From Forensics Wiki
Revision as of 21:24, 2 November 2008 by Simsong
- Research Ideas
Interested in doing research in computer forensics? Looking for a master's topic, or just some ideas for a research paper? Here is my list. Please feel free to add your own ideas.
- Stream Based Disk Forensics. Process the entire disk with one pass, or at most two, to minimize seek time.
- Determine the device that created an image or video without metadata. (fingerprinting digital cameras)
- Automatically detect falsified digital evidence.
- Use the location of where data resides on a computer as a way of inferring information about the computer's past.
- Detect and diagnose sanitization attempts.
- Evaluation of the AFF data page size. What is the optimal page size for compressed forensic work?
- Replacement of the AFF "BADFLAG" approach for indicating bad data with a bitmap.
- Modify aimage so that it can take a partial disk image and a disk and just image what's missing.
- Improve the data recovery features of aimage.
- Replace AFF's current table-of-contents system with one based on B+ Trees.
Decoders and Validators
- A JPEG decompresser that supports restarts and checkpointing for use in high-speed carving. It would also be useful it the JPEG decompressor didn't actually decompress --- all it needs to do is to verify the huffman table.
Open source tools for:
- Imaging the contents of a cell phone memory
- Reassembling information in a cell phone memory
- Simulated disk imags
- Simulated network traffic
- Digital Cameras
- Cell phones
- USB Memory Sticks below the logical layer.