Difference between revisions of "Forensic corpora"
m (→Email messages)
|Line 11:||Line 11:|
''The Enron Corpus'' of email messages that were seized by the Federal Energy Regulatory Commission during its investigation of Enron
''The Enron Corpus'' of email messages that were seized by the Federal Energy Regulatory Commission during its investigation of Enron.
Revision as of 22:10, 4 February 2007
This page describes large-scale corpora of forensically interesting information that are available for those involved in forensic research.
The Garfinkel Used Hard drive Collection Project. Between 1998 and 2006, Garfinkel acquired 1250+ hard drives on the secondary market. These hard drive images have proven invaluable in performing a range of studies such as the developing of new forensic techniques  and the sanitization practices of computer users.
The DARPA Intrusion Detection Evaluation. In 1998, 1999 and 2000 the Information Systems Technology Group at MIT Lincoln Laboratory created a test network complete with simulated servers, clients, clerical workers, programmers, and system managers. Baseline traffic was collected. The systems on the network were then “attacked” by simulated hackers. Some of the attacks were well-known at the time, while others were developed for the purpose of the evaluation.
The Enron Corpus of email messages that were seized by the Federal Energy Regulatory Commission during its investigation of Enron.