Skip to main content
Springer Nature Link
Log in

Forensic Computing

  • Conference paper
Progress in Cryptology - INDOCRYPT 2003 (INDOCRYPT 2003)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2904))

Included in the following conference series:

  • 895 Accesses

Abstract

Technology is rapidly changing the speed and manner in which people interact with each other and with the world. As technology helps criminals to operate more easily and quickly across borders, so law enforcement capability must continuously improve to keep one step ahead. Computer forensics has become a specialized and accepted investigative technique with its own tools and legal precedents that validate the discipline. Specially designed forensic software is also widely used during the whole process of computer forensic investigation. This article introduces computer forensic and computer evidence, introduces and compares some forensic software, and summarizes its likely future development.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Marcella, A.J., Greenfield, R.: Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes. CRC Press, Boca Raton (2002)

    Book  Google Scholar 

  2. Anderson, M.R.: Computer evidence processing, the third step: preserve the electronic crime scene, http://www.forensics-intl.com/art7.html (Last visited March 12, 2003)

  3. ASR Data, http://www.asrdata.com/ (Last visited May 25, 2003)

  4. Braid, M.: Collecting electronic evidence after a system compromise, http://www.auscert.org.au/render.html?it=2247&ciddd=1920 (Last visited April 15, 2003)

  5. Middleton, B.: Cyber crime investigator’s field guide. CRC Press, Boca Raton (2002)

    Google Scholar 

  6. Tsoutsouris, D.: Computer forensic legal standards and equipment, http://rr.sans.org/incccident/legal_standards.php (Last visited March 5, 2003)

  7. Farmer, D., Venema, W.: Forensic computer analysis: an introduction, http://xxx.ddj.com/documents/s=881/ddj0009f/0009f.htm (Last visited December 5, 2002)

  8. Icove, D., Seger, K., VonStorch, W.: Computer Crime-A crimefighter’s Handbook. O’Reilly & Associates, Sebastopol (1995)

    Google Scholar 

  9. Disk Imaging Tool Specification. Version 3.1.6.NIST (National Institute of Standards and Technology), October 12 (2001), . http://www.cftt.nist.gov/testdocs.html (Last visited April 17, 2003)

  10. Lunn, D.A.: Computer Forensics: An Overview, http://www.sans.org/rr/incident/forensiccs.php (Last visited March 8, 2003)

  11. Casey, E.: Practical Approaches to Recovering Encrypted Digital Evidence. International Journal of Digital Evidence 1(3) (Fall 2002), http://www.ijde.org/docs/02_fall_art4.pdf (Last visited March 20, 2003)

  12. Witter, F.: Legal Aspects of Collecting and Preserving Computer Forensic Evidence, http://www.sans.org/rr/incident/evidence.php (Last visited March 5, 2003)

  13. Fisher, G.E.: Computer Forensics Guidance, http://www.nist.gov/itl/lab/bulletns/bltnnovOl.htm (Last visited March 15, 2003)

  14. Guidance Software, http://www.guidancesoftware.com/ (Last visited May 14, 2003)

  15. Holley, J.: Computer Forensics. SCInfo Security Magazine (September 2000), http://www.scmagazine.com/scmagazine/2000_09/survey/survey.html (Last visited April 11, 2003)

  16. Holley, J.O.: Computer Forensics in the new Millennium, http://www.scmagazine.com/scmagazine/1999_09/survey/survey.html (Last visited June 5, 2003)

  17. High Technology Crime Investigation Association (HTCIA), http://htcia.org (last visited March 21, 2003)

  18. Borck, J.: Leave the cybersleuthing to the experts, http://www2.idg.com.au/infoagel.nsf/all/957738BOF8F8313BCA256A6C001BB7A4?OpenDocument (Last visited December 15, 2002)

  19. Upchurch, J.: Combating Computer Crime, http://www.aatstake.com/research/tools/index.html#pdd (Last visited April 29, 2003)

  20. Robbins, J.: An Explanation of Computer Forensics, http://www.knock-knock.com/forens01.htm (Last visited November 20, 2002)

