|
Einrichtungen >> Technische Fakultät (TF) >> Department Informatik (INF) >> Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen) >>
|
Digital Forensics through Selective Imaging on Live Systems
- Art der Arbeit:
- Studien-/Bachelor-/Diplom-/Masterarbeit
- Betreuer:
- Thierry, Aurelien
Müller, Tilo Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen) E-Mail: tilo.mueller@cs.fau.de
- Beschreibung der Arbeit:
- The traditional approach to computer forensics includes duplicating storage devices and performing the analysis on the copy. This is forensically sound but can be impractical as some artifacts cannot be imaged easily (memory, soldered SSD, etc.) and duplicating multiple machines is a very lengthy process.
Selective imaging [1, 2] on a live system consists in running a program directly on the device to collect some key artifacts [3]. It provides a quick collection alternative that can be run on multiple devices without the need to physically remove and image disks. The project is to design and implement a modular framework for selective imaging that is as forensically sound as possible while allowing the collection of various artifacts both on live systems and on storage devices. The framework will be published as open-source and target forensics collection on Windows devices. [1] Selective Imaging Revisited - https://ieeexplore.ieee.org/document/6568553/
[2] Selektive Datensicherungen in der IT-Forensik - https://link.springer.com/article/10.1007/s11623-014-0043-7
[3] FastIR - https://github.com/Fast-IR/Fastir_Collector
- Schlagwörter:
- Digital Forensics
- Bearbeitungszustand:
Die Arbeit ist bereits abgeschlossen. |
|
|
|
|
UnivIS ist ein Produkt der Config eG, Buckenhof |
|
|