Category: Digital Forensic Theory
-
Lectures in Mathematics for Digital Forensic Researchers
Digital forensics is a very practical discipline that addresses the needs of every day investigations. Whether deleted data needs to be recovered or the suspect’s photographs need to be attributed to the suspect’s photo camera – forensic analyst has to do whatever it takes to advance the investigation. There is rarely any time to think…
-
The Digital Investigation Process
Everyday new ideas all around the world are born. By the start of the new millennium the race was on, as everyone and their brother realized how potent technology was to their future. And now as we move into the second decade of the millennium, technological advancements became one of the pillars of a nation.…
-
Towards Automated Forensic Event Reconstruction of Malicious Code
Many existing methods of forensic malware analysis rely on the investigators’ practical experience rather than hard science. This paper presents a formal (i.e. based on mathematics) approach to reconstructing activities of a malicious executable found in a victim’s system during a post-mortem analysis. The behavior of the suspect executable is modeled as a finite state automaton where…
-
Automata Intersection to Test Possibility of Statements in Investigations
When conducting an investigation, many statements are given by witnesses and suspects. A “witness” could be considered as anything that provides information about the occurrence of an event. While a witness may traditionally be a human, a digital device – such as a computer or cell phone – could also help to provide information about…