Evidentiary Value of Link Files

First published March 2006

by Nathan Weilbacher

I have been reading the posts in Forensic Focus for about a year now and on many occasions I have followed with great interest the threads of discussion on many topics. There are … Read more

Real-Time Steganalysis

First published October 2005

A Key Component of a Comprehensive Insider Threat Solution

James E. Wingate, CISSP-ISSEP, CISM, IAM
Director, Steganography Analysis & Research Center (SARC)
Vice President for West Virginia Operations
Backbone Security.Com


Chad W. Davis, CCE… Read more

Digital forensics of the physical memory

First published September 2005

Mariusz Burdach
[email protected]
Warsaw, March 2005
last update: July 11, 2005


This paper presents methods by which physical memory from a compromised machine can be analyzed. Through this methods, it is possible to extract useful … Read more

An Analytical Approach to Steganalysis

First published August 2005

by James E. Wingate, CISSP-ISSEP, CISM, IAM
Director, Steganography Analysis & Research Center

Chad W. Davis
Computer Security Engineer
Backbone Security.Com


Rapidly evolving computer and networking technology coupled with a dramatic expansion in … Read more

Smart Anti-Forensics

First published June 2005

by Steven McLeod
steven [email protected] com au
May 2005


This paper highlights an oversight in the current industry best practice procedure for forensically duplicating a hard disk. A discussion is provided which demonstrates that … Read more

Data: The Basics of Computer Forensics

First published June 2005

by Edward Pscheidt

Everything is created on a computer. To be more precise, almost everything that is the subject of litigation was created on a computer. Be they letters, blueprints or company books, the vast … Read more

An Investigation Into Computer Forensic Tools

First published June 2005

K.K. Arthur & H.S. Venter
Information and Computer Security Architectures (ICSA) Research Group
Department of Computer Science
University of Pretoria

This material is based upon work supported by Telkom, IST and the NRF through THRIP. … Read more