Exploring The Iphone Backup Made By Itunes,
2011
University of Brescia, Italy
Exploring The Iphone Backup Made By Itunes, Mario Piccinelli, Paolo Gubian
Journal of Digital Forensics, Security and Law
Apple’s™ iPhone™ is one of the widest selling mobile on the market, thanks to its simple and user-friendly interface and ever growing pool of available high quality applications for both personal and business use. The increasing use of the iPhone leads forensics practitioners towards the need for tools to access and analyze the information stored in the device. This research aims at describing the process to forensically analyze a logical backup of an iPhone made by the Apple iTunes™ utility, understanding the backup’s structure, and creating a simple tool to automate the process of decoding and analyzing the data. In …
Book Review: Online Privacy: Issues In The Digital Age,
2011
Metropolitan State University
Book Review: Online Privacy: Issues In The Digital Age, Darlene M. Tester
Journal of Digital Forensics, Security and Law
This book is one of a series of books Currie has written about online areas of concern. This is the sixth book in the series. The purpose of the book is to act as a primer for people in the IT field who may need a point of reference for Internet issues such as gaming, security and privacy. The book takes a high level look at the complexities of privacy online from social networking to hackers and provides insight into what the most pressing issues of privacy are online today.
Working Inside The Box: An Example Of Google Desktop Search In A Forensic Examination,
2011
Embry-Riddle Aeronautical University
Working Inside The Box: An Example Of Google Desktop Search In A Forensic Examination, Timothy J. Latulippe
Journal of Digital Forensics, Security and Law
Information and the technological advancements for which mankind develops with regards to its storage has increased tremendously over the past few decades. As the total amount of data stored rapidly increases in conjunction with the amount of widely available computer-driven devices being used, solutions are being developed to better harness this data. These types of advancements are continually assisting investigators and computer forensic examiners. One such application which houses copious amounts of fruitful data is the Google Desktop Search program. Coupled with tested and verified techniques, examiners can exploit the power of this application to cater to their investigative needs. …
Column: File Cabinet Forensics,
2011
Naval Postgraduate School, California
Column: File Cabinet Forensics, Simson Garfinkel
Journal of Digital Forensics, Security and Law
Researchers can spend their time reverse engineering, performing reverse analysis, or making substantive contributions to digital forensics science. Although work in all of these areas is important, it is the scientific breakthroughs that are the most critical for addressing the challenges that we face. Reverse Engineering is the traditional bread-and-butter of digital forensics research. Companies like Microsoft and Apple deliver computational artifacts (operating systems, applications and phones) to the commercial market. These artifacts are bought and used by billions. Some have evil intent, and (if society is lucky), the computers end up in the hands of law enforcement. Unfortunately the …
Legal Issues Regarding Digital Forensic Examiners Third Party Consent To Search,
2011
Roger Williams University
Legal Issues Regarding Digital Forensic Examiners Third Party Consent To Search, Thomas Lonardo, Doug White, Tricia P. Martland, Alan Rea
Journal of Digital Forensics, Security and Law
This paper focuses on Federal law as it relates to consent to search relating to Fourth Amendment privacy in the practice of Digital Forensics. In particular, Digital Examiners should be aware of how decisions in Federal Court may impact their ability to acquire evidence in both civil and criminal settings. Digital Forensics, being a relatively new field, is particularly subject to change as cases and appeals are decided. This paper provides an overview of relevant case law relating to issues in Digital Forensics. More importantly, our research provides Digital Forensic Examiners (DFE), as defined by Lonardo, White, and Rea (2008, …
Technology Corner: Virtual Crime Scene Reconstruction: The Basics Of 3d Modeling,
2011
University of New Mexico
Technology Corner: Virtual Crime Scene Reconstruction: The Basics Of 3d Modeling, Nick V. Flor
Journal of Digital Forensics, Security and Law
Digital crime scenes take place in the context of physical crime scenes. Virtual crime scene reconstruction is an activity where investigators create a 3- dimensional (3-D) model of an actual crime scene for the purpose of determining the events that lead to the crime. While virtual crime scene reconstruction is currently used for analyzing physical scenes, it can also help investigators visualize and explore ways digital media could have been used to perpetrate a crime. In this technology corner we explore one of the technologies underlying virtual crime scene reconstruction: 3-D modeling.
