Pypette: A Platform for the Evaluation of Live Digital Forensics
نویسندگان
چکیده
Live digital forensics presents unique challenges with respect to maintaining forensic soundness, but also offers the ability to examine information that is unavailable to quiescent analysis. Any perturbation of a live operating system by a forensic examiner will have far-reaching effects on the state of the system being analysed. Numerous approaches to live digital forensic evidence acquisition have been proposed in the literature, but relatively little attention has been paid to the problem of identifying how the effects of these approaches, and their improvements over other techniques, can be evaluated and quantified. In this paper, the authors present Pypette, a novel platform enabling the automated, repeatable analysis of live digital forensic acquisition techniques.
منابع مشابه
A Platform for the Evaluation of Live Digital Forensics
Live digital forensics presents unique challenges with respect to maintaining forensic soundness, but also offers the ability to examine information that is unavailable to quiescent analysis. Any perturbation of a live operating system by a forensic examiner will have far-reaching effects on the state of the system being analysed. Numerous approaches to live digital forensic evidence acquisitio...
متن کاملPypette: A Framework for the Evaluation of Live Digital Forensic Acquisition Techniques
With the increasing scale of digital forensic investigations, there is a need for approaches that are capable of reducing the quantities of data forensic examiners are required to search. As this trend continues, traditional quiescent digital forensic analysis is in some cases becoming impractical; examiners must often rely on an in-situ investigation of the live computing environment. Numerous...
متن کاملPypette: A Framework for the Automated Evaluation of Live Digital Forensic Techniques
With the increasing scale of digital forensic investigations, there is a need for approaches that are capable of reducing the quantities of data forensic examiners are required to search. Meanwhile, as anti-forensic and encryption techniques evolve, there is an increasing need to capture relevant information from a machine before powering it off. Numerous approaches to live forensic evidence ac...
متن کاملProcedures for a Harmonised Digital Forensic Process in Live Forensics
Cloud computing is a novel computing paradigm that presents new research opportunities in the field of digital forensics. Cloud computing is based on the following principles: on-demand self-service, broad network access, resource pooling, rapid elasticity and measured service. These principles require that cloud computing be distributed internationally. Even if the cloud is hosted locally, it ...
متن کاملAnalyzing registry, log files, and prefetch files in finding digital evidence in graphic design applications
The products of graphic design applications leave behind traces of digital information which can be used during a digital forensic investigation in cases where counterfeit documents have been created. This paper analyzes the digital forensics involved in the creation of counterfeit documents. This is achieved by first recognizing the digital forensic artifacts left behind from the use of graphi...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IJDCF
دوره 4 شماره
صفحات -
تاریخ انتشار 2012