Abstract
Providing the ability to any law enforcement officer to remotely transfer an image from any suspect computer directly to a forensic laboratory for analysis, can only help to greatly reduce the time wasted by forensic investigators in conducting on-site collection of computer equipment. RAFT (Remote Acquisition Forensic Tool) is a system designed to facilitate forensic investigators by remotely gathering digital evidence. This is achieved through the implementation of a secure, verifiable client/server imaging architecture. The RAFT system is designed to be relatively easy to use, requiring minimal technical knowledge on behalf of the user. One of the key focuses of RAFT is to ensure that the evidence it gathers remotely is court admissible. This is achieved by ensuring that the image taken using RAFT is verified to be identical to the original evidence on a suspect computer.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Dahlman, E., Ekström, H., Furuskär, A., Jading, Y., Karlsson, J., Lundevall, M., Parkvall, S.: The 3G Long-Term Evolution – Radio Interface Concepts and Performance Evaluation. In: 63rd IEEE Vehicular Technology Conference, Melbourne, Australia (May 2006)
dcfldd (Department of Defence Computer Lab Dataset Definition) (April 2009), http://dcfldd.sourceforge.net
Gao, Y., Richard III, G.G., Roussev, V.: Bluepipe: A Scalable Architecture for On-the-Spot Digital Forensics. International Journal of Digital Evidence 3(1) (2004)
Govil, J., Govil, J.: An Empirical Feasibility Study of 4G’s Key Technologies. In: Proceedings IEEE International Conference on Electro/Information Technology (EIT), pp. 267–270 (2008)
Ray, I., Shenoi, S.: 26: Time Analysis of Hard Drive Imaging Tools. In: Advantages in Digital Forensics IV, pp. 340–343 (2008)
Richard III, G.G., Roussev, V.: Next-Generation Digital Forensics. Communications of the ACM 49(2), 76–80 (2006)
Roussev, V., Richard III, G.G.: Breaking the performance wall: the case for distributed digital forensics. In: Proceedings of the 2004 Digital Forensics Research Workshop, Baltimore, Maryland, USA (DFRWS) (August 2004)
Sealey, P.: Remote Forensics. Digital Investigation 1(4), 261–265 (2004)
Speedtest Mini, Downloaded (April 2009), http://www.speedtest.net/mini.php
SSH Filesystem, Downloaded (April 2009), http://fuse.sourceforge.net/sshfs.html
Ubuntu Linux 8.04 (November 2008), http://www.ubuntu.com
Wang, S.-J.: Measures of retaining digital evidence to prosecute computer-based cyber-crimes. Computer Standards & Interfaces 29(2), 216–223 (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Scanlon, M., Kechadi, MT. (2010). Online Acquisition of Digital Forensic Evidence. In: Goel, S. (eds) Digital Forensics and Cyber Crime. ICDF2C 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 31. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-11534-9_12
Download citation
DOI: https://doi.org/10.1007/978-3-642-11534-9_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-11533-2
Online ISBN: 978-3-642-11534-9
eBook Packages: Computer ScienceComputer Science (R0)