Safer Live Forensic Acquisition
نویسنده
چکیده
Computer forensic practitioners must gather, analyse and present evidence at court. A method of data gathering called live forensic acquisition is often used. This method involves gathering data from a system without shutting it down and allows forensic practitioners to access a large quantity of valuable information. However, as data on the computer is constantly changing the copy of data taken is slurred. Slurred data is difficult to analyse as different pieces of the data show the system at different times and these times are unknown. This project identifies the weaknesses with the current live forensic methodology and provides an improved method which produces perfect, unslurred, images. This greatly improves the analytical value and evidential integrity of the data.
منابع مشابه
Live Forensic Acquisition as Alternative to Traditional Forensic Processes
The development of live forensic acquisition in general presents a remedy for some of the problems introduced by traditional forensic acquisition. However, this live forensic acquisition introduces a variety of additional problems, unique to this discipline. This paper presents current research with regards to the forensic soundness of evidence retrieved through live forensic acquisition. The r...
متن کاملModelling Live Forensic Acquisition
This paper discusses the development of a South African model for Live Forensic Acquisition Liforac. The Liforac model is a comprehensive model that presents a range of aspects related to Live Forensic Acquisition. The model provides forensic investigators with guidelines on how to proceed during an investigation. It provides forensic investigators with a robust foundation to understand what ne...
متن کاملA Best Practice Approach to Live Forensic Acquisition
The development of the Live Forensic discipline instigates the development of a method that allows forensically sound acquisition to stand fast in a court of law. The study presents the development of a comprehensive model for forensically sound Live Forensic Acquisition, the Liforac model. The Liforac model presents a number of concepts that are already available within the Cyber Forensics dis...
متن کاملPypette: A Framework for the Evaluation of Live Digital Forensic Acquisition Techniques
With the increasing scale of digital forensic investigations, there is a need for approaches that are capable of reducing the quantities of data forensic examiners are required to search. As this trend continues, traditional quiescent digital forensic analysis is in some cases becoming impractical; examiners must often rely on an in-situ investigation of the live computing environment. Numerous...
متن کاملInformation Security for South Africa
The development of the Live Forensic discipline instigates the development of a method that allows forensically sound acquisition to stand fast in a court of law. The study presents the development of a comprehensive model for forensically sound Live Forensic Acquisition, the Liforac model. The Liforac model presents a number of concepts that are already available within the Cyber Forensics dis...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2007