Abstract
Live analysis tools have made a significant difference in capturing evidence during forensic investigations. Such tools, however, are far from infallible.
- Carrier, B.D. File System Forensic Analysis. Addison Wesley, 2005. Google ScholarDigital Library
- Carrier, B.D. The Sleuth Kit; www.sleuthkit.org/.Google Scholar
- Carrier, B.D. and Grand, J. A. hardware-based memory acquisition procedure for digital investigations. J. Digital Investigation 1, 1 (Mar. 2004). Google ScholarDigital Library
- Cogswell, B. and Russinovich, M. RootkitRevealer; www.sysinternals.com.Google Scholar
- Guidance Software. EnCase Enterprise; www.encase.com.Google Scholar
- Hoglund, G. and Butler, J. Rootkits: Subverting the Windows Kernel. Addison Wesley, 2005. Google ScholarDigital Library
- Mandia, K., Prosise, C. and Pepe, M. Incident Response and Computer Forensics 2nd Ed. McGraw-Hill, 2003. Google ScholarDigital Library
- Petroni, Jr., N.L., Fraser, T., Molina, J., and Arbaugh, W.A. Copilot---A coprocessor-based kernel runtime integrity monitor. In Proceedings of 13th Annual USENIX Security Symposium (Aug. 2004). Google ScholarDigital Library
- Skoudis, E. Malware: Fighting Malicious Code. Prentice Hall, 2004. Google ScholarDigital Library
- Technology Pathways. ProDiscover Incident Response; www.techpathways.com/.Google Scholar
- Thompson, K. Reflections on trusting trust. Commun. ACM 27, 8 (Aug. 1984). Google ScholarDigital Library
- Wang, Y-M, Beck, D., Vo, B., Roussev, R., and Verbowski, C. Detecting stealth software with strider GhostBuster. In Proceedings of 2005 International Conference on Dependable Systems and Networks (June 2005). Google ScholarDigital Library
Index Terms
- Risks of live digital forensic analysis
Recommendations
Digital Forensic Investigation Development Model
CICN '13: Proceedings of the 2013 5th International Conference on Computational Intelligence and Communication NetworksThe arena of computer forensics investigation is a relatively new field of study. Many of the methods used in digital forensics have not been formally outlined. Digital Forensics is looked as part of art and part of science. This paper discussed ...
Digital Forensic Analysis of Cybercrimes: Best Practices and Methodologies
This paper reviews the existing methodologies and best practices for digital investigations phases like collecting, evaluating and preserving digital forensic evidence and chain of custody of cybercrimes. Cybercriminals are adopting new strategies to ...
When Digital Forensic Research Meets Laws
ICDCSW '12: Proceedings of the 2012 32nd International Conference on Distributed Computing Systems WorkshopsAcademic researchers in digital forensics often lack backgrounds in related laws. This ignorance could make their research and development legally invalid, or with less relevance in practice. To better assist academic researchers, we discuss related ...
Comments