Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 5 of 5
Full-Text Articles in Entire DC Network
Acquisition Of Evidence From Network Intrusion Detection Systems, Brian Cusack, Muteb Alqahtani
Acquisition Of Evidence From Network Intrusion Detection Systems, Brian Cusack, Muteb Alqahtani
Australian Digital Forensics Conference
The literature reviewed suggests that Network Intrusion Systems (NIDS) are valuable tools for the detection of malicious behaviour in network environments. NIDS provide alerts and the trigger for rapid responses to attacks. Our previous research had shown that NIDS performance in wireless networks had a wide variation under different workloads. In this research we chose wired networks and asked the question: What is the evidential value of NIDS? Three different NIDS were tested under two different attacks and with six different packet rates. The results were alarming. As the work loading increased the NIDS detection capability fell rapidly and as …
Identifying Bugs In Digital Forensic Tools, Brian Cusack, Alain Homewood
Identifying Bugs In Digital Forensic Tools, Brian Cusack, Alain Homewood
Australian Digital Forensics Conference
Bugs can be found in all code and the consequences are usually managed through upgrade releases, patches, and restarting operating systems and applications. However, in mission critical systems complete fall over systems are built to assure service continuity. In our research we asked the question, what are the professional risks of bugs in digital forensic tools? Our investigation reviewed three high use professional proprietary digital forensic tools, one in which we identified six bugs and evaluated these bug in terms of potential impacts on an investigator’s work. The findings show that yes major brand name digital forensic tools have software …
Tracing Usb Device Artefacts On Windows Xp Operating System For Forensic Purpose, Victor Chileshe Luo
Tracing Usb Device Artefacts On Windows Xp Operating System For Forensic Purpose, Victor Chileshe Luo
Australian Digital Forensics Conference
On Windows systems several identifiers are created when a USB device is plugged into a universal serial bus. Some of these artefacts or identifiers are unique to the device and consistent across different Windows platforms as well as other operating systems such as Linux. Another key factor that makes these identifiers forensically important is the fact that they are traceable even after the system has been shut down. Hence they can be used in forensic investigations to identify specific devices that have been connected to the system in question
Structural Analysis Of The Log Files Of The Icq Client Version 2003b, Kim Morfitt
Structural Analysis Of The Log Files Of The Icq Client Version 2003b, Kim Morfitt
Australian Digital Forensics Conference
Instant messenger programs can generate log files of user interactions which are of interest to forensic investigators. Some of the log files are in formats that are difficult for investigators to extract useful and accurate information from. The official ICQ client is one such program. Users log files are stored in a binary format that is difficult to understand and often changes with different client versions. Previous research has been performed that documents the format of the log files, however this research only covers earlier versions of the client. This paper explores the 2003b version of the ICQ client. It …
Forensic Analysis Of The Contents Of Nokia Mobile Phones, B. Williamson, P. Apeldoorn, B. Cheam, M. Mcdonald
Forensic Analysis Of The Contents Of Nokia Mobile Phones, B. Williamson, P. Apeldoorn, B. Cheam, M. Mcdonald
Australian Digital Forensics Conference
Acquiring information from a mobile phone is now an important issue in many criminal investigations. Mobile phones can contain large amounts of information which can be of use in an investigation. These include typical mobile device data including SMS, phone records and calendar and diary entries. As the difference between a PDA and a mobile phone is now blurred, the data that can reside on a mobile phone is somewhat endless. This report focuses on the performance of different mobile phone forensic software devices, and reports the findings. All aspects of the different software pieces will be reported, as well …