Research Topics

From ForensicsWiki
Revision as of 03:24, 3 November 2008 by Simsong (Talk | contribs) (Hard Problems)

Jump to: navigation, search
Research Ideas

Interested in doing research in computer forensics? Looking for a master's topic, or just some ideas for a research paper? Here is my list. Please feel free to add your own ideas.

Hard Problems

  • Stream Based Disk Forensics. Process the entire disk with one pass, or at most two, to minimize seek time.
  • Determine the device that created an image or video without metadata. (fingerprinting digital cameras)
  • Automatically detect falsified digital evidence.
  • Use the location of where data resides on a computer as a way of inferring information about the computer's past.
  • Detect and diagnose sanitization attempts.

Tool Development

AFF Enhancement

  • Evaluation of the AFF data page size. What is the optimal page size for compressed forensic work?
  • Replacement of the AFF "BADFLAG" approach for indicating bad data with a bitmap.
  • Modify aimage so that it can take a partial disk image and a disk and just image what's missing.
  • Improve the data recovery features of aimage.
  • Replace AFF's current table-of-contents system with one based on B+ Trees.

Decoders and Validators

  • A JPEG decompresser that supports restarts and checkpointing for use in high-speed carving. It would also be useful it the JPEG decompressor didn't actually decompress --- all it needs to do is to verify the huffman table.

Cell Phones

Open source tools for:

  • Imaging the contents of a cell phone memory
  • Reassembling information in a cell phone memory

Corpora Development

Realistic Corpora

  • Simulated disk imags
  • Simulated network traffic

Real Data

  • Digital Cameras
  • Cell phones
  • USB Memory Sticks below the logical layer.