Open Access. Powered by Scholars. Published by Universities.®

Forensic Science and Technology Commons

Open Access. Powered by Scholars. Published by Universities.®

Computer Sciences

Selected Works

Articles 1 - 3 of 3

Full-Text Articles in Forensic Science and Technology

A University-Based Forensics Training Center As A Regional Outreach, Education, And Research Activity, Rayford B. Vaughn, David A. Dampier Oct 2019

A University-Based Forensics Training Center As A Regional Outreach, Education, And Research Activity, Rayford B. Vaughn, David A. Dampier

David Dampier

This paper describes a university-based Forensics Training Center (FTC) established by a Department of Justice grant for the purpose of improving the ability of state and local law enforcement in the Southeastern part of the United States to address the rising incidence of computer based crime. The FTC effort is described along with supporting evidence of its need. The program is not only a service activity, but also contributes to the Mississippi State University (MSU) security program pedagogy, and research effort.

Go to article

Factors Affecting One-Way Hashing Of Cd-R Media, Christopher Marberry, Philip Craiger Dec 2006

Factors Affecting One-Way Hashing Of Cd-R Media, Christopher Marberry, Philip Craiger

J. Philip Craiger, Ph.D.

While conducting a validation study of proficiency test media we found that applying the same hash algorithm against a single CD using different forensic applications resulted in different hash values. We formulated a series of experiments to determine the cause of the anomalous hash values. Our results suggest that certain write options cause forensic applications to report different hash values. We examine the possible consequences of these anomalies in legal proceedings and provide best practices for the use of hashing procedures.

Go to article

Recovering Digital Evidence From Linux Systems, Philip Craiger Jan 2005

Recovering Digital Evidence From Linux Systems, Philip Craiger

J. Philip Craiger, Ph.D.

As Linux-kernel-based operating systems proliferate there will be an inevitable increase in Linux systems that law enforcement agents must process in criminal investigations. The skills and expertise required to recover evidence from Microsoft-Windows-based systems do not necessarily translate to Linux systems. This paper discusses digital forensic procedures for recovering evidence from Linux systems. In particular, it presents methods for identifying and recovering deleted files from disk and volatile memory, identifying notable and Trojan files, finding hidden files, and finding files with renamed extensions. All the procedures are accomplished using Linux command line utilities and require no special or commercial tools.

Go to article