Automating Disk Forensic Processing with SleuthKit, XML and Python
Garfinkel, Simson L.
MetadataShow full item record
We have developed a program called fiwalk which produces detailed XML describing all of the partitions and files on a hard drive or disk image, as well as any extractable metadata from the document files themselves. We show how it is relatively simple to create automated disk forensic applications using a Python module we have written that reads fiwalk's XML files. Finally, we present three applications using this system: a program to generate maps of disk images; an image redaction program; and a data transfer kiosk which uses forensic tools to allow the migration of data from portable storage devices without risk of infection from hostile software that the portable device may contain.
*(IEEE/SADFE 2009), Oakland, California.Refereed Conference Paper
Showing items related by title, author, creator and subject.
Agrawal, B.N. (2005);This paper presents a review of the spacecraft design program at the Naval Postgraduate School. This program is part of the space systems engineering curriculum. In this curriculum, the students take at least one course ...
Klee, Charles W., Jr. (Boston, Massachusetts; Boston University, 1968-06);Over the past several years the United States Atlantic Fleet Anphib1ous Force has been faced with increasing losses of qualified enlisted men. In 1965 the Atlantic Fleet Amphibious Force had more men leaving the Navy than ...
An analysis of cost overruns in the development of the Navy's A-12 Avenger aircraft [electronic resource] McKsymick, Eric M.; McKsymick, Eric M. (Monterey, California. Naval Postgraduate School, 1995-12);This thesis examines the termination of the Navy's A-12 Program. Specifically, the research sought to answer the question: Were the A-12 Program's cost overruns exceptional when compared to other major acquisitions. Prior ...