Automating Disk Forensic Processing with SleuthKit, XML and Python
dc.contributor.author | Garfinkel, Simson L. | |
dc.date.accessioned | 2015-01-07T22:12:51Z | |
dc.date.available | 2015-01-07T22:12:51Z | |
dc.date.issued | 2009 | |
dc.identifier.citation | Garfinkel, Simson., Automating Disk Forensic Processing with SleuthKit, XML and Python, Systematic Approaches to Digital Forensics Engineering (IEEE/SADFE 2009), Oakland, California. (Acceptance rate: 32%, 7/22) | |
dc.identifier.uri | https://hdl.handle.net/10945/44249 | |
dc.description | *(IEEE/SADFE 2009), Oakland, California. | en_US |
dc.description | Refereed Conference Paper | en_US |
dc.description.abstract | We have developed a program called fiwalk which produces detailed XML describing all of the partitions and files on a hard drive or disk image, as well as any extractable metadata from the document files themselves. We show how it is relatively simple to create automated disk forensic applications using a Python module we have written that reads fiwalk's XML files. Finally, we present three applications using this system: a program to generate maps of disk images; an image redaction program; and a data transfer kiosk which uses forensic tools to allow the migration of data from portable storage devices without risk of infection from hostile software that the portable device may contain. | en_US |
dc.description.sponsorship | This work was funded in part by National Institute of Standards and Technology the Naval Postgraduate Schoolà à à à ¢ s Research Initiation Program. | en_US |
dc.rights | This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States. | en_US |
dc.title | Automating Disk Forensic Processing with SleuthKit, XML and Python | en_US |
dc.type | Paper | en_US |
dc.subject.author | Computer Forensics | en_US |
dc.subject.author | XML | en_US |
dc.subject.author | Sleuth Kit | en_US |
dc.subject.author | Python | en_US |