Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- Forensic analysis (4)
- Digital forensics (2)
- Accreditation (1)
- Best practices (1)
- CD-R media (1)
-
- Certification (1)
- Computer forensics (1)
- Cryptographic hash functions (1)
- Digital evidence (1)
- Dogma and ritual (1)
- Education (1)
- Evolution of computer forensics (1)
- Forensic science (1)
- Gaming console (1)
- Linux systems forensics (1)
- Mac OS X forensics (1)
- Macintosh computers (1)
- One-way hashing (1)
- PS3 (1)
- Plug computers (1)
- Pogoplug (1)
- SheevaPlug (1)
- Sony Playstation 3 (1)
- Sony Playstation Portable (1)
- Xbox consoles (1)
Articles 1 - 9 of 9
Full-Text Articles in Legal Studies
Exploring Myths In Digital Forensics: Separating Science From Ritual, Gary C. Kessler, Gregory H. Carlton
Exploring Myths In Digital Forensics: Separating Science From Ritual, Gary C. Kessler, Gregory H. Carlton
Publications
Digital forensic methodology deviates significantly relative to the methods of other forensic sciences for numerous practical reasons, and it has been largely influenced by factors derived from the inception and evolution of this relatively new and rapidly changing field. Digital forensics methodology was developed more by practitioners in its early days rather than by computer scientists. This led to accepted best practices in the field that may not represent the best or, at least, tested, science. This paper explores some of these differences in the practice and evolution between digital and other forensic sciences, and recommends scientific approaches to apply …
Educating The Next Generation Of Cyberforensic Professionals, Mark Pollitt, Philip Craiger
Educating The Next Generation Of Cyberforensic Professionals, Mark Pollitt, Philip Craiger
Publications
This paper provides a historical overview of the development of cyberforensics as a scientific discipline, along with a description of the current state of training, educational programs, certification and accreditation. The paper traces the origins of cyberforensics, the acceptance of cyberforensics as a forensic science and its recognition as a component of information security. It also discusses the development of professional certification and standardized bodies of knowledge that have had a substantial impact on the discipline. Finally, it discusses the accreditation of cyberforensic educational programs, its linkage with the bodies of knowledge and its effect on cyberforensic educational programs.
Forensic Analysis Of Plug Computers, Scott Conrad, Greg Dorn, Philip Craiger
Forensic Analysis Of Plug Computers, Scott Conrad, Greg Dorn, Philip Craiger
Publications
A plug computer is essentially a cross between an embedded computer and a traditional computer, and with many of the same capabilities. However, the architecture of a plug computer makes it difficult to apply commonly used digital forensic methods. This paper describes methods for extracting and analyzing digital evidence from plug computers. Two popular plug computer models are examined, the SheevaPlug and the Pogoplug.
Forensic Analysis Of A Playstation 3 Console, Scott Conrad, Greg Dorn, Philip Craiger
Forensic Analysis Of A Playstation 3 Console, Scott Conrad, Greg Dorn, Philip Craiger
Publications
The Sony PlayStation 3 (PS3) is a powerful gaming console that supports Internet-related activities, local file storage and the playing of Blu-ray movies. The PS3 also allows users to partition and install a secondary operating system on the hard drive. This “desktop-like” functionality along with the encryption of the primary hard drive containing the gaming software raises significant issues related to the forensic analysis of PS3 systems. This paper discusses the PS3 architecture and behavior, and provides recommendations for conducting forensic investigations of PS3 systems.
Forensic Analysis Of The Sony Playstation Portable, Scott Conrad, Carlos Rodriguez, Chris Marberry, Philip Craiger
Forensic Analysis Of The Sony Playstation Portable, Scott Conrad, Carlos Rodriguez, Chris Marberry, Philip Craiger
Publications
The Sony PlayStation Portable (PSP) is a popular portable gaming device with features such as wireless Internet access and image, music and movie playback. As with most systems built around a processor and storage, the PSP can be used for purposes other than it was originally intended – legal as well as illegal. This paper discusses the features of the PSP browser and suggests best practices for extracting digital evidence.
Factors Affecting One-Way Hashing Of Cd-R Media, Christopher Marberry, Philip Craiger
Factors Affecting One-Way Hashing Of Cd-R Media, Christopher Marberry, Philip Craiger
Publications
While conducting a validation study of proficiency test media we found that applying the same hash algorithm against a single CD using different forensic applications resulted in different hash values. We formulated a series of experiments to determine the cause of the anomalous hash values. Our results suggest that certain write options cause forensic applications to report different hash values. We examine the possible consequences of these anomalies in legal proceedings and provide best practices for the use of hashing procedures.
Forensic Analysis Of Xbox Consoles, Paul Burke, Philip Craiger
Forensic Analysis Of Xbox Consoles, Paul Burke, Philip Craiger
Publications
Microsoft’s Xbox game console can be modified to run additional operating systems, enabling it to store gigabytes of non-game related files and run various computer services. Little has been published, however, on procedures for determining whether or not an Xbox console has been modified, for creating a forensic duplicate, and for conducting a forensic investigation. Given the growing popularity of Xbox systems, it is important to understand how to identify, image and examine these devices while reducing the potential of corrupting the media. This paper discusses Xbox forensics and provides a set of forensically-sound procedures for analyzing Xbox consoles.
Mac Os X Forensics, Philip Craiger, Paul Burke
Mac Os X Forensics, Philip Craiger, Paul Burke
Publications
This paper describes procedures for conducting forensic examinations of Apple Macs running Mac OS X. The target disk mode is used to create a forensic duplicate of a Mac hard drive and preview it. Procedures are discussed for recovering evidence from allocated space, unallocated space, slack space and virtual memory. Furthermore, procedures are described for recovering trace evidence from Mac OS X default email, web browser and instant messaging applications, as well as evidence pertaining to commands executed from a terminal.
Recovering Digital Evidence From Linux Systems, Philip Craiger
Recovering Digital Evidence From Linux Systems, Philip Craiger
Publications
As Linux-kernel-based operating systems proliferate there will be an inevitable increase in Linux systems that law enforcement agents must process in criminal investigations. The skills and expertise required to recover evidence from Microsoft-Windows-based systems do not necessarily translate to Linux systems. This paper discusses digital forensic procedures for recovering evidence from Linux systems. In particular, it presents methods for identifying and recovering deleted files from disk and volatile memory, identifying notable and Trojan files, finding hidden files, and finding files with renamed extensions. All the procedures are accomplished using Linux command line utilities and require no special or commercial tools.