In This Issue
Issue 16 - Out now!
Here's a quick review of some of the main articles within Issue 16
Issue
16 of Digital Forensics Magazine brings new techniques and ideas to the
industry. Subscribe today to ensure you get digital access, or if you
want, subscribe to the print edition. Find out more at our subscriptions
pages.
Here's just a few of the fantastic articles inside Issue 16...
VM Introspection: Creating New Frontiers For Live Forensics
In this article Rahul Kashyap looks at the unearthing and profiling sophisticated x64 bit kernel mode bootkits that continue to leverage holes on Windows 7 to bypass protection mechanisms like windows Patchguard to persist and infect machines. This article will describe some of the holes that these bootkits leverage with in-depth details and then will present some new emerging analysis technologies that leverage hypervisor enabled VM introspection.
Google Desktop Forensic Examinations
Digital forensic examiners may examine Google Desktop artifacts during an investigation. In the first part of her two part article Jenn Byrne looked at Google Desktop, how it works and how to do searches. In this second part of her article Jenn Byrne continues the analysis of Google Desktop.
Five Tips for Using Google Earth in Forensic Cases
A variety of commercial mobile forensic tools on the market are now
exporting data and files in a Google Earth file format, this article by
Michael Harrington aims to give analysts five ways they can use right
away to make their data more meaningful and presentable to investigating
officers and in court rooms. Readers will learn how to modify
description bubbles, add a logo, organize a case, locate coordinates and
add pictures.
Social Networking Steganography
Hidden messaging is an ancient art that has received a mega boost in the digital age. The mediums permit open communication and, consequently, the potential of hidden message propagation (steganography).
All communication media can be used for criminal purposes and the undermining of legitimate activities. The rich opportunities in social networking sites present a vast scope for messaging in images, text, sound files and so on. Brian Cusack and Aimie Chee investigate whether or not steganography should be a routine forensics check.
iPhone Backup Files
An abundance of research and time is afforded to devices such as the iPhone, due to the vast quantity of data that they can now facilitate and their potential to be utilized as a viable source of evidence. However, the iPhone backup file, a partial replica of the physical device, has yet to receive the same level of consideration. The first of two articles by Kate Wright provides an insight into the iPhone Backup file based on research and theoretical evaluation. It highlights the importance of the backup file as an integral component of the forensic process, whilst laying the foundations for the second technical-based article.
A Fresh Look at Cryptography
Julian Ashbourn takes a look at cryptography in general and introduces the simple SilkPad application as a means to demonstrate some of the principles involved. The article questions whether the sophistication and architecture of current methodologies is necessarily a good thing and will look ahead to the future of cryptography.
Utilising Reputation Data
Every day hundreds of new malware samples are discovered and the antivirus (AV) detection rate for each varies. The problem facing AV vendors is an intractable one; there are simply too many ways that authors of malware can package their code to evade detection. In this article William Anderson takes a look at why AV products need to be augmented by other tools and techniques.
History of Malware
In past three decades almost everything has changed in the field of
malware and malware analysis. From malware created as proof of some
security concept and malware created for financial gain to malware
created to sabotage infrastructure. In this article Nikola Milosevic
focus on history and evolution of malware and describes the most
important malware found to date.
Plus all the regular features, news, Robservations, our legal section and Apple Autopsy...
Login to read online or Subscribe today!