|
Einrichtungen >> Technische Fakultät (TF) >> Department Informatik (INF) >> Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen) >>
|
Cross-Contamination of Evidence During Live Responses (Bachelor/Master)
- Art der Arbeit:
- Studien-/Bachelor-/Diplom-/Masterarbeit
- Betreuer:
- Gruber, Jan
Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen) Telefon +49 9131 85 69597, Fax +49 9131 85 69919, E-Mail: jan.gruber@fau.de
- Beschreibung der Arbeit:
- Law enforcement analysts as well as incident responders perform acquisitions and
triage analyses on running system to an increasing extent. However, the
possibility of cross-contamination of digital evidence during such live response
scenarios has not been quantified. In the course of this thesis,
theoretical hypotheses about potential sources of pollutions and their effects
on volatile as well as non-volatile evidence should be elaborated and
experimentally validated. As a result, the thesis should provide answers to
question like, when and under which circumstances cross-contamination of digital
evidence is likely to occur, to what extend such a contamination could take
place, which artifacts could be affected, and which countermeasures should be
employed to minimize the pollution of the system under investigation.
- Vorausgesetzte Vorlesungen bzw. Kenntnisse:
- To accomplish this project you should be familiar with OS internals, filesystem- as well as memory-forensics and have some initial knowledge about the tooling and procedures for conducting live responses. Furthermore, you should be experienced in conducting state- and event-based analyses. The ideal candidate has a experience with automating the construction of analysis environments and the analysis steps itself.
- Schlagwörter:
- Forensics, Live Analysis
- Bearbeitungszustand:
Die Arbeit ist bereits vergeben. |
|
|
|
|
UnivIS ist ein Produkt der Config eG, Buckenhof |
|
|