A Case Study In Forensic Analysis Of Control, 2011 California Sciences Institute, Fred Cohen & Associates
A Case Study In Forensic Analysis Of Control, Fred Cohen
Journal of Digital Forensics, Security and Law
This paper describes a case study in which a method for forensic analysis of control was applied to resolve probative technical issues in a legal action. It describes one instance in which the analysis was successfully applied without challenge, addresses the details of most of the different facets of the analysis method, and demonstrates how such analysis provides a systematic approach to using technical methods to address legal issues as a case study.
Judges’ Awareness, Understanding, And Application Of Digital Evidence, 2011 Gary Kessler Associates
Judges’ Awareness, Understanding, And Application Of Digital Evidence, Gary C. Kessler
Journal of Digital Forensics, Security and Law
As digital evidence grows in both volume and importance in criminal and civil courts, judges need to fairly and justly evaluate the merits of the offered evidence. To do so, judges need a general understanding of the underlying technologies and applications from which digital evidence is derived. Due to the relative newness of the computer forensics field, there have been few studies on the use of digital forensic evidence and none about judges’ relationship with digital evidence. This paper describes a recent study, using grounded theory methods, into judges’ awareness, knowledge, and perceptions of digital evidence. This study is the …
Book Review: Ios Forensic Analysis: For Iphone, Ipad And Ipod Touch, 2011 LuciData Inc, Minneapolis
Book Review: Ios Forensic Analysis: For Iphone, Ipad And Ipod Touch, Christopher Schulte
Journal of Digital Forensics, Security and Law
As Digital Forensics practitioners, we know that our discipline is constantly evolving. Keeping abreast means we need to continually refine and broaden our knowledge pools through experience, education, research, peer exchange, and more. Mobile device forensics can be especially dynamic and challenging. With multiple standards in place at the hardware, operating system, and user interface levels, it can be daunting to preserve, analyze, search and report on these tiny yet ubiquitous hand-held computers. Apple Computer’s line of mobile products (iOS devices - iPhone, iPad, iPod Touch) is no exception to this rule.
Technology Corner: Internet Packet Sniffers, 2011 University of New Mexico
Technology Corner: Internet Packet Sniffers, Nick V. Flor, Kenneth Guillory
Journal of Digital Forensics, Security and Law
The best way to understand an internet packet sniffer, hereafter “packet sniffer”, is by analogy with a wiretap. A wiretap is a piece of hardware that allows a person to eavesdrop on phone conversations over a telephone network. Similarly, a packet sniffer is a piece of software that allows a person to eavesdrop on computer communications over the internet. A packet sniffer can be used as a diagnostic tool by network administrators or as a spying tool by hackers who can use it to steal passwords and other private information from computer users. Whether you are a network administrator or …
Table Of Contents, 2011 Embry-Riddle Aeronautical University
Table Of Contents
Journal of Digital Forensics, Security and Law
No abstract provided.
Column: Every Last Byte, 2011 Naval Postgraduate School
Column: Every Last Byte, Simson Garfinkel
Journal of Digital Forensics, Security and Law
Inheritance powder is the name that was given to poisons, especially arsenic, that were commonly used in the 17th and early 18th centuries to hasten the death of the elderly. For most of the 17th century, arsenic was deadly but undetectable, making it nearly impossible to prove that someone had been poisoned. The first arsenic test produced a gas—hardly something that a scientist could show to a judge. Faced with a growing epidemic of poisonings, doctors and chemists spent decades searching for something better
Kindle Forensics: Acquisition & Analysis, 2011 School of Computer and Security Science
Kindle Forensics: Acquisition & Analysis, Peter Hannay
Journal of Digital Forensics, Security and Law
The Amazon Kindle eBook reader supports a wide range of capabilities beyond reading books. This functionality includes an inbuilt cellular data connection known as Whispernet. The Kindle provides web browsing, an application framework, eBook delivery and other services over this connection. The historic data left by user interaction with this device may be of forensic interest. Analysis of the Amazon Kindle device has resulted in a method to reliably extract and interpret data from these devices in a forensically complete manner.
