Lessons Learned Writing Computer Forensics Tools and Managing a 30TB Digital Evidence Corpus

Garfinkel, Simson

Download

Garfinkel_Lessons_Learned_DFRWS2012-9.pdf (264.2Kb)

Download Record

Download to EndNote/RefMan (RIS)

Download to BibTex

Author

Garfinkel, Simson

Date

2012-08

Metadata

Show full item record

Abstract

Writing digital forensics (DF) tools is difficult because of the diversity of data types that needs to be processed, the need for high performance, the skill set of most users, and the requirement that the software run without crashing. Developing this software is dramatically easier when one possesses a few hundred disks of other people's data for testing purposes. This paper presents some of the lessons learned by the author over the past 14 years developing DF tools and maintaining several research corpora that currently total roughly 30TB.

Description

DFRWS 2012, Aug. 6-8, 2012, Washington, DC.

The article of record as published may be found at http://dx.doi.org/10.1016/j.diin.2012.05.002

Refereed Conference Paper

Rights

This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.

URI

http://hdl.handle.net/10945/44256

Collections

Faculty and Researchers' Publications