Bruce Nikkel: Okay, thanks everyone. I hope you enjoyed the break. Welcome to the first session: session one, with the theme of file system forensics. We have two interesting papers in this session. The first one is a systematic … Read more
file systems
DFRWS-EU 2022: The Future of Digital Forensics Is Now
Moving digital forensics forward in terms of methods and frameworks, as well as organizational and cross-cultural collaboration, was an overarching theme of this year’s European Union edition of the Digital Forensics Research Workshop (DFRWS).
After 40 years, mainstays like file … Read more
Interpretation of NTFS Timestamps
Introduction
File and directory timestamps are one of the resources forensic analysts use for determining when something happened, or in what particular order a sequence of events took place. As these timestamps usually are stored in some internal format, additional … Read more
Standard Units in Digital Forensics
by Dr Chris Hargreaves
Lecturer at the Centre for Forensic Computing at Cranfield University in Shrivenham, UK.
EnCase file copying and Windows Short File Names
First published May 2010
By Lee Hui Jing, EnCe
Edited by Sarah Khadijah Taylor
A couple of months ago, one of my clients, an Investigating Officer from a Law Enforcement Agency, had requested me to extract some of the
Linux for computer forensic investigators: «pitfalls» of mounting file systems
First published October 2009
by Suhanov Maxim
ITDefence.Ru
Forensic Linux distribution is a customized Linux distribution that is commonly used to complete different tasks during computer forensics investigations. These distributions are often used to complete the following tasks:
–