Developing A Forensic Continuous Audit Model, 2011 University of South Florida, St. Petersburg
Developing A Forensic Continuous Audit Model, Grover S. Kearns, Katherine J. Barker, Stephen P. Danese
Journal of Digital Forensics, Security and Law
Despite increased attention to internal controls and risk assessment, traditional audit approaches do not seem to be highly effective in uncovering the majority of frauds. Less than 20 percent of all occupational frauds are uncovered by auditors. Forensic accounting has recognized the need for automated approaches to fraud analysis yet research has not examined the benefits of forensic continuous auditing as a method to detect and deter corporate fraud. The purpose of this paper is to show how such an approach is possible. A model is presented that supports the acceptance of forensic continuous auditing by auditors and management as …
Technology Corner: Analysing E-Mail Headers For Forensic Investigation, 2011 Banday University of Kashmir India
Technology Corner: Analysing E-Mail Headers For Forensic Investigation, M. T. Banday
Journal of Digital Forensics, Security and Law
Electronic Mail (E-Mail), which is one of the most widely used applications of Internet, has become a global communication infrastructure service. However, security loopholes in it enable cybercriminals to misuse it by forging its headers or by sending it anonymously for illegitimate purposes, leading to e-mail forgeries. E-mail messages include transit handling envelope and trace information in the form of structured fields which are not stripped after messages are delivered, leaving a detailed record of e-mail transactions. A detailed header analysis can be used to map the networks traversed by messages, including information on the messaging software and patching policies …
Table Of Contents, 2011 Embry-Riddle Aeronautical University
Table Of Contents
Journal of Digital Forensics, Security and Law
No abstract provided.
Column: The Consortium Of Digital Forensics Specialists (Cdfs), 2011 CDFS Board Chair
Column: The Consortium Of Digital Forensics Specialists (Cdfs), Christopher Kelly
Journal of Digital Forensics, Security and Law
Digital forensic practitioners are faced with an extraordinary opportunity. In fact, we may never again be faced with such an opportunity, and this opportunity will challenge us in ways we may never again be challenged. At this point in the history of the Digital Forensics profession, digital forensic specialists have the unique opportunity to help this profession emerge from its infancy. But for this profession to mature -- and to flourish -- individuals and organizations integral to the practice must assemble and shape its future. This is our opportunity. In fact, this is our mandate.
Column: The Physics Of Digital Information, 2011 CEO, Fred Cohen & Associates President, California Sciences Institute
Column: The Physics Of Digital Information, Fred Cohen
Journal of Digital Forensics, Security and Law
No abstract provided.
Analysis Of Data Remaining On Second Hand Adsl Routers, 2011 Edith Cowan University; Perth, Western Australia
Analysis Of Data Remaining On Second Hand Adsl Routers, Patryk Szewczyk
Journal of Digital Forensics, Security and Law
In theory, an ADSL router can provide an additional layer of security to a wired and wireless network through; access control, wireless encryption, firewall rule sets, and network event logging. An ADSL router may also contain the users’ usage habits and broadband account credentials. However, end-users may be unaware of the intricacies of the security measures available and the potentially confidential information stored on their device. As a result a second hand ADSL router may contain a wealth of user-specific information if not wiped and disposed of in a secure manner. This paper shows the data that was acquired from …
Exploring The Iphone Backup Made By Itunes, 2011 University of Brescia, Italy
Exploring The Iphone Backup Made By Itunes, Mario Piccinelli, Paolo Gubian
Journal of Digital Forensics, Security and Law
Apple’s™ iPhone™ is one of the widest selling mobile on the market, thanks to its simple and user-friendly interface and ever growing pool of available high quality applications for both personal and business use. The increasing use of the iPhone leads forensics practitioners towards the need for tools to access and analyze the information stored in the device. This research aims at describing the process to forensically analyze a logical backup of an iPhone made by the Apple iTunes™ utility, understanding the backup’s structure, and creating a simple tool to automate the process of decoding and analyzing the data. In …
A Survey Of Contemporary Enterprise Storage Technologies From A Digital Forensics Perspective, 2011 California State Polytechnic University
