Difference between revisions of "Bibliography"

From ForensicsWiki
Jump to: navigation, search
m (Papers moved to Bibliography)
(Evidence Gathering: Added article on methods of retrieving digital evidence.)
 
(23 intermediate revisions by 4 users not shown)
Line 1: Line 1:
=Important Forensics Papers=
+
=Disk Disposal and Data Recovery=
 +
* [http://forensic.belkasoft.com/download/info/SSD%20Forensics%202012.pdf Why SSD Drives Destroy Court Evidence, and What Can Be Done About It] by Oleg Afonin and Yuri Gubanov, 2012
 +
* [http://www.deepspar.com/pdf/DeepSparDiskImagingWhitepaper3.pdf Disk Imaging: A Vital Step in Data Recovery], DeepSpar Data Recovery Systems, November 2006. An in depth look at the many issues that cause data loss / irretrievable data in the data recovery imaging process and how to overcome them.
 +
* [http://www.actionfront.com/ts_whitepaper.asp Drive-Independent Data Recovery: The Current State-of-the-Art], ActionFront Data Recovery Labs, August 2005.
 +
* [[Recovering Overwritten Data#The Gutmann Paper|Secure Deletion of Data from Magnetic and Solid-State Memory]], Peter Gutmann, Proceedings of the Sixth Usenix Security Symposium, 1996. [http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html]
 +
* [http://www-03.ibm.com/financing/pdf/us/recovery/igf4-a032.pdf Hard Drive Disposal: The Overlooked Confidentiality Exposure], FInancial Perspectives, IBM White Paper, November 2003.
  
[[Recovering Overwritten Data#The Gutmann Paper| Secure Deletion of Data from Magnetic and Solid-State Memory]], Peter Gutmann, Proceedings of the Sixth Usenix Security Symposium, 1996.
+
<bibtex>
 +
@Article{garfinkel:remembrance,
 +
  author =      "Simson Garfinkel and Abhi Shelat",
 +
  author_a =      "Simson L. Garfinkel and Abhi Shelat",
 +
  title =        "Remembrance of Data Passed",
 +
  journal =      "{IEEE} Security and Privacy Magazine",
 +
  publisher =    "IEEE",
 +
  year      =        "2002",
 +
  month    = Jan,
 +
  url="http://www.simson.net/clips/academic/2003.IEEE.DiskDriveForensics.pdf"
 +
}
 +
</bibtex>
  
[http://http://www.actionfront.com/ts_whitepaper.asp|Drive-Independent Data Recovery: The Current State-of-the-Art], ActionFront Data Recovery Labs, August 2005.
+
=Evidence Gathering=
 +
 
 +
* [http://belkasoft.com/download/info/Live_RAM_Analysis_in_Digital_Forensics.pdf Discovering ephemeral evidence with Live RAM analysis] by Oleg Afonin and Yuri Gubanov, 2013
 +
* [http://belkasoft.com/download/info/Retrieving%20Digital%20Evidence%20-%20Methods,%20Techniques%20and%20Issues.pdf Retrieving Digital Evidence: Methods, Techniques and Issues] by Yuri Gubanov, 2012
 +
* [http://utdallas.edu/~sxs018540/index/docs/byteprints_itcc05.pdf Byteprints: A Tool to Gather Digital Evidence], Sriranjani Sitaraman, Srinivasan Krishnamurthy and S. Venkatesan, Proceedings of the International Conference on Information Technology (ITCC 2005), Las Vegas, Nevada, USA, April 4 - 6, 2005
 +
 
 +
=Fake Information=
 +
 
 +
* [https://analysis.mitre.org/proceedings/Final_Papers_Files/84_Camera_Ready_Paper.pdf Automatic Detection of Fake File Systems], Neil C. Rowe, International Conference on Intelligence Analysis Methods and Tools, McLean, Virginia, May 2005.
 +
 
 +
=Feature Extraction and Data Fusion=
 +
Computer Location Determination Through Geoparsing and Geocoding of
 +
Extracted Features
 +
http://www2.chadsteel.com:8080/Publications/drive_location2.doc
 +
<bibtex>
 +
@inproceedings{garfinkel:cda,
 +
  title="Forensic feature extraction and cross-drive analysis",
 +
  author="Simson Garfinkel",
 +
  booktitle={Proceedings of the 6th Annual Digital Forensic Research Workshop (DFRWS)},
 +
  address = "Lafayette, Indiana",
 +
  journal="Digital Investigation",
 +
  year=2006,
 +
  month=Aug,
 +
  url="http://www.dfrws.org/2006/proceedings/10-Garfinkel.pdf",
 +
  location="Lafayette, Indiana"
 +
}
 +
</bibtex>
 +
 
 +
=Text Mining=
 +
 
 +
'''Computer Forensic Text Analysis with Open Source Software,''' Christian Johansson, Masters Thesis, Blekinge Tekniska Hogskola, June 2003  http://www.fukt.bth.se/~uncle/papers/master/thesis.pdf
 +
 
