archives

forensic methodology

This tag is associated with 9 posts

Windows 8: Important Considerations for Computer Forensics and Electronic Discovery

Introduction Documents identified by computer forensic investigations in civil litigation typically require review and analysis by attorneys to determine if the uncovered evidence could support causes of action such as breach of contract, breach of fiduciary duty, misappropriation of trade secrets, tortious interference, or unfair competition.  In addition, bit-for-bit forensic imaging of workstations is also … Continue reading

Retrieving Digital Evidence: Methods, Techniques and Issues

by Yuri Gubanov yug@belkasoft.com Belkasoft Ltd. http://belkasoft.com Abstract This article describes the various types of digital forensic evidence available on users’ PC and laptop computers, and discusses methods of retrieving such evidence. Download article in PDF format Introduction A recent research conducted by Berkeley scientists concluded that up to 93% of all information never leaves the digital domain. This … Continue reading

Mobile Phone Forensic Challenges

Introduction A great number of the mobile phones used worldwide every second require special knowledge and skills from forensic experts.  More often it is not enough to be an experienced expert in computer forensics to understand all the peculiarities and difficulties of the mobile forensics. This article describes technical problems encountered by specialists in mobile … Continue reading

Firefox Cache Format and Extraction

Introduction In the forensic lab where I work, we frequently investigate malware-infected workstations.  As our user population started shifting from Internet Explorer to Firefox, we observed that one of our favorite forensic tools, Kristinn Gudjonsson’s log2timeline, wasn’t able to provide as much data for Firefox as it was for IE.  The missing component was cache … Continue reading

Forensic Imaging of Hard Disk Drives- What we thought we knew

By Todd G. Shipley and Bryan Door (A complete copy of this white paper and its figures and diagrams can be found at http://www.nfdrtc.net). WHAT WE HAVE BEEN TAUGHT Imaging of hard drives has been the main stay of the “Science” part of digital forensics for many years.  It has been articulated by many, including us, … Continue reading

The Enhanced Digital Investigation Process Model

First published September 2005 Venansius Baryamureeba and Florence Tushabe barya@ics.mak.ac.ug, tushabe@ics.mak.ac.ug Institute of Computer Science, Makerere University P.O.Box 7062, Kampala Uganda http://www.makerere.ac.ug/ics May 27, 2004 Abstract Computer crimes are on the rise and unfortunately less than two percent of the reported cases result in conviction. The process (methodology and approach) one adopts in conducting a … Continue reading

Collecting And Preserving Electronic Media

First published May 2005 by Joan E. Feldman, President Computer Forensics Inc. http://www.forensics.com The discovery process in civil litigation has always been a critical and sometimes confusing area for attorneys. Most attorneys have wondered, at one time or another, whether they pursued all leads and uncovered all material that could help them to prevail. It … Continue reading

Computer Forensics – A Business Tool

First published March 2005 by Andy Fox Director Audax Digital Forensics http://www.audaxuk.com March 2005 Computer forensics has become an increasingly important part of IT security. A 2003 survey carried out on 201 companies by the National High Tech Crime Unit (in the UK) showed that computer related crime is costing an estimated GBP195 million nationally … Continue reading

Data Forensics – The smoking gun may be a click away

First published September 2004 By PAUL G. LEWIS Lewis is the founding partner of PG Lewis & Associates of Whitehouse Station, a data forensics firm. http://www.pglewis.com Enquiries to Rob Kleeger, rkleeger@pglewis.com This article is reprinted with permission from the SEPTEMBER 13, 2004 issue of the New Jersey Law Journal. ©2004 ALM Properties, Inc. Further duplication … Continue reading

Follow

Get every new post delivered to your Inbox.

Join 695 other followers