Book Review: Iphone And Ios Forensics: Investigation, Analysis And Mobile Security For Apple Iphone, Ipad And Ios Devices,
2011
EnCE & ACE, LuciData Inc
Book Review: Iphone And Ios Forensics: Investigation, Analysis And Mobile Security For Apple Iphone, Ipad And Ios Devices, Christopher Schulte
Journal of Digital Forensics, Security and Law
These are exciting times for Digital Forensics practitioners. While our examinations of mobile devices (including cell phones and tablet computers) continue to bring new and sometimes hair-pulling challenges into our labs and on-site engagements, research and understanding of these tiny computers is increasing at what seems an exponential rate. This is especially true in the iOS (Apple Computer’s mobile operating system that powers the iPhone, iPad, iPod Touch and Apple TV) space. The diligent work of talented computer scientists in this field allows examiners everywhere to reap the benefits of easier, faster and more effective examinations that yield more accurate …
Table Of Contents,
2011
Embry-Riddle Aeronautical University
Table Of Contents
Journal of Digital Forensics, Security and Law
No abstract provided.
Table Of Contents,
2011
Embry-Riddle Aeronautical University
Table Of Contents
Journal of Digital Forensics, Security and Law
No abstract provided.
Table Of Contents,
2011
Embry-Riddle Aeronautical University
Table Of Contents
Journal of Digital Forensics, Security and Law
No abstract provided.
Cat Detect (Computer Activity Timeline Detection): A Tool For Detecting Inconsistency In Computer Activity Timelines,
2011
Zayed University
Cat Detect (Computer Activity Timeline Detection): A Tool For Detecting Inconsistency In Computer Activity Timelines, Andrew Marrington, Ibrahim Baggili, George Mohay, Andrew Clark
Electrical & Computer Engineering and Computer Science Faculty Publications
The construction of timelines of computer activity is a part of many digital investigations. These timelines of events are composed of traces of historical activity drawn from system logs and potentially from evidence of events found in the computer file system. A potential problem with the use of such information is that some of it may be inconsistent and contradictory thus compromising its value. This work introduces a software tool (CAT Detect) for the detection of inconsistency within timelines of computer activity. We examine the impact of deliberate tampering through experiments conducted with our prototype software tool. Based on the …
The Application Of Chemometrics To The Detection And Classification Of Ignitable Liquids In Fire Debris Using The Total Ion Spectrum,
2011
University of Central Florida
The Application Of Chemometrics To The Detection And Classification Of Ignitable Liquids In Fire Debris Using The Total Ion Spectrum, Jennifer N. Lewis
Electronic Theses and Dissertations
Current methods in ignitable liquid identification and classification from fire debris rely on pattern recognition of ignitable liquids in total ion chromatograms, extracted ion profiles, and target compound comparisons, as described in American Standards for Testing and Materials E1618-10. The total ion spectra method takes advantage of the reproducibility among sample spectra from the same American Society for Testing and Materials class. It is a method that is independent of the chromatographic conditions that affect retention times of target compounds, thus aiding in the use of computer-based library searching techniques. The total ion spectrum was obtained by summing the ion …
Column: Putting The Science In Digital Forensics,
2011
California Sciences Institute, Fred Cohen & Associates
Column: Putting The Science In Digital Forensics, Fred Cohen
Journal of Digital Forensics, Security and Law
In a recent study, digital forensics was found to lack a consensus around even the most basis notions and terminology of the field. To quote: “These two preliminary studies individually suggest that (1) scientific consensus in the area of digital forensic evidence examination is lacking in the broad sense, but that different groups within that overall community may have limited consensus around areas in which they have special expertise, and (2) that the current peerreviewed publication process is not acting to bring about the sorts of elements typically found in the advancement of a science toward such a consensus. ... …
Technology Corner: Internet Packet Sniffers,
2011
University of New Mexico
Technology Corner: Internet Packet Sniffers, Nick V. Flor, Kenneth Guillory
Journal of Digital Forensics, Security and Law
The best way to understand an internet packet sniffer, hereafter “packet sniffer”, is by analogy with a wiretap. A wiretap is a piece of hardware that allows a person to eavesdrop on phone conversations over a telephone network. Similarly, a packet sniffer is a piece of software that allows a person to eavesdrop on computer communications over the internet. A packet sniffer can be used as a diagnostic tool by network administrators or as a spying tool by hackers who can use it to steal passwords and other private information from computer users. Whether you are a network administrator or …
