Novel First Responder Script as a Tool for Computer Forensics

Stoilkovski, Marjan and Bogdanoski, Mitko and Risteski, Aleksandar (2013) Novel First Responder Script as a Tool for Computer Forensics. In: International Conference on Advances in Computing, Electronics and Communication ACEC – 2013,, 12-13 Oct 2013, Zurich, Switzerland.

[thumbnail of nm.php_id=2115] Text
nm.php_id=2115 - Published Version

Download (761kB)

Abstract

The computer forensics as a branch of digital forensic pertaining to legal evidence found in computers and digital storage media. In order forensic acquisition to be more reliable it must be performed on computers that have been powered off. This type of forensics is known as ‘traditional’ or 'dead' forensic acquisition. However, this type of forensic cannot be used to collect and analyze the information which is not on the hard disk, or encrypted data. The disadvantages of the dead forensics can be overcome handling a live forensics acquisition process. There are many commercial and freeware tools which can be used to provide information based on live forensics acquisition. The problem with this tools is that in many cases the examiner cannot explain the script functionality and generated results and information. Because of this reason there is a increased need for developing and using script which can be easy explained and adapted to any analysis which should be made by the examiners. The paper presents a developed First Responder script which can be used to perform a live forensics analysis.

Item Type: Conference or Workshop Item (Paper)
Subjects: Natural sciences > Computer and information sciences
Engineering and Technology > Electrical engineering, electronic engineering, information engineering
Divisions: Military Academy
Depositing User: Mitko Bogdanoski
Date Deposited: 20 Jan 2015 13:35
Last Modified: 20 Jan 2015 13:35
URI: https://eprints.ugd.edu.mk/id/eprint/11921

Actions (login required)

View Item View Item