Column: File Cabinet Forensics
نویسنده
چکیده
Reverse Engineering is the traditional bread-and-butter of digital forensics research. Companies like Microsoft and Apple deliver computational artifacts (operating systems, applications and phones) to the commercial market. These artifacts are bought and used by billions. Some have evil intent, and (if society is lucky), the computers end up in the hands of law enforcement. Unfortunately the original vendors rarely provide digital forensics tools that make their systems amenable to analysis by law enforcement. Hence the need for reverse engineering.
منابع مشابه
Disguisable Symmetric Encryption Schemes for an Anti-forensics Purpose
In this paper, we propose a new notion of secure disguisable symmetric encryption schemes, which captures the idea that the attacker can decrypt a cipher text he encrypted to different meaningful values when different keys are put to the decryption algorithm. This notion is aimed for the following anti-forensics purpose: the attacker can cheat the forensics investigator by decrypting an encrypt...
متن کاملForensic Data Carving
File or data carving is a term used in the field of Cyber forensics. Cyber forensics is the process of acquisition, authentication, analysis and documentation of evidence extracted from and/or contained in a computer system, computer network and digital media. Extracting data (file) out of undifferentiated blocks (raw data) is called as carving. Identifying and recovering files based on analysi...
متن کاملFile System Journal Forensics
Journaling is a relatively new feature of modern file systems that is not yet exploited by most digital forensic tools. A file system journal caches data to be written to the file system to ensure that it is not lost in the event of a power loss or system malfunction. Analysis of journal data can identify which files were overwritten recently. Indeed, under the right circumstances, analyzing a ...
متن کاملOn metadata context in Database Forensics
Database Forensics is an important topic that has received hardly any research attention. This paper starts from the premise that this lack of research is due to the inherent complexity of databases that is not fully understood in a forensic context yet. The paper considers the relevant differences between file systems and databases and then transfers concepts of File System Forensics to Databa...
متن کاملAnalyzing registry, log files, and prefetch files in finding digital evidence in graphic design applications
The products of graphic design applications leave behind traces of digital information which can be used during a digital forensic investigation in cases where counterfeit documents have been created. This paper analyzes the digital forensics involved in the creation of counterfeit documents. This is achieved by first recognizing the digital forensic artifacts left behind from the use of graphi...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- JDFSL
دوره 6 شماره
صفحات -
تاریخ انتشار 2011