Digital Forensics: Open Source Tools Report (Assessment)

Exclusively available on Available only on IvyPanda® Written by Human No AI

The National Software Reference Library (NSRL)

The National Software Reference Library (NSRL) is a project at the National Institute of Standards and Technology (NIST), the primary goals of which are to store all existing software, file profiles, and file signatures and to provide guidelines for their efficient usage by various organizations that deal with forensic investigations. The library consists of three main sections:

  • a physical repository of application packages that are available for purchase;
  • a comprehensive database providing descriptions of every file that the packages contain; and
  • a small database of the most popular information, which is updated once every three months (Hayes, 2015).

At present, the library disposes of more than 7000 software packages with more than 35 million files—many of which are duplicates used in several programs simultaneously—and over 11 million unique files (Altheide & Carvey, 2011).

This database is very useful in the process of forensic investigation, as it saves the investigator a considerable amount of time that he or she would otherwise waste examining files. In fact, when possible, the database excludes known files that cannot provide any evidence from the automatic search. Moreover, the library can identify what programs were used in the system, which helps the investigator infer where he or she should examine for further evidence. This information can be particularly helpful when dealing with intellectual property issues, as it may show whether the user had a license for certain applications.

Computer Forensic Tool Testing

Computer Forensic Tool Testing (CFTT) is another project at NIST, which was created to check forensic tools (including both hardware and software) that are used in the process of investigation. The CFTT project was launched in 2000 and has proven to be quite successful in developing methodologies for forensic tools assessment. It offers a unique set of criteria and specifications that make it possible to estimate whether the tools are able to perform the functions that are required from them (Guttman, Lyle, & Ayers, 2014). So far, no critical errors have been found in the performance of CFTT.

CFTT results can be used not only by software producers who want to improve their tools but also by a wide range of specialists, including investigators. The project allows them to decide whether given tools meet all requirements and can be used for the specific purposes of a particular investigation. Evidence collected and verified with the help of CFTT is admissible in legal proceedings (Peterson & Shenoi, 2014).

Computer Forensic Reference Data Sets (CFReDS)

The Computer Forensic Reference Data Sets (CFReDS) represent a small but valuable body of data created by NIST, which provides simulated evidence for examination and allows investigators to perform string searches using various encodings (Peterson & Shenoi, 2014). The corpus contains disk images, mobile images, and system memory analysis images, some of which are accompanied by scenarios. CFReDS stores data retrieved from many different sources and allows users to create their own samples for performing particular tasks.

There are many ways to operate CFReDS in order to improve forensic evidence. These data sets are capable of several functions, including testing forensic tools, checking hardware and laboratory equipment, and training investigators. Practically all data sets can perform more than one function.

References

Altheide, C. & Carvey, H. (2011). Digital forensics with open source tools. Burlington, MA: Syngress.

Guttman, B., Lyle, J., & Ayers, R. (2014). . Digital Evidence And Electronic Signature Law Review, 8(1). Web.

Hayes, D. (2015). A practical guide to forensics investigations. Indianapolis: Pearson.

Peterson, G. & Shenoi, S. (2014). Advances in digital forensics X. Berlin, Heidelberg.

More related papers Related Essay Examples
Cite This paper
You're welcome to use this sample in your assignment. Be sure to cite it correctly

Reference

IvyPanda. (2020, August 10). Digital Forensics: Open Source Tools. https://ivypanda.com/essays/digital-forensics-open-source-tools/

Work Cited

"Digital Forensics: Open Source Tools." IvyPanda, 10 Aug. 2020, ivypanda.com/essays/digital-forensics-open-source-tools/.

References

IvyPanda. (2020) 'Digital Forensics: Open Source Tools'. 10 August.

References

IvyPanda. 2020. "Digital Forensics: Open Source Tools." August 10, 2020. https://ivypanda.com/essays/digital-forensics-open-source-tools/.

1. IvyPanda. "Digital Forensics: Open Source Tools." August 10, 2020. https://ivypanda.com/essays/digital-forensics-open-source-tools/.


Bibliography


IvyPanda. "Digital Forensics: Open Source Tools." August 10, 2020. https://ivypanda.com/essays/digital-forensics-open-source-tools/.

If, for any reason, you believe that this content should not be published on our website, please request its removal.
Updated:
This academic paper example has been carefully picked, checked and refined by our editorial team.
No AI was involved: only quilified experts contributed.
You are free to use it for the following purposes:
  • To find inspiration for your paper and overcome writer’s block
  • As a source of information (ensure proper referencing)
  • As a template for you assignment
1 / 1