Dear All
I'm Master degree student in Information System Security in Thailand.For now i want to do project Independent study in digital forensic project for my think first about Private browsing forensic i already research in the paper
and most topic on internet about this article.I know when use private browsing mode in web browser etc IE
they store history file in %systemdir%\Temporary Internet Files\Content.ie5 when i close IE that files disappear
it will store at some sector in hard disk or in ram memory the big question for me is "How i recover it"
another idea about Tor network forensic i don't know now have tools can forensic Tor network ?
if you have another idea please suggestion i'm a newbie in digital forensic field
Thank you
be quite T T
Big data visualisation of Forensic data - how to make sense of a tonne of information.
Thank you ,Bealberna and MDCR i will looking for you suggestion
Big data visualisation of Forensic data - how to make sense of a tonne of information.
Can you explain for this idea i a bit confuse
Big data visualisation of Forensic data - how to make sense of a tonne of information.
This one I find as interesting, in part because it's directly opposed to the school of thought that suggests that DFIR analysts should focus on the goals of their exam, and target the data needed to achieve those goals. This is perhaps most publicly discussed in Chris Pogue's presentations on "Sniper Forensics".
Here's a very good example
http//
David Cowen, as part of his blog-a-day yearlong project, posts challenges on Sundays. During a recent challenge, several respondents included references to CCleaner in their "report", even though that had nothing whatsoever to do with the stated challenge.
There are many analysts who say that they want to see "everything", so that they can determine what is of value…many of them say that at that at the start of a case, they don't know what will be of value, and the result is "big data".
In many instances, the data does appear to be "big", but that may be the result of, at least to some extent, a lack of understanding on the part of the analyst.
Big data visualisation of Forensic data - how to make sense of a tonne of information.
Can you explain for this idea i a bit confuse
Pretty much everything from traditional link analysis to visual filtering of data to easily sort out what is interesting/not interesting. We are (unfortunately) in an age where the term big data exists - and information is growing by the minute, we need good tools to
1. Visualise a lots of data in an understandable, comprehensable way.
2. Be able to filter out lots of data so we end up with a small, relevant and workable set of data regardless of if it comes from a USB stick, a network capture or any other source.
3. Be able to work with the data (drag and drop, linking/splitting relations) to draw conclusions from it.
4. Use simple ways to model data in ways to detect anomalies etc.
There are no good tools for this in existance today, and anyone who says there is is probably selling software, on drugs - or both.