现代数字取证成像软件的功能比较(CS Society)
- 2020 年 1 月 3 日
- 筆記
数字化法证研究的基本过程(例如磁盘成像)是在数字化法研究相对年轻的时候开发出来的。 随着数字取证过程和程序的成熟,这些基本工具作为调查数据处理和分析阶段重置的支柱,在很大程度上保持不变。 这项工作是对现代数字取证成像软件工具的研究。 具体来说,我们将研究现代数字取证成像工具的功能集,以及它们的开发和发布周期,以了解基本工具开发的模式。 基于此调查,我们显示了随着时间的推移,当前数字调查基础软件开发和维护的弱点。 我们还提供了有关如何改进基本工具的建议。
原文题目:A Feature Comparison of Modern Digital Forensic Imaging Software
原文:Fundamental processes in digital forensic investigation, such as disk imaging, were developed when digital investigation was relatively young. As digital forensic processes and procedures matured, these fundamental tools, that are the pillars of the reset of the data processing and analysis phases of an investigation, largely stayed the same. This work is a study of modern digital forensic imaging software tools. Specifically, we will examine the feature sets of modern digital forensic imaging tools, as well as their development and release cycles to understand patterns of fundamental tool development. Based on this survey, we show the weakness in current digital investigation fundamental software development and maintenance over time. We also provide recommendations on how to improve fundamental tools.
原文作者:Jiyoon Ham,Joshua I. James
原文地址:https://arxiv.org/abs/2001.00301
