Tag: Digital Forensics
-
Automated Network Traige
In many police investigations today, computer systems are somehow involved. The number and capacity of computer systems needing to be seized and examined is increasing, and in some cases it may be necessary to quickly find a single computer system within a large number of computers in a network. To investigate potential evidence from a…
-
Signature Based Detection of User Events for Post-Mortem Forensic Analysis
The concept of signatures is used in many fields, normally for the detection of some sort of pattern. For example, antivirus and network intrusion detection systems sometimes implement signature matching to attempt to differentiate legitimate code or network traffic from malicious data. The principle of these systems that that within a given set of data, malicious data…
-
InfoSecurity Russia 2012: Digital Forensics, Cloud Computing, Future of Cybercrime Investigation
Last week Joshua and I gave invited talk about digital forensics at InfoSecurity Russia 2012. The slides of the talk are here: Slides of DigitalFIRE Talk at InfoSecurity Russia 2012 Our talk explored the issues of digital forensics in the cloud environment. The first part of the talk introduced the concepts of cyber crime investigations and the challenges…
-
Survey of Evidence and Forensic Tool Usage in Digital Investigations
This work is in regards to a 2009 project about research into real-world digital forensic practices for the development of highly automated tools to increase speed and efficiency of forensic investigations. A survey was conducted of 30 Law Enforcement officers from different countries in Europe (with 10 respondents). The key findings of the survey are given,…