現代數字取證成像軟件的功能比較(CS Society)
- 2020 年 1 月 3 日
- 筆記
數字化法證研究的基本過程(例如磁盤成像)是在數字化法研究相對年輕的時候開發出來的。 隨着數字取證過程和程序的成熟,這些基本工具作為調查數據處理和分析階段重置的支柱,在很大程度上保持不變。 這項工作是對現代數字取證成像軟件工具的研究。 具體來說,我們將研究現代數字取證成像工具的功能集,以及它們的開發和發佈周期,以了解基本工具開發的模式。 基於此調查,我們顯示了隨着時間的推移,當前數字調查基礎軟件開發和維護的弱點。 我們還提供了有關如何改進基本工具的建議。
原文題目:A Feature Comparison of Modern Digital Forensic Imaging Software
原文:Fundamental processes in digital forensic investigation, such as disk imaging, were developed when digital investigation was relatively young. As digital forensic processes and procedures matured, these fundamental tools, that are the pillars of the reset of the data processing and analysis phases of an investigation, largely stayed the same. This work is a study of modern digital forensic imaging software tools. Specifically, we will examine the feature sets of modern digital forensic imaging tools, as well as their development and release cycles to understand patterns of fundamental tool development. Based on this survey, we show the weakness in current digital investigation fundamental software development and maintenance over time. We also provide recommendations on how to improve fundamental tools.
原文作者:Jiyoon Ham,Joshua I. James
原文地址:https://arxiv.org/abs/2001.00301
