goals of virtual machine (VM...
متن کاملRecognition of Sequence of Print and Ink Strokes: Investigation the Effect of Handwriting Pressure, Hue of Ink, Printer and Paper Type
By introducing of digital techniques, forensic document examiners has been encouraged to work with better accuracy in non-destructive ways. The aim of this study was to present a non-destructive, accessible, economic (affordable), user friendly, portable, useful and easy technique for specifying the order of crossing lines of ink stroke and printed text. The intersections of LaserJet and In...
متن کاملAn Examination of Digital Forensic Models
Law enforcement is in a perpetual race with criminals in the application of digital technologies, and requires the development of tools to systematically search digital devices for pertinent evidence. Another part of this race, and perhaps more crucial, is the development of a methodology in digital forensics that encompasses the forensic analysis of all genres of digital crime scene investigat...
متن کاملA study of forensic & analysis tools
There are a wide range of forensic and analysis tools to examine digital evidence in existence today. Traditional tool design examines each source of digital evidence as a BLOB (binary large object) and it is up to the examiner to identify the relevant items from evidence. In the face of rapid technological advancements we are increasingly confronted with a diverse set of digital evidence and b...
متن کاملIdentifying Evidence for Implementing a Cloud Forensic Analysis Framework
Cloud computing provides several benefits to organizations such as increased flexibility, scalability and reduced cost. However, it provides several challenges for digital forensics and criminal investigation. Some of these challenges are the dependence of forensically valuable data on the deployment model, multiple virtual machines running on a single physical machine and multiple tenancies of...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IJDE
دوره 1 شماره
صفحات -
تاریخ انتشار 2003