Digital forensics XML and the DFXML toolset
MetadataShow full item record
Digital Forensics XML (DFXML) is an XML language that enables the exchange of structured forensic information. DFXML can represent the provenance of data subject to forensic investigation, document the presence and location of file systems, files, Microsoft Windows Registry entries, JPEG EXIFs, and other technical information of interest to the forensic analyst. DFXML can also document the specific tools and processing techniques that were used to produce the results, making it possible to automatically reprocess forensic information as tools are improved. This article presents the motivation, design, and use of DFXML. It also discusses tools that have been creased that both ingest and emit DFXML files.
The article of record as published may be located at http://dx.doi.org/10.1016/j.diin.2011.11.002
Showing items related by title, author, creator and subject.
Use of Attribution and Forensic Science in Addressing Biological Weapon Threats: A Multi-Faceted Study Bidwell, Christopher A.; Bhatt, Kishan (Federation of American Scientists, 2016-02);The threat from the manufacture, proliferation, and use of biological weapons (BW) is a high priority concern for the U.S. Government. As reflected in U.S. Government policy statements and budget allocations, deterrence ...
Woods, Kam; Lee, Christopher A.; Garfinkel, Simson; Dittrich, David; Russell, Adam; Kearton, Kris (AFDSL, 2011-05-25);We present work on the design, implementation, distribution, and use of realistic forensic datasets to support digital forensic and security education. We describe in particular the "M57-Patents" scenario, a multi-modal ...
Garfinkel, Simson (2010);Today's Golden Age of computer forensics is quickly coming to an end. Without a clear strategy for enabling research efforts that build upon one another, forensic research will fall behind the market, tools will become ...