 +
=Signed Evidence=
 +
<bibtex>
 +
@article{duerr-2004,
 +
  title="Information Assurance Applied to Authentication of Digital Evidence",
 +
  author="Thomas E. Duerr and Nicholas D. Beser and Gregory P. Staisiunas",
 +
  year=2004,
 +
  journal="Forensic Science Communications",
 +
  volume=6,
 +
  number=4,
 +
  url="http://www.fbi.gov/hq/lab/fsc/backissu/oct2004/research/2004_10_research01.htm"
 +
}
 +
</bibtex>
 +
 
 +
 
 +
<bibtex>
 +
@article{OppligerR03,
 +
  author    = {Rolf Oppliger and Ruedi Rytz},
 +
  title    = {Digital Evidence: Dream and Reality},
 +
  journal  = {IEEE Security {\&} Privacy},
 +
  volume    = {1},
 +
  number    = {5},
 +
  year      = {2003},
 +
  pages    = {44-48},
 +
  url      = {http://doi.ieeecomputersociety.org/10.1109/MSECP.2003.1236234},
 +
  abstract="Digital evidence is inherently weak. New evidence-gathering technologies-digital black boxes-must be developed and deployed to support investigations of irreproducible events such as digitally signing a document."
 +
}
 +
</bibtex>
 +
 
 +
=Theory=
 +
'''A Hypothesis-Based Approach to Digital Forensic Investigations,''' Brian D. Carrier, Ph.D. Dissertation
 +
Purdue University, May 2006 https://www.cerias.purdue.edu/tools_and_resources/bibtex_archive/archive/2006-06.pdf
  
 
=Other Papers=
 
=Other Papers=
Kulesh Shanmugasundaram and Nasir Memon, Automatic Reassembly of Document Fragments via Context Based Statistical Models, http://citeseer.ist.psu.edu/shanmugasundaram03automatic.html
+
 
 +
* [http://papers.ssrn.com/sol3/papers.cfm?abstract_id=531782 A Model for When Disclosure Helps Security: What is Different About Computer and Network Security?], Peter P. Swire, Moritz College of Law of the Ohio State University, Journal on Telecommunications and High Technology Law, Vol. 2, 2004.
 +
 
 +
[[Category:Bibliographies]]

Latest revision as of 07:29, 26 June 2013

Disk Disposal and Data Recovery

Simson Garfinkel, Abhi Shelat - Remembrance of Data Passed
{IEEE} Security and Privacy Magazine , January 2002
http://www.simson.net/clips/academic/2003.IEEE.DiskDriveForensics.pdf
Bibtex
Author : Simson Garfinkel, Abhi Shelat
Title : Remembrance of Data Passed
In : {IEEE} Security and Privacy Magazine -
Address :
Date : January 2002

Evidence Gathering

Fake Information

Feature Extraction and Data Fusion

Computer Location Determination Through Geoparsing and Geocoding of Extracted Features http://www2.chadsteel.com:8080/Publications/drive_location2.doc

Simson Garfinkel - Forensic feature extraction and cross-drive analysis
Proceedings of the 6th Annual Digital Forensic Research Workshop (DFRWS) , Lafayette, Indiana, August 2006
http://www.dfrws.org/2006/proceedings/10-Garfinkel.pdf
Bibtex
Author : Simson Garfinkel
Title : Forensic feature extraction and cross-drive analysis
In : Proceedings of the 6th Annual Digital Forensic Research Workshop (DFRWS) -
Address : Lafayette, Indiana
Date : August 2006

Text Mining

Computer Forensic Text Analysis with Open Source Software, Christian Johansson, Masters Thesis, Blekinge Tekniska Hogskola, June 2003 http://www.fukt.bth.se/~uncle/papers/master/thesis.pdf

Signed Evidence

Thomas E. Duerr, Nicholas D. Beser, Gregory P. Staisiunas - Information Assurance Applied to Authentication of Digital Evidence
Forensic Science Communications 6(4),2004
http://www.fbi.gov/hq/lab/fsc/backissu/oct2004/research/2004_10_research01.htm
Bibtex
Author : Thomas E. Duerr, Nicholas D. Beser, Gregory P. Staisiunas
Title : Information Assurance Applied to Authentication of Digital Evidence
In : Forensic Science Communications -
Address :
Date : 2004


Rolf Oppliger, Ruedi Rytz - Digital Evidence: Dream and Reality
IEEE Security {\&} Privacy 1(5):44-48,2003
http://doi.ieeecomputersociety.org/10.1109/MSECP.2003.1236234
Bibtex
Author : Rolf Oppliger, Ruedi Rytz
Title : Digital Evidence: Dream and Reality
In : IEEE Security {\&} Privacy -
Address :
Date : 2003

Theory

A Hypothesis-Based Approach to Digital Forensic Investigations, Brian D. Carrier, Ph.D. Dissertation Purdue University, May 2006 https://www.cerias.purdue.edu/tools_and_resources/bibtex_archive/archive/2006-06.pdf

Other Papers