A Survey Of Contemporary Enterprise Storage Technologies From A Digital Forensics Perspective, Gregory H. Carlton, Joseph Matsumoto
Journal of Digital Forensics, Security and Law
As the proliferation of digital computational systems continue to expand, increasingly complex technologies emerge, including those regarding large, enterprise-wide, information storage and retrieval systems. Within this study, we examine four contemporary enterprise storage technologies. Our examination of these technologies is presented with an overview of the technological features of each offering and then followed with a discussion of the impact of these technologies on digital forensics methods, particularly regarding forensic data acquisition. We offer a general opinion concerning a recommended data acquisition method when faced with the task of obtaining a forensic image of data contained within these technologies, we …
Technology Corner: Brute Force Password Generation -- Basic Iterative And Recursive Algorithms, 2011 University of New Mexico
Technology Corner: Brute Force Password Generation -- Basic Iterative And Recursive Algorithms, Nick V. Flor, Haile Shannon
Journal of Digital Forensics, Security and Law
Most information systems are secured at minimum by some form of password protection. For various reasons a password may be unavailable, requiring some form of password recovery procedure. One such procedure is software-based automated password recovery, where a program attempts to log into a system by repeatedly trying different password combinations. At the core of such software is a password generator. This article describes the basic iterative and recursive algorithms for generating all possible passwords of a given length, which is commonly referred to as brute-force password generation. The paper ends with a discussion of alternative password recovery procedures one …
Table Of Contents, 2011 Embry-Riddle Aeronautical University
Table Of Contents
Journal of Digital Forensics, Security and Law
No abstract provided.
Column: File Cabinet Forensics, 2011 Naval Postgraduate School, California
Column: File Cabinet Forensics, Simson Garfinkel
Journal of Digital Forensics, Security and Law
Researchers can spend their time reverse engineering, performing reverse analysis, or making substantive contributions to digital forensics science. Although work in all of these areas is important, it is the scientific breakthroughs that are the most critical for addressing the challenges that we face. Reverse Engineering is the traditional bread-and-butter of digital forensics research. Companies like Microsoft and Apple deliver computational artifacts (operating systems, applications and phones) to the commercial market. These artifacts are bought and used by billions. Some have evil intent, and (if society is lucky), the computers end up in the hands of law enforcement. Unfortunately the …
Legal Issues Regarding Digital Forensic Examiners Third Party Consent To Search, 2011 Roger Williams University
Legal Issues Regarding Digital Forensic Examiners Third Party Consent To Search, Thomas Lonardo, Doug White, Tricia P. Martland, Alan Rea
Journal of Digital Forensics, Security and Law
This paper focuses on Federal law as it relates to consent to search relating to Fourth Amendment privacy in the practice of Digital Forensics. In particular, Digital Examiners should be aware of how decisions in Federal Court may impact their ability to acquire evidence in both civil and criminal settings. Digital Forensics, being a relatively new field, is particularly subject to change as cases and appeals are decided. This paper provides an overview of relevant case law relating to issues in Digital Forensics. More importantly, our research provides Digital Forensic Examiners (DFE), as defined by Lonardo, White, and Rea (2008, …
Book Review: Iphone And Ios Forensics: Investigation, Analysis And Mobile Security For Apple Iphone, Ipad And Ios Devices, 2011 EnCE & ACE, LuciData Inc
Book Review: Iphone And Ios Forensics: Investigation, Analysis And Mobile Security For Apple Iphone, Ipad And Ios Devices, Christopher Schulte
Journal of Digital Forensics, Security and Law
These are exciting times for Digital Forensics practitioners. While our examinations of mobile devices (including cell phones and tablet computers) continue to bring new and sometimes hair-pulling challenges into our labs and on-site engagements, research and understanding of these tiny computers is increasing at what seems an exponential rate. This is especially true in the iOS (Apple Computer’s mobile operating system that powers the iPhone, iPad, iPod Touch and Apple TV) space. The diligent work of talented computer scientists in this field allows examiners everywhere to reap the benefits of easier, faster and more effective examinations that yield more accurate …