dfm covers

Coming Up In Issue 14

Written by DFM Team

WHAT’S COMING UP IN ISSUE 14 - Out February 2012

Continuing our aim of bringing you new and interesting articles from the world of Digital Forensics, Issue 14 is shaping up to be another good mix of research and practical advice, here is just a taste of some of the articles being looked at.

Hard Drive Repair

This feature article is all about how to affect a hard drive repair by swapping the platters and investigating other repair methods. Andrew Jones looks at how this work aids forensic investigations.

Timeline Analysis and l2t_Review

This article by David Nides looks at the how if a digital story is to be told, chances are it will be with “timeline analysis”. It all starts with the creation of a timeline by normalizing event data by time and presenting it in chronological order for review. To a reviewer, this sequence of event data becomes a technical narrative that can be used to put events into context, interpret complex data, and identify anomalies or patterns.

The Process And Technical Aspects Of Analysing An Android Phone

Gabrielle Williams provides an in depth look at the Android phone and presents a process and the technical aspects applicable when carrying out a digital investigation.

Ontology Aided Searching for Automated Evidence Retrieval Level

Graeme Horsman looks at how digital forensics is facing challenges posed by both the increasing size of digital storage media and demanding constraints placed on investigators. The time it takes to complete an examination can dramatically vary, yet prevalence for obtaining evidence as quick as possible is taken. Triage is an approach recently adopted by the field in an attempt to reduce backlogs with an aim to prioritise evidence for examination, producing quicker results. A proposal is made for the use of web crawling and ontological structures to automatically generate knowledge of a suspected offence, which can query binary data stored within suspected files and decide which data is evidential.

Blackberry Analysis

The article written by Kevin Mansell will outline the challenges presented by the secure way in which BlackBerry devices delete data from memory cards (which is unusual in terms of FAT implementations) and present alternate methods for recovering deleted data from BlackBerry devices and associated media cards. BlackBerry devices produce and maintain records of files within specific folders, and in the case of image files, a thumbnail image is cached. Armed with the appropriate knowledge, skills and tools, the forensic examiner can identify and recover these cached records with the aim of presenting details of files which have since been deleted on the device. The article will present the results of our research into the format of these records, which has evolved as new versions of BlackBerry OS have been released. Kevin also includes a brief explanation of the benefit of Python scripting for automating otherwise manual recovery steps will also be included if space allows.

Unique Policy To Protect Businesses From Cyber Crime

We asked the folks who created the unique insurance policy designed specifically to protect businesses against the rising threat of cyber crime to explain how it works so you can draw your own conclusion on the applicability to your own environment.

Plus all our usual features “Apple Autopsy”, “360”, “IRQ” and “Robservations” “Legal news and alerts”.

Note: We may change the planned content of future issues without notice.

Subscribe Today

Please make cache directory writable.

Submit an Article

Call for Articles

We are keen to publish new articles from all aspects of digital forensics. Click to contact us with your completed article or article ideas.

Featured Book

Learning iOS Forensics

A practical hands-on guide to acquire and analyse iOS devices with the latest forensic techniques and tools.

Meet the Authors

Mark Osborne

Mark Osborne is the author of 'How To Cheat at Managing Information Security'


Coming up in the Next issue of Digital Forensics Magazine

Coming up in Issue 34 on sale from February 2018:

Device Forensics in the Internet of Things

As more businesses and consumers adopt IoT devices, privacy violations and cyber-attacks by malicious actors will become commonplace due to the insecure IoT infrastructure. Read More »

Data Destruction In Current Hard Disks & Data Destruction Techniques

Data destruction is a process traditionally applied using physical techniques, aiming at the completely destruction of the hard disk, however, there is an increasing interest in the use of logical techniques for data destruction, that allow reusing the physical device. Read More »

Subscribe today

Faster Searching For Known Illegal Content

Cryptographic (“MD5”) hash searching for known illegal material is one of the most thorough methods of digital forensic investigation. However, the technique is hampered by the ever-increasing size of media being examined, and the size of the hash list being searched. Read More »

Every Issue
Plus the usual Competition, Book Reviews, 360, IRQ, Legal

Click here to read more about the next issue