Skip to main content
Article thumbnail
Location of Repository

Foundations for Visual Forensic Analysis

By 

Abstract

Abstract—Computer forensics is the preservation, analysis, and interpretation of computer data. It is a crucial tool in the arsenal of law enforcement investigators, national security analysts, and corporate computer emergency response teams. There is a need for software that aids investigators in locating data on hard drives left by persons committing illegal activities. Analysts use forensic techniques to analyze insider attacks on organizations and recover data hidden or deleted by disgruntled employees or attackers. Advanced software tools are needed to reduce the tedious efforts of forensic examiners, especially when searching large hard drives. This paper discusses the background, algorithms, fundamentals, and techniques intrinsic to the visual analysis of typical computer forensic data. In terms of the visualization technique itself we discuss a visualization techniques to represent file statistics such as file size, last access date, creation date, last modification date, owner, number of i-nodes for fragmentation, and file type. The user interface to this software allows file searching, pattern matching, and the display of file contents

Topics: Index Terms—Computer Forensics, Visualization, User Interfaces, Software Architecture, Algorithms
Year: 2009
OAI identifier: oai:CiteSeerX.psu:10.1.1.135.6934
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • http://citeseerx.ist.psu.edu/v... (external link)
  • http://www.cs.usu.edu/~erbache... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.