Tools
Tools
PALMIERI, Gareth and ZARGARI, Shahrzad (2017). Using open source forensic carving tools on split dd and EWF files. In: Proceedings, 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData). IEEE, 379-383. (In Press)
|
PDF
Zargari-UsingOpenSourceForensicCarvingTools(AM).pdf - Accepted Version All rights reserved. Download (314kB) | Preview |
Abstract
This study tests a number of open source forensic carving tools to determine their viability when run across split raw forensic images (dd) and Expert Witness Compression Format (EWF) images. This is done by carving files from a raw dd file to determine the baseline before running each tool over the different image types and analysing the results. A framework is then written in python to allow Scalpel to be run across any split dd image, whilst simultaneously concatenating the carved files and sorting by file type. This study tests the framework on a number of scenarios and concludes that this is an effective method of carving files using Scalpel over split dd images.
| Item Type: | Book Section |
|---|---|
| Research Institute, Centre or Group - Does NOT include content added after October 2018: | Cultural Communication and Computing Research Institute > Communication and Computing Research Centre |
| Departments - Does NOT include content added after October 2018: | Faculty of Science, Technology and Arts > Department of Computing |
| Identification Number: | https://doi.org/10.1109/iThings-GreenCom-CPSCom-SmartData.2017.183 |
| Page Range: | 379-383 |
| Depositing User: | Shahrzad Zargari |
| Date Deposited: | 26 Jan 2018 12:44 |
| Last Modified: | 18 Mar 2021 06:05 |
| URI: | https://shura.shu.ac.uk/id/eprint/17047 |
Actions (login required)
 |
View Item |
Downloads
Downloads per month over past year