Home About This Site Kudos What's New Digital Forensics BIBLIO OS Specific Articles Other Resources Links to Links

February 2004 FEATURED SITE Brian Carrier's Page of file system and disk images for testing digital forensic analysis and acquisition tools Past Updates February 2003 March 2003 April 2003 May 2003 June 2003 July 2003 August 2003 September 2003 October 2003 November 2003 December 2003 January 2004 Within the Bibliography section Ahmad, Atif and Tobias Ruighaver Design of a Network-Access Audit Log for Security Monitoring and Forensic Investigation [PDF] November 2003 Allinson, Caroline Information Systems Audit Trails in Legal Proceedings as Evidence July 2001 Bowles, Philip, Simon Belfield & John Cooper The Evidential Value of Email [PDF] 2003 Brill, Ian Basic Windows Intrusion Detection and Forensics September 2003 British Computer Society BCS Comments on Proposals for Registration of Digital Evidence Specialists 2004 Buckeye, Brian & Kevin Liston Recovering Deleted Files in Linux April 2002 Busch, Ed Forensics: What to do after the Break-In [Presentation in PDF] May 2002 Carrier, Brian & Eugene H. Spafford Getting Physical with the Digital Investigation Process [PDF] November 2003 Casey, Eoghan Creating an Incident Response Team [PP Presentation] April 2003 Forensic Computer Analysis [PP Presentation] April 2003 Incident Response and Analysis [PP Presentation] April 2003 Cohen, Fred A Day of Cyber Investigation [HTML Presentation] April 2000 Costa, Paulo Billy Liao, Vijay Malgari, & Jim Jones A System for Collection, Storage, and Analysis of Multi-platform Computer System Data November 2003 Curran, Kevin & Karen Bailey An Evaluation of Image Based Steganography Methods [PDF] November 2003 Duggan, David & Bob Hutchinson Digital Forensics [PDF] November 2003 Faridy, Hany & Siwei Lyu Higher-order Wavelet Statistics and their Application to Digital Forensics [PDF] 2003 Grundy, Barry Intro to Linux for Data Forensics version 2.0.5 [NASA ftp site] Alternate Download Site Harris, Dr. E. Douglas & Bao Tran Digital Forensics and Information Assurance - Education and Research [PDF] December 2003 Joint Council on Information Age Crime Computer-Related Crime Impact: Measuring the Incidence and Cost [PDF] December 2003 Kenneally, Erin Computer Forensics: Beyond the Buzzword [PDF] August 2002 Naavi Cyber Evidence Collection..a Major Challenge to Law Enforcement in India January 2003 Data Capture..key challenge in Cyber Evidence Management January 2003 NIST Computer Security Incident Handling Guide [PDF] January 2004 Pal, Anandabrata, Kulesh Shanmugasundaram, & Nasir Memon Automated Reassembly of Fragmented Images [PDF] 2003 Patzakis, John Maintaining The Digital Chain of Custody [PDF] April 2003 Ross, Officer Troy C. The Technical Side of Internet & Computer Crime [PP Presentation] April 2003 Schwarz, Joel Cyber Security - the Laws that Protect your Systems and Govern Incident Response [PP Presentation] April 2003 Seward, Jack The Debtor’s Digital Reckonings [PDF] November 2003 Shanmugasundaram, Kulesh & Nasir Memon Automatic Reassembly of Document Fragments via Context Based Statistical Models [PDF] December 2003 Shanmugasundaram, Kulesh, Nasir Memon, Anubhav Savant, and Herve Bronnimann ForNet: A Distributed Forensics Network [PDF] 2003 Stallard, Tye and Karl Levitt Automated Analysis for Digital Forensic Science: Semantic Integrity Checking [PDF] December 2003 Stephenson, Peter Modeling of Post-Incident Root Cause Analysis [PDF] November 2003 Strubinger, Ray The Foremost Open Source Forensic Tool September 2003 Tan, Terence, Tobias Ruighaver and Atif Ahmad Incident Handling: Where the Need for Planning is often not Recognised [PDF] November 2003 the grugg The Art of Defiling: Defeating Forensic Analysis on Unix File Systems [PDF] December 2003 VanBelleghem, Dan The Art of Defiling: Defeating Forensic Analysis on Unix File Systems [PDF] December 2003 Zheng, Rong, Yi Qin, Zan Huang & Hsinchun Chen Authorship Analysis in Cybercrime Investigation [PP Presentation] 2003 Within Resources / Other Tools section AIR - Automated Image and Restore (Free) AIR (Automated Image & Restore) is a GUI front-end to dd/dcfldd designed for easily creating forensic bit images. IECookiesView v1.50 (Free) IECookiesView is a small utility that displays the details of all cookies that Internet Explorer stores on your computer. IEHistoryView v1.20 (Free) This utility reads all information from the history file on your computer, and displays the list of all URLs that you have visited in the last few days. Karen's Power Tools (Free) Variety of utilities memdump (Free) A utility that dumps main memory (/dev/mem) of Solaris/BSD/Linux systems NASA Tools (Free) Fatback and Enhanced Loopback PenguinBackup (Free) The PalmPilot single-floppy backup system procshow (Free) Displays information from running process sdd (Free) A replacement for a 'dd'. Within Legalese section Center for Democracy and Technology Current Legal Standards for Access to Papers, Record, and Communications Version 2.2 Popp, Karen A. Computer Searches and Seizures April 2000 Within the Listservs, Newsletters, Journals, etc. section Digital Investigation (DI) The International Journal of Digital Forensics & Incident Response http://www.compseconline.com/digitalinvestigation/ Within Organizations DERIC (Digital Evidence Recovery and Internet Crime Unit) http://www.deric.org.uk/index.html Within Projects Forensic Hash Database A project to combine the various hashsum sources into a single meta RDBMS (relational database management system). Rootkit Hunter A project to combine the various hashsum sources into a single meta RDBMS (relational database management system). © 2003 All rights reserved