Forensic Imaging

Download
File
eForensics Magazine 2019 10 Forensic Imaging.pdf

Dear Readers,

If you’re into forensics, you’d probably heard about tools like FTK Imager or Autopsy. We have published a lot of materials on those, but it’s the first edition strictly devoted to forensic imaging! We’re proud to present it to you.

The issue opens up with a very complex publication on Forensic Imaging Tools for Storage Media Examinations. It is a very in-depth analysis, which examines tools and techniques in each stage of the forensic process, but everyone even remotely associated with forensics would benefit from reading this article, including beginners. Further, we have a detailed introduction to Hardware Forensics. And then, we’re coming back to forensic imaging tools with an article by Matthew Kafami, which focuses on understanding the core concept of such tools. 

This issue also includes a write-up “Volatility and large memory files”, and as the author wrote in the introduction - the purpose of this article is to discuss the modern forensic analysis that investigates captured memory images: how to deal with 64-bit images and robust memory, focusing on open source Volatility framework. 

Inside you will also find an article “Crime Scene Investigation of GPS Data in Unmanned Aerial Vehicles (UAV)”. We know you like your drones, guys!

And we have a little surprise! “From Mars to Earth: How Virtual Reality and 360° Imaging Can Transform Crime Scene Investigations” - so forensic imaging, but not exactly the kind that first comes to your mind.

That’s not all! This issue also cover Data Breaches Analysis, OSINT with e-mails, DNS Security and Minimising the digital backlog through children’s education.

Thanks to all authors, reviewers, and proofreaders for participating in this project.

Have a nice read!

Regards,

Dominika Zdrodowska

and the eForensics Magazine Editorial Team


Buy this issue

 Download free magazine preview


TABLE OF CONTENTS


Forensic Imaging Tools for Storage Media Examinations

by Deivison Franco, Leandro Trindade and Daniel Müller

Because it is the media type most examined by experts, this article will focus on hard disks, which does not prevent, however, that the techniques and tools presented can be used in the analysis of other types, focusing on postmortem media analysis, rather than live analysis, where the expert would find the computer turned on, where we divided into the first three phases of the media forensics process.

Hardware Forensics

by Deivison Franco, Leandro Trindade and Felipe Hifram

This article aims to provide an overview of Hardware Forensics and embedded computer expert exams (embedded systems) - a very broad category of digital systems, that is, a wide and open class of systems. However, due to its diversity and constant evolution, it is not very easy to systematize expert methods and procedures. Systems that, in fact, are often not exclusively digital and sometimes not exclusively electronic.

Understanding The Concept Behind Forensic Imaging Tools

by Matthew Kafami

To better understand how tools like FTK Imager or Autopsy, we will create our own overly simplified tool to complete the tasks mentioned below, using only the tools native to common Linux operating systems in the form of bash scripting. 

Volatility and large memory files

by Paulo Pereira

The purpose of this article is to resume a very important discussion around the modern forensic analysis that investigates captured memory images: how to deal with 64-bit images and robust memory, focusing on open source Volatility framework. Today, it is well known that the excellent team that develops Volatility also sells software (Volexity) with memory capture capabilities, which is not tested here.

Crime Scene Investigation of GPS Data in Unmanned Aerial Vehicles (UAV)

by Chirath De Alwis

This article describes the evidence acquisition from drones and extraction of GPS information from drone artifacts.

From Mars to Earth: How Virtual Reality and 360° Imaging Can Transform Crime Scene Investigations

by Mehzeb Chowdhury

However, with VR and 360° photos and video, investigators could examine and re-examine scenes even without being present, regardless of the time since the original scene processing, and the degradation of the evidential artefacts between the initial crime scene discovery, and evidence presentation in court.

Data Breaches Analysis

by Tokyo_v2

Firstly, I picked at random an e-mail published live on a television news channel. This e-mail is popular enough to give me a lot of data breaches that I can analyse. I then decided to put this through various e-mail services and see how much I can grab about this company and its employees by analysing the data breaches this e-mail is in. 

OSINT with Emails

by Joshua Richards

This article is going to show you many ways that you can pivot from an email address to find new information to advance your investigation and locate the person behind it.

Minimising the digital backlog through children’s education

By Lauren Nelson & Rachael Medhurst

‘Cybercrime is any kind of crime that involves a computer. That could be hacking, or it could be identity theft or child pornography’. There are three types of crimes; these include cyber dependent crime, cyber enabled crime and traditional crime. 

DNS Security

by Ranjitha R

There are a lot of ways that DNS can be abused and misused to gain access into a network, avert the traffic out of a network, or communicate with malware installed inside the network. Because the DNS protocol is so extensively used and critical to the everyday operations of most organizations, it can be hard to protect against all the different threat vectors while still keeping an organization functioning with minimum impact on the users.


Download
File
eForensics Magazine 2019 10 Forensic Imaging.pdf

July 30, 2021
Subscribe
Notify of
guest

0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023