dfm covers

Coming Up In Issue 14

Written by DFM Team

WHAT’S COMING UP IN ISSUE 14 - Out February 2012

Continuing our aim of bringing you new and interesting articles from the world of Digital Forensics, Issue 14 is shaping up to be another good mix of research and practical advice, here is just a taste of some of the articles being looked at.

Hard Drive Repair

This feature article is all about how to affect a hard drive repair by swapping the platters and investigating other repair methods. Andrew Jones looks at how this work aids forensic investigations.

Timeline Analysis and l2t_Review

This article by David Nides looks at the how if a digital story is to be told, chances are it will be with “timeline analysis”. It all starts with the creation of a timeline by normalizing event data by time and presenting it in chronological order for review. To a reviewer, this sequence of event data becomes a technical narrative that can be used to put events into context, interpret complex data, and identify anomalies or patterns.

The Process And Technical Aspects Of Analysing An Android Phone

Gabrielle Williams provides an in depth look at the Android phone and presents a process and the technical aspects applicable when carrying out a digital investigation.

Ontology Aided Searching for Automated Evidence Retrieval Level

Graeme Horsman looks at how digital forensics is facing challenges posed by both the increasing size of digital storage media and demanding constraints placed on investigators. The time it takes to complete an examination can dramatically vary, yet prevalence for obtaining evidence as quick as possible is taken. Triage is an approach recently adopted by the field in an attempt to reduce backlogs with an aim to prioritise evidence for examination, producing quicker results. A proposal is made for the use of web crawling and ontological structures to automatically generate knowledge of a suspected offence, which can query binary data stored within suspected files and decide which data is evidential.

Blackberry Analysis

The article written by Kevin Mansell will outline the challenges presented by the secure way in which BlackBerry devices delete data from memory cards (which is unusual in terms of FAT implementations) and present alternate methods for recovering deleted data from BlackBerry devices and associated media cards. BlackBerry devices produce and maintain records of files within specific folders, and in the case of image files, a thumbnail image is cached. Armed with the appropriate knowledge, skills and tools, the forensic examiner can identify and recover these cached records with the aim of presenting details of files which have since been deleted on the device. The article will present the results of our research into the format of these records, which has evolved as new versions of BlackBerry OS have been released. Kevin also includes a brief explanation of the benefit of Python scripting for automating otherwise manual recovery steps will also be included if space allows.

Unique Policy To Protect Businesses From Cyber Crime

We asked the folks who created the unique insurance policy designed specifically to protect businesses against the rising threat of cyber crime to explain how it works so you can draw your own conclusion on the applicability to your own environment.

Plus all our usual features “Apple Autopsy”, “360”, “IRQ” and “Robservations” “Legal news and alerts”.

Note: We may change the planned content of future issues without notice.

Subscribe Today

Please make cache directory writable.

Submit an Article

Call for Articles

We are keen to publish new articles from all aspects of digital forensics. Click to contact us with your completed article or article ideas.

Featured Book

Learning iOS Forensics

A practical hands-on guide to acquire and analyse iOS devices with the latest forensic techniques and tools.

Meet the Authors

Andrew Harbison

Andrew Harbison is a Director and IT Forensics Lead at Grant Thornton


Coming up in the Next issue of Digital Forensics Magazine

Coming up in Issue 36 on sale from February 2018:

Crowd Sourcing Digital Evidence The Risk v The Reward

All digital devices used today can be considered as a potential source for digital evidence. Andrew Ryan investigates the current state in the art of crowd sourced digital evidence. Read More »

Recovery of Forensic Artifacts from Deleted Jump-List in Windows 10

Jump-Lists are widely discussed in forensics community since the release of Windows 7 and are having more capabilities to reveal forensics artifacts in Windows 10. Read More »

Subscribe today

Voice Biometrics

This article looks at the research and development in the field of Voice Biometrics and Speech Analytics, specifically Speaker Identification, Language and Gender Identification, Speech-to-Text Transcription, Keyword Spotting, and others. Read More »

Every Issue
Plus the usual Competition, Book Reviews, 360, IRQ, Legal

Click here to read more about the next issue