  21. Ryder, K.: Computer Forensics - We’ve had an Incident, Who Do We Get to Investigate?, http://www.sans.org/rr/incident/investigate.php (Last visited March 5, 2003)

  22. Saudi, M.M.: An Overview of Disk Imaging Tool in Computer Forensics, http://www.sanss.org/rr/incident/disk_imaging.php (Last visited March 16, 2003)

  23. Mares and Company, http://www.dmares.com/maresware/forensics.htm (Last visited May 25, 2003)

  24. Welsh, M., Dalheimer, M.K., Kaufman, L.: Running Linux, third version. O’Reilly, Sebastopol (1999)

    Google Scholar 

  25. McKemmish, R.: What is Forensic Computing? Australian Institute of Criminology trends and issues No. 118 (June 1999) http://www.aic.gov.au/publications/tandi/till8.pdf (Last visited December 15, 2002)

  26. Anderson, M.R.: Computer Evidence Processing-Potential Law Enforcement Liabilities, http://www.forensics-intl.com/art3.html (Last visited March 3, 2003)

  27. Haase, N.: Computer Forensics: Introduction to Incident Response and Investigation of Windows NT/2000, http://www.sans.org/rr/incident/comp_forensics3.php (Last visited March 5, 2003)

  28. (NSWCA) NSW Crimes Amendment (Computer Offences) Bill 2001, http://www.oznetlaw.net/pdffiles/CrimesAmendmentBill_2001.pdf (Last visited May 28, 2003)

  29. (NSWEA) NSW Evidence Act 1995, http://www.austlii.edu.au/au/legis/nsw/consol_act/eal99580/ (Last visited May 25, 2003)

  30. (NTI) New Technologies Inc (NTI.), http://www.forensics-intl.com/ (Last visited June 3, 2003)

  31. (NTICEPS) New Technologies Inc.: Computer Evidence Processing Steps, http://www.forensics-intl.com/evidguid.html (Last visited December 15, 2002 )

  32. Palmer, G.L.: Forensic Analysis in the Digital World, http://www.ijde.org/docs/forensic_analysis.pdf (Last visited May 16, 2003)

  33. Stephenson, P.: Investigating Computer-Related Crime. CRC Press, Boca Raton (2000)

    Google Scholar 

  34. PMSEIC Working Group on Science, Crime Preevention & Law Enforcement, Science, Crime Prevention and Law Enforcement (June 2, 2000), http://www.dest.gov.au/science/pmseic/documents/Crime.pdf (Last visited December 10, 2002)

  35. Grace, S.: Computer Incident Response and Computer Forensics Overview, http://www.sans.org/rr/incident/IRCF.php (Last visited March 6, 2003)

  36. Kaatzenbeisser, S., Petitcolas, F.A.P.: Information Hiding Technique for Steganography and Digital Watermarking. Artech House, Boston (2000)

    Google Scholar 

  37. Rude, T.: Next Generation Data Forensics & Linux, http://www.crazytrain.com/monkeyboy/Next_Generation_Forensics_Linux.pdf (Last visited April 25, 2002)

  38. Sammes, T., Jenkinson, B.: Forensic Computing - A Practitioner’s Guide. Springer, London (2000)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Centre for Computer Security Research, SITACS, University of Wollongong, Wollongong, NSW, 2522, Australia

    Xiang Li & Jennifer Seberry

Authors
  1. Xiang Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jennifer Seberry
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. of Electrical and Information Technology, Lund University, P.O. Box 118, 221 00, Lund, Sweden

    Thomas Johansson

  2. Indian Statistical Institute, 203 B T Road, 700 108, Kolkata, India

    Subhamoy Maitra

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Li, X., Seberry, J. (2003). Forensic Computing. In: Johansson, T., Maitra, S. (eds) Progress in Cryptology - INDOCRYPT 2003. INDOCRYPT 2003. Lecture Notes in Computer Science, vol 2904. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24582-7_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-24582-7_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-20609-5

  • Online ISBN: 978-3-540-24582-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics