Hi,
Once again I need your wisdom! I have to write a 5-7 pages report on a forensic based topic. I need some ideas; I would like to stick with technical issues as that's what I'm best at. Any ideas would be awesome as I just can't think of any.
Thanks for your help!
1. Detecting and extracting steganographic payloads from the ancillary bit fields of MP3 files.
2. Detecting duress payloads in encrypted and stego'd files.
3. Detecting stego/encryption programs that disguise themselves as another innocent looking program. For the exercise, these programs also come with a user utility to allow changing the Windows resource part of the exe file, thereby altering the hash.
4. Dealing with technical issues associated with anti-forensic technologies.
5. Technicalities with finding hidden data embedded into a router's firmware by a user. It's possible using the Open Router project's firmware.
6. Highly technical, I've worked on it, but don't have time. Get a random chunk of data and compress it. Different sorts of data compress at different rates. It is then theoretically possible to guess? with a reasonable probability whether the data was jpg, bmp, etc…
Hope these help D
How about…
A critical compression of static vs live imaging
- cover acpo guidelines and if they need changing
- the amount of data stored in RAM so cant just pull the plug
- how admissible this data is in a court of law
- the need to retrieve encryption keys from RAM
- type of data stored in RAM
Cell Phones. A new cell phone comes out every day, making it difficult for examiners to have the proper equipment to collect from the phone, let alone understand the techical aspects of every phone.