Difference between pages "File Carving Bibliography" and "Blogs"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
m
 
(Challenges (and test images))
 
Line 1: Line 1:
; [http://citeseer.ist.psu.edu/shanmugasundaram03automatic.html  Automatic Reassembly of Document Fragments via Context Based Statistical Models], Kulesh Shanmugasundaram and Nasir Memon.
+
[[Computer forensics]] related resources like: blogs, fora, tweets, tools and challenges (and test images).
  
<bibtex>
+
= Blogs =
@article{
+
  journal="Journal of Digital Forensic Practice", 
+
  publisher="Taylor & Francis",
+
  author="Yoginder Singh Dandass and Nathan Joseph Necaise and Sherry Reede Thomas",
+
  title="An Empirical Analysis of Disk Sector Hashes for Data Carving",
+
  year=2008,
+
  volume=2,
+
  issue=2,
+
  pages="95--106",
+
  abstract="Discovering known illicit material on digital storage devices is an important component of a digital forensic investigation. Using existing data carving techniques and tools, it is typically difficult to recover remaining fragments of deleted illicit files whose file system metadata and file headers have been overwritten by newer files. In such cases, a sector-based scan can be used to locate those sectors whose content matches those of sectors from known illicit files. However, brute-force sector-by-sector comparison is prohibitive in terms of time required. Techniques that compute and compare hash-based signatures of sectors in order to filter out those sectors that do not produce the same signatures as sectors from known illicit files are required for accelerating the process.
+
  
This article reports the results of a case study in which the hashes for over 528 million sectors extracted from over 433,000 files of different types were analyzed. The hashes were computed using SHA1, MD5, CRC64, and CRC32 algorithms and hash collisions of sectors from JPEG and WAV files to other sectors were recorded. The analysis of the results shows that although MD5 and SHA1 produce no false-positive indications, the occurrence of false positives is relatively low for CRC32 and especially CRC64. Furthermore, the CRC-based algorithms produce considerably smaller hashes than SHA1 and MD5, thereby requiring smaller storage capacities. CRC64 provides a good compromise between number of collisions and storage capacity required for practical implementations of sector-scanning forensic tools.",
+
== English ==
  url="http://www.informaworld.com/10.1080/15567280802050436"
+
}
+
</bibtex>
+
  
[[Category::Bibliographies]]
+
* [http://www.appleexaminer.com/ The Apple Examiner]
 +
* [http://computer.forensikblog.de/en/ Computer Forensics Blog], by [[Andreas Schuster]]
 +
* [http://www.niiconsulting.com/checkmate/ Checkmate - e-zine on Digital Forensics and Incident Response]
 +
* [http://www.infosecinstitute.com/blog/ethical_hacking_computer_forensics.html Jack Koziol - Ethical Hacking and Computer Forensics]
 +
* [http://windowsir.blogspot.com/ Windows Incident Response Blog], by [[Harlan Carvey]]
 +
* [http://geschonneck.com/ Computer Forensics Blog], by [[Alexander Geschonneck]]
 +
* [http://forensicblog.org/ Computer Forensics Blog], by [[Michael Murr]]
 +
* [http://forenshick.blogspot.com/ Forensic news, Technology, TV, and more], by [[Jordan Farr]]
 +
* [http://unixsadm.blogspot.com/ UNIX, OpenVMS and Windows System Administration, Digital Forensics, High Performance Computing, Clustering and Distributed Systems], by [[Criveti Mihai]]
 +
* [http://intrusions.blogspot.com/ Various Authors - Intrusions and Malware Analysis]
 +
* [http://chicago-ediscovery.com/education/computer-forensics-glossary/ Computer Forensic Glossary Blog, HOWTOs and other resources], by [[Andrew Hoog]]
 +
* [http://secureartisan.wordpress.com/ Digital Forensics with a Focus on EnCase], by [[Paul Bobby]]
 +
* [http://www.crimemuseum.org/blog/ National Museum of Crime and Punishment-CSI/Forensics Blog]
 +
* [http://forensicsfromthesausagefactory.blogspot.com/ Forensics from the sausage factory]
 +
* [http://integriography.wordpress.com Computer Forensics Blog], by [[David Kovar]]
 +
* [http://jessekornblum.livejournal.com/ A Geek Raised by Wolves], by [[Jesse Kornblum]]
 +
* [http://computer-forensics.sans.org/blog SANS Computer Forensics and Incident Response Blog by SANS Institute]
 +
* [http://www.digitalforensicsource.com Digital Forensic Source]
 +
* [http://dfsforensics.blogspot.com/ Digital Forensics Solutions]
 +
* [http://forensicaliente.blogspot.com/ Forensicaliente]
 +
* [http://www.ericjhuber.com/ A Fistful of Dongles]
 +
* [http://gleeda.blogspot.com/ JL's stuff]
 +
* [http://4n6k.blogspot.com/ 4n6k]
 +
* [http://justaskweg.com/ JustAskWeg], by [[Jimmy Weg]]
 +
* [http://blog.kiddaland.net/ IR and forensic talk], by [[Kristinn Gudjonsson]]
 +
* [http://c-skills.blogspot.ch/ c-skills], by [[Sebastian Krahmer]]
 +
* [http://sketchymoose.blogspot.ch/ Sketchymoose's Blog]
 +
* [http://www.swiftforensics.com/ All things forensic and security related], by [[Yogesh Khatri]]
 +
 
