archives

Uncategorized

This category contains 15 posts

Extracting Evidence from Destroyed Skype Logs and Cleared SQLite Databases

Summary This article describes common approaches used for the recovery of cleared Skype histories and deleted chat logs, and discusses methods and techniques for recovering evidence from cleared and damaged SQLite databases. Introduction It is difficult to underestimate popularity of Skype. Hundreds of millions of people use Skype every day, generating a lot of potential … Continue reading

Does Deviant Pornography Use Follow A Guttman-Like Progression?

by Kathryn C. Seigfried-Spellar (a), Marcus K. Rogers (b) (a) The University of Alabama, Tuscaloosa, AL 35487, USA (b) Purdue University, West Lafayette, IN 47907, USA Abstract This study investigated whether deviant pornography use followed a Guttman-like progression in that a person transitions from being a nondeviant to deviant pornography user. In order to observe … Continue reading

Cyberbullying – a growing concern in a connected society

Megan Meier was just twelve years old when the events began that would ultimately lead to her death. Like many teenagers, Megan had accounts on common social networks, including MySpace, where she first met “Josh Evans”. Ostensibly a sixteen-year old boy, “Josh” was actually an accumulation of Sarah, an old friend of Megan’s, Sarah’s mother, … Continue reading

KS – an open source bash script for indexing data

KS – an open source bash script for indexing data ABSTRACT:  This is a keywords searching tool working on the allocated, unallocated data and the slackspace, using an indexer software and a database storage . Often during a computer forensics analysis we need to have all the keywords indexed into a database for making many … Continue reading

Bad Sector Recovery

Bad Sector Recovery Hard drives are built in a way so that they never return unreliable data. This means that if a hard drive cannot guarantee 100 percent accuracy of the data requested, it will simply return an error and will never give away any data at all. This article explains how bad sector recovery … Continue reading

Forensic Artifact: Malware Analysis in Windows 8

Windows is the most used operating system worldwide. I have met a lot of IT guys in my country and also other computer elites. My discovery was that 90 percent of them use Windows. I felt maybe that was just in my country, then I decided to contact some friends from UK, USA, India, and … Continue reading

Forensic Analysis of Windows 7 Jump Lists

Forensic Analysis of Windows 7 Jump Lists Abstract The release of Microsoft Windows 7 introduced a new feature known as Jump Lists which present the user with links to recently accessed files grouped on a per application basis.  The records maintained by the feature have the potential to provide the forensic computing examiner with a … Continue reading

The need for Transnational and State-Sponsored Cyber Terrorism Laws and Code of Ethics

Today, terrorists are making the best use of information technology to carry out their objectives. The NATO definition of cyber terrorism is “a cyber attack using or exploiting computer or communication networks to cause sufficient destruction to generate fear or to intimidate a society into an ideological goal” (Everard P, 2007 p 119). Cyber terrorism … Continue reading

IPOD – Timestamps secrets

ABSTRACT This is a description how the Apple Ipod/Iphone stores the timestamps into their plist files. After an experiment we tried to order the various ways that Apple Idevices manage and store these data. We found the timestamps into PlayCounts.plist are in local time and not in absolute time GMT. During an experiment on an … Continue reading

New Linux Distro for Mobile Security, Malware Analysis, and Forensics

by Jay Turla, a contributor to InfoSec Resources. A new GNU/Linux distribution or distro designed for helping you in every aspect of your mobile forensics, mobile malware analysis, reverse engineering and security testing needs and experience has just been released and its alpha version is now available for download. It’s called Santoku Linux. Santoku is a general … Continue reading

Computer Analysts and Experts – Making the Most of GPS Evidence

by Professor David Last http://www.professordavidlast.co.uk The many companies that sell software for computer forensics have developed products for analysing satellite navigators. Police high tech crime units and independent laboratories now use this software on an industrial scale. Computer technicians conduct the analyses. This is home territory for them, since the biggest component of a vehicle … Continue reading

Forensic Examination of FrostWire version 5

Introduction As digital forensic practitioners, we are faced regularly  with users utilizing the internet to swop and download copyrighted and contraband material. Peer to peer (P2P) applications are commonly used for this purpose, and like any software application, they is ever changing, and ever evolving. This paper will discuss how the P2P software application, FrostWire … Continue reading

Firefox Forensics

I was showing someone a trick to export Firefox SQLite tables to a spread sheet, and while she is a forensics person, she had never ever heard of this trick. It is neat enough to know when working off an image to pull the entire history of a Firefox user by using the SQLite table … Continue reading

Dealing with Data Encryption in Criminal Cases

Introduction Over the last several years, I’ve posted a handful of short blog entries about the topic of compelling a criminal defendant to surrender a passphrase to an encrypted volume or hard-drive.  These entries concern the three cases of re Grand Jury Subpoena Duces Tecum Dated March 25, 2011, United States v. Fricosu, (D.Colo, 2012), and In … Continue reading

Anonymous, what does it mean?

Anonymous, a word which Merriam-Webster describes as: of unknown authorship or origin, not named or identified, or lacking individuality, distinction, or recognizability. There are some in this world that wish to remain anonymous, not named or identified. Sure I am one of these people, but I have my reasons. With the work that I do, … Continue reading

Follow

Get every new post delivered to your Inbox.

Join 2,041 other followers