article

Free Access

Risks of live digital forensic analysis

Author:
Brian D. Carrier

View Profile

Authors Info & Claims

Communications of the ACM Volume 49 Issue 2February 2006pp 56–61https://doi.org/10.1145/1113034.1113069

Published:01 February 2006Publication History

Communications of the ACM

Abstract

Live analysis tools have made a significant difference in capturing evidence during forensic investigations. Such tools, however, are far from infallible.

References

Carrier, B.D. File System Forensic Analysis. Addison Wesley, 2005. Google ScholarDigital Library
Carrier, B.D. The Sleuth Kit; www.sleuthkit.org/.Google Scholar
Carrier, B.D. and Grand, J. A. hardware-based memory acquisition procedure for digital investigations. J. Digital Investigation 1, 1 (Mar. 2004). Google ScholarDigital Library
Cogswell, B. and Russinovich, M. RootkitRevealer; www.sysinternals.com.Google Scholar
Guidance Software. EnCase Enterprise; www.encase.com.Google Scholar
Hoglund, G. and Butler, J. Rootkits: Subverting the Windows Kernel. Addison Wesley, 2005. Google ScholarDigital Library
Mandia, K., Prosise, C. and Pepe, M. Incident Response and Computer Forensics 2nd Ed. McGraw-Hill, 2003. Google ScholarDigital Library
Petroni, Jr., N.L., Fraser, T., Molina, J., and Arbaugh, W.A. Copilot---A coprocessor-based kernel runtime integrity monitor. In Proceedings of 13th Annual USENIX Security Symposium (Aug. 2004). Google ScholarDigital Library
Skoudis, E. Malware: Fighting Malicious Code. Prentice Hall, 2004. Google ScholarDigital Library
Technology Pathways. ProDiscover Incident Response; www.techpathways.com/.Google Scholar
Thompson, K. Reflections on trusting trust. Commun. ACM 27, 8 (Aug. 1984). Google ScholarDigital Library
Wang, Y-M, Beck, D., Vo, B., Roussev, R., and Verbowski, C. Detecting stealth software with strider GhostBuster. In Proceedings of 2005 International Conference on Dependable Systems and Networks (June 2005). Google ScholarDigital Library

Index Terms

Risks of live digital forensic analysis

Recommendations

Digital Forensic Investigation Development Model
CICN '13: Proceedings of the 2013 5th International Conference on Computational Intelligence and Communication Networks

The arena of computer forensics investigation is a relatively new field of study. Many of the methods used in digital forensics have not been formally outlined. Digital Forensics is looked as part of art and part of science. This paper discussed ...
Read More
Digital Forensic Analysis of Cybercrimes: Best Practices and Methodologies

This paper reviews the existing methodologies and best practices for digital investigations phases like collecting, evaluating and preserving digital forensic evidence and chain of custody of cybercrimes. Cybercriminals are adopting new strategies to ...
Read More
When Digital Forensic Research Meets Laws
ICDCSW '12: Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops

Academic researchers in digital forensics often lack backgrounds in related laws. This ignorance could make their research and development legally invalid, or with less relevance in practice. To better assist academic researchers, we discuss related ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in

Communications of the ACM Volume 49, Issue 2
Next-generation cyber forensics
February 2006
127 pages
ISSN:0001-0782
EISSN:1557-7317
DOI:10.1145/1113034
Issue’s Table of Contents

Copyright © 2006 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 1 February 2006
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Qualifiers
- article
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 46
  Total Citations
  View Citations
- 4,469
  Total Downloads
- Downloads (Last 12 months)117
- Downloads (Last 6 weeks)42
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format .

View HTML Format

Risks of live digital forensic analysis

Communications of the ACM

Abstract

References

Cited By

Index Terms

Recommendations

Digital Forensic Investigation Development Model

Digital Forensic Analysis of Cybercrimes: Best Practices and Methodologies

When Digital Forensic Research Meets Laws

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

HTML Format

Caption

Risks of live digital forensic analysis

Communications of the ACM

Abstract

References

Cited By

Index Terms

Recommendations

Digital Forensic Investigation Development Model

Digital Forensic Analysis of Cybercrimes: Best Practices and Methodologies

When Digital Forensic Research Meets Laws

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

HTML Format

Share this Publication link

Share on Social Media