 +
=== Windows ===
 +
* [http://blogs.msdn.com/b/ntdebugging/ ntdebugging - Advanced Windows Debugging and Troubleshooting]
 +
 
 +
== Dutch ==
 +
 
 +
* [http://stam.blogs.com/8bits/ 8 bits], by [[Mark Stam]] (also contain English articles otherwise use [http://translate.google.com/translate?u=http%3A%2F%2Fstam.blogs.com%2F8bits%2Fforensisch%2Findex.html&langpair=nl%7Cen&hl=en&ie=UTF-8 Google translation])
 +
 
 +
== French ==
 +
 
 +
* [http://forensics-dev.blogspot.com Forensics-dev] ([http://translate.google.com/translate?u=http%3A%2F%2Fforensics-dev.blogspot.com%2F&langpair=fr%7Cen&hl=en&ie=UTF-8&oe=UTF-8&prev=%2Flanguage_tools Google translation])
 +
 
 +
== German ==
 +
 
 +
* [http://computer.forensikblog.de/ Computer Forensik Blog Gesamtausgabe], by [[Andreas Schuster]] ([http://computer.forensikblog.de/en/ English version])
 +
* [http://computer-forensik.org computer-forensik.org], by [[Alexander Geschonneck]] ([http://translate.google.com/translate?u=http%3A%2F%2Fwww.computer-forensik.org&langpair=de%7Cen&hl=en&ie=UTF-8&oe=UTF-8&prev=%2Flanguage_tools Google translation])
 +
* [http://henrikbecker.blogspot.com Digitale Beweisführung], by [[Henrik Becker]] ([http://translate.google.com/translate?u=http%3A%2F%2Fhenrikbecker.blogspot.com&langpair=de%7Cen&hl=en&ie=UTF-8&oe=UTF-8&prev=%2Flanguage_tools Google translation])
 +
 
 +
== Spanish ==
 +
 
 +
* [http://www.forensic-es.org/blog forensic-es.org] ([http://translate.google.com/translate?u=http%3A%2F%2Fwww.forensic-es.org%2Fblog&langpair=es%7Cen&hl=en&ie=UTF-8&oe=UTF-8&prev=%2Flanguage_tools Google translation])
 +
* [http://www.inforenses.com InForenseS], by [[Javier Pages]] ([http://translate.google.com/translate?u=http%3A%2F%2Fwww.inforenses.com&langpair=es%7Cen&hl=es&ie=UTF-8&oe=UTF-8&prev=%2Flanguage_tools Google translation])
 +
* [http://windowstips.wordpress.com El diario de Juanito]
 +
* [http://conexioninversa.blogspot.com Conexión inversa]
 +
 
 +
== Russian ==
 +
 
 +
* Group-IB: [http://notheft.ru/blogs/group-ib blog at notheft.ru], [http://www.securitylab.ru/blog/company/group-ib/ blog at securitylab.ru]
 +
 
 +
= Related blogs =
 +
 
 +
* [http://www.c64allstars.de C64Allstars Blog]
 +
* [http://www.emergentchaos.com/ Emergent Chaos], by [[Adam Shostack]]
 +
* [http://jeffjonas.typepad.com/ Inventor of NORA discusses privacy and all things digital], by [[Jeff Jonas]]
 +
* [http://www.cs.uno.edu/~golden/weblog Digital Forensics, Coffee, Benevolent Hacking], by [[Golden G. Richard III]]
 +
 
 +
= Circles/Fora/Groups =
 +
* [http://forensicfocus.com/ Forensic Focus]
 +
* [http://tech.groups.yahoo.com/group/win4n6 Yahoo! groups: win4n6 · Windows Forensic Analysis]
 +
 
 +
= Tweets =
 +
* [http://twitter.com/#!/search/%23DFIR?q=%23DFIR #DFIR]
 +
* [http://twitter.com/#!/search/%23forensics #forensics]
 +
 
 +
= Tools =
 +
* [http://www2.opensourceforensics.org/ Open Source Digital Forensics]
 +
* [http://forensiccontrol.com/resources/free-software/ Free computer forensic tools]
 +
* [http://code.google.com/p/libyal/ Yet another library library (and tools)]
 +
 
 +
= Challenges (and test images) =
 +
* [http://www.dc3.mil/challenge/ DC3 Challenges]
 +
* [http://testimages.wordpress.com/ Digital Forensics Test Images]
 +
* [http://www.forensicfocus.com/images-and-challenges Forensic Focus - Test Images and Forensic Challenges]
 +
* [https://www.honeynet.org/challenges/ Honeynet Project Challenges]
 +
* [http://testimages.wordpress.com/ Digital Forensic Test Images]
 +
* [http://secondlookforensics.com/linux-memory-images/ Second Look - Linux Memory Images]
 +
* [http://sourceforge.net/projects/nullconctf2014/ NullconCTF2014]
 +
 
 +
= Conferences =
 +
See: [[:Category:Conferences|Conferences]]
 +
 
 +
[[Category:Further information]]

Revision as of 01:52, 29 January 2014

Computer forensics related resources like: blogs, fora, tweets, tools and challenges (and test images).

Blogs

English

Windows

Dutch

French

German

Spanish

Russian

Related blogs

Circles/Fora/Groups

Tweets

Tools

Challenges (and test images)

Conferences

See: Conferences