A Survey Of Contemporary Enterprise Storage Technologies From A Digital Forensics Perspective,
2011
California State Polytechnic University
A Survey Of Contemporary Enterprise Storage Technologies From A Digital Forensics Perspective, Gregory H. Carlton, Joseph Matsumoto
Journal of Digital Forensics, Security and Law
As the proliferation of digital computational systems continue to expand, increasingly complex technologies emerge, including those regarding large, enterprise-wide, information storage and retrieval systems. Within this study, we examine four contemporary enterprise storage technologies. Our examination of these technologies is presented with an overview of the technological features of each offering and then followed with a discussion of the impact of these technologies on digital forensics methods, particularly regarding forensic data acquisition. We offer a general opinion concerning a recommended data acquisition method when faced with the task of obtaining a forensic image of data contained within these technologies, we …
Technology Corner: Brute Force Password Generation -- Basic Iterative And Recursive Algorithms,
2011
University of New Mexico
Technology Corner: Brute Force Password Generation -- Basic Iterative And Recursive Algorithms, Nick V. Flor, Haile Shannon
Journal of Digital Forensics, Security and Law
Most information systems are secured at minimum by some form of password protection. For various reasons a password may be unavailable, requiring some form of password recovery procedure. One such procedure is software-based automated password recovery, where a program attempts to log into a system by repeatedly trying different password combinations. At the core of such software is a password generator. This article describes the basic iterative and recursive algorithms for generating all possible passwords of a given length, which is commonly referred to as brute-force password generation. The paper ends with a discussion of alternative password recovery procedures one …
Investigating Modern Communication Technologies: The Effect Of Internet-Based Communication Technologies On The Investigation Process,
2011
University of South Australia
Investigating Modern Communication Technologies: The Effect Of Internet-Based Communication Technologies On The Investigation Process, Matthew Simon, Jill Slay
Journal of Digital Forensics, Security and Law
Communication technologies are commonplace in modern society. For many years there were only a handful of communication technologies provided by large companies, namely the Public Switched Telephone Network (PSTN) and mobile telephony; these can be referred to as traditional communication technologies. Over the lifetime of traditional communication technologies has been little technological evolution and as such, law enforcement developed sound methods for investigating targets using them. With the advent of communication technologies that use the Internet – Internet-based or contemporary communication technologies – law enforcement are faced with many challenges. This paper discusses these challenges and their potential impact. It …
Table Of Contents,
2011
Embry-Riddle Aeronautical University
Table Of Contents
Journal of Digital Forensics, Security and Law
No abstract provided.
Forensic Analysis Of Plug Computers,
2011
University of Central Florida
Forensic Analysis Of Plug Computers, Scott Conrad, Greg Dorn, Philip Craiger
Publications
A plug computer is essentially a cross between an embedded computer and a traditional computer, and with many of the same capabilities. However, the architecture of a plug computer makes it difficult to apply commonly used digital forensic methods. This paper describes methods for extracting and analyzing digital evidence from plug computers. Two popular plug computer models are examined, the SheevaPlug and the Pogoplug.
The Relative Recoverability Of Dna And Rna Profiles From Forensically Relevant Body Fluid Stains,
2011
University of Central Florida
The Relative Recoverability Of Dna And Rna Profiles From Forensically Relevant Body Fluid Stains, Charly Parker
Electronic Theses and Dissertations
Biological material (fluids or tissues) whether from the victim or suspect is often collected as forensic evidence, and methods to obtain and analyze the DNA found in that material have been well established. The type of body fluid (i.e. blood, saliva, semen, vaginal secretions, and menstrual blood) from which the DNA originated is also of interest, and messenger RNA typing provides a specific and sensitive means of body fluid identification. In order for mRNA profiling to be utilized in routine forensic casework, RNA of sufficient quantity and quality must be obtained from biological fluid stains and the methods used for …
