By Topic

First International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'05)

7-9 Nov. 2005

Filter Results

Displaying Results 1 - 25 of 28
  • First International Workshop on Systematic Approaches to Digital Forensic Engineering

    Publication Year: 2005
    Request permission for commercial reuse | PDF file iconPDF (841 KB)
    Freely Available from IEEE
  • First International Workshop on Systematic Approaches to Digital Forensic Engineering - Title Page

    Publication Year: 2005, Page(s):i - iii
    Request permission for commercial reuse | PDF file iconPDF (135 KB)
    Freely Available from IEEE
  • First International Workshop on Systematic Approaches to Digital Forensic Engineering - Copyright

    Publication Year: 2005, Page(s): iv
    Request permission for commercial reuse | PDF file iconPDF (117 KB)
    Freely Available from IEEE
  • First International Workshop on Systematic Approaches to Digital Forensic Engineering - Table of contents

    Publication Year: 2005, Page(s):v - vi
    Request permission for commercial reuse | PDF file iconPDF (129 KB)
    Freely Available from IEEE
  • Preface

    Publication Year: 2005, Page(s): vii
    Request permission for commercial reuse | PDF file iconPDF (116 KB) | HTML iconHTML
    Freely Available from IEEE
  • Committees

    Publication Year: 2005, Page(s): ix
    Request permission for commercial reuse | PDF file iconPDF (101 KB)
    Freely Available from IEEE
  • United States v Gorshkov detailed forensics and case study: expert witness perspective

    Publication Year: 2005, Page(s):3 - 24
    Request permission for commercial reuse | PDF file iconPDF (536 KB) | HTML iconHTML
    Freely Available from IEEE
  • Unifying computer forensics modeling approaches: a software engineering perspective

    Publication Year: 2005, Page(s):27 - 39
    Cited by:  Papers (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (352 KB) | HTML iconHTML

    As an effort to introduce formalism into computer forensics, researchers have presented various modeling techniques for planning, analysis, and documentation of forensics activities. These modeling techniques provide representations of various forensics subjects such as investigative processes, chain of events, and evidence tests. From a software engineering perspective, it seems that several of t... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Standardizing the construction of a digital forensics laboratory

    Publication Year: 2005, Page(s):40 - 47
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (208 KB) | HTML iconHTML

    Along with the increasing problems of cybercrime, digital forensics-related issues have become more and more important and serious. Digital forensics often involves the preservation, identification, extraction, documentation and interpretation of digital data. The construction of a forensics laboratory should include the objective of establishment, organization, responsibility, accreditation proce... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Digital forensics: exploring validation, verification & certification

    Publication Year: 2005, Page(s):48 - 55
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (200 KB) | HTML iconHTML

    Digital forensic teams and laboratories are now common place within Australia, particularly associated with law enforcement and intelligence agencies. The digital forensics discipline is rapidly evolving to become a scientific practice with domain-specific guideline. These guidelines are still under discussion in an attempt to progress the discipline so as to become as solid and robust in its scie... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Establishment of the standard operating procedure (SOP) for gathering digital evidence

    Publication Year: 2005, Page(s):56 - 65
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (272 KB) | HTML iconHTML

    The rapidly evolving age of information network is changing our lives without our awareness. With the development of information communication technology (ICT) and cybercrime (Internet crime) intelligence, modern judicature (including criminal, civil and administrative) must carry out litigation by using technology; especially in dealing with organized and terrible crime. Since digital evidence ha... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • How to be a digital forensic expert witness

    Publication Year: 2005, Page(s):69 - 85
    Cited by:  Papers (1)
    Request permission for commercial reuse | PDF file iconPDF (456 KB) | HTML iconHTML
    Freely Available from IEEE
  • The use of packet inter-arrival times for investigating unsolicited Internet traffic

    Publication Year: 2005, Page(s):89 - 104
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (760 KB) | HTML iconHTML

    Monitoring the Internet reveals incessant activity, that has been referred to as background radiation. In this paper, we propose an original approach that makes use of packet inter-arrival times, or IATs, to analyse and identify such abnormal or unexpected network activity. Our study exploits a large set of data collected on a distributed network of honeypots during more than six months. Our main ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • SIMbrush: an open source tool for GSM and UMTS forensics analysis

    Publication Year: 2005, Page(s):105 - 119
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (352 KB) | HTML iconHTML

    The aim of this paper is to describe a new open source tool, usable on Windows and Linux platform, for digital evidence extraction from SIMs and USIMs card. Nowadays, closed-source or confidential tools are used for this purpose and this is contrary to Daubert's test, because, it is not possible to gain the high degree of acceptability from scientific community required by the test itself. This to... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Comparative survey of local honeypot sensors to assist network forensics

    Publication Year: 2005, Page(s):120 - 132
    Cited by:  Papers (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (336 KB) | HTML iconHTML

    This paper intends to illustrate the usefulness of deploying multiple simple honeypot sensors in a large variety of locations. Indeed, a permanent identification of anomalies that occur on a single sensor allows pinpointing abnormal local activities. These can be the manifest of misconfiguration issues or highlight attacks particular to some given environments. Both cases are important for adminis... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Computer forensics, information security and law: a case study

    Publication Year: 2005, Page(s):135 - 141
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (185 KB) | HTML iconHTML

    Providing security and assurance to information systems and communications is one of the highest national priorities. It is our task to prepare computer information system security professionals with current security and assurance information to achieve this objective. To meet this urgent need, the faculty must have the knowledge and skills to be taught in the classroom. For several semesters, we ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Legal requirements for the use of keystroke loggers

    Publication Year: 2005, Page(s):142 - 150
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (216 KB) | HTML iconHTML

    This paper examines the American federal Wiretap Act and its application to the use of keystroke loggers as forensic tools and by private individuals. The paper concludes that for purposes of the Wiretap Act, a keystroke logger intercepts electronic communications if the keystrokes that the logger records are being transmitted over telephone lines or the Internet. Under the Wiretap Act, law enforc... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Technical challenges and directions for digital forensics

    Publication Year: 2005, Page(s):155 - 161
    Cited by:  Papers (18)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (192 KB) | HTML iconHTML

    Digital forensics is concerned with the investigation of any suspected crime or misbehaviour that may be manifested by digital evidence. The digital evidence may be manifest in various forms. It may be manifest on digital electronic devices or computers that are simply passive repositories of evidence that documents the activity, or it may consist of information or meta-information resident on the... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Evidence handling in proactive cyberstalking investigations: the PAPA approach

    Publication Year: 2005, Page(s):165 - 176
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (296 KB) | HTML iconHTML

    Stalking is the malicious, unsolicited intrusion on another's personal space, and cyber-stalking extends this to cyberspace via Internet technology. All fifty U.S. states criminalized stalking in the 1990's, and many have passed cyberstalking statutes as well. The anonymity and reach of the Internet, and the difficulties in capturing, recording, and verifying digital evidence combine to create new... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The law of possession of digital objects: dominion and control issues for digital forensics investigations and prosecutions

    Publication Year: 2005, Page(s):177 - 183
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (200 KB) | HTML iconHTML

    The possession of digital objects defines rights and liabilities of the possessor. The nature of digital data, networked systems and data security suggest review of the fundamental concept as applied to digital objects. Possession of digital objects may be separate and distinct from physical possession of storage media and systems. Failure to address this risks error based on misleading evidence a... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Digital evidence search kit

    Publication Year: 2005, Page(s):187 - 194
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (288 KB) | HTML iconHTML

    With the rapid development of electronic commerce and Internet technology, cyber crimes have become more and more common. There is a great need for automated software systems that can assist law enforcement agencies in cyber crime evidence collection. This paper describes a cyber crime evidence collection tool called DESK (digital evidence search kit), which is the product of several years of cumu... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Anti-cyberstalking: the Predator and Prey Alert (PAPA) system

    Publication Year: 2005, Page(s):195 - 205
    Cited by:  Papers (4)  |  Patents (7)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1192 KB) | HTML iconHTML

    Stalking is a crime typified by repeated harassment of another person and intrusion upon his or her privacy. Cyberstalking extends stalking into the realm of cyberspace wherein a predator stalks a victim or prey through Internet technologies such as emails, chat rooms, and instant messaging. This paper describes the Predator and Prey Alert (PAPA) system. PAPA consists of a set of integrated softwa... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Challenges of automating the detection of paedophile activity on the Internet

    Publication Year: 2005, Page(s):206 - 220
    Cited by:  Papers (3)  |  Patents (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (344 KB) | HTML iconHTML

    This review paper outlines the need for research into the process of automating the detection of paedophile activities on the Internet and identifies the associated challenges of the research area. The paper overviews and analyses technologies associated with the use of the Internet by paedophiles in terms of event information that each technology potentially provides. It also reviews the anonymit... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A DCT quantization-based image authentication system for digital forensics

    Publication Year: 2005, Page(s):223 - 235
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (836 KB) | HTML iconHTML

    With the advent of digital times, the digital data has gradually taken the place of the original analog data. However, the authenticity of digital data faces a great challenge due to the fact that the digital edit software is ubiquitous. It has aroused the suspicion on the reliability of digital data especially when the digital data renders to the court as the digital evidence. We propose an integ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Digital evidence collection process in integrity and memory information gathering

    Publication Year: 2005, Page(s):236 - 247
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (536 KB) | HTML iconHTML

    In this paper, we inspect general digital evidence collection process which is according to RFC3227 document, and establish specific steps for guaranteeing integrity of digital evidence and memory information collection. EnCase™ which was used globally has a weakness that MDC value of digital evidence can be modified, hence we propose MDC public system, MAC system and public authentication s... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.