Difference between pages "Libewf" and "Journals"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
m
 
(Journals)
 
Line 1: Line 1:
{{Infobox_Software |
+
==Journals==
  name = libewf |
+
Academic and professional journals, both print and electronic, on the subject of digital forensics:
  maintainer = [[Joachim Metz]], [[David Loveall]] |
+
  os = [[Linux]], [[FreeBSD]], [[NetBSD]], [[OpenBSD]], [[Mac OS X]], [[Windows]] |
+
  genre = {{Disk imaging}} |
+
  license = {{LGPL}} |
+
  website = [http://code.google.com/p/libewf/ code.google.com/p/libewf/] |
+
}}
+
  
'''Libewf''' is a library to access the [[Encase image file format|Expert Witness Compression Format (EWF)]].
+
{| class="wikitable sortable" border="1"
 +
|-
 +
! Journal Name
 +
! data-sort-type="number" | Impact Factor
 +
! data-sort-type="number" | H-Index
 +
! data-sort-type="number" | H5-Index
 +
! class="unsortable"|Website
 +
! Publisher
 +
! Country
 +
! Distribution
 +
! class="unsortable"| Notes
 +
|-
 +
| Digital Investigation
 +
| 0.507
 +
| 15
 +
| 22
 +
| http://www.elsevier.com/locate/diin
 +
| Elsevier
 +
| United Kingdom
 +
| Print/Electronic
 +
| Started in 2004
 +
|-
 +
| Forensic Science Communications
 +
| n/a
 +
| n/a
 +
| n/a
 +
| http://www.fbi.gov/about-us/lab/forensic-science-communications
 +
| Federal Bureau of Investigation (FBI)
 +
| United States
 +
| Print
 +
| Current issue still 2010.
 +
|-
 +
| IEEE Transactions on Information Forensics and Security
 +
| 1.34
 +
| 35
 +
| 41
 +
| http://www.signalprocessingsociety.org/publications/periodicals/forensics/
 +
| Institute of Electrical and Electronics Engineers Inc.
 +
| United States
 +
| Print/Electronic
 +
| Print journal from IEEE Signal Processing Society that started in 2005.
 +
|-
 +
| International Journal of Computer Applications
 +
| n/a
 +
| n/a
 +
| 12
 +
| http://www.ijcaonline.org/
 +
| Foundation of Computer Science
 +
| United States
 +
| Print/Electronic.
 +
| Paid submission.
 +
|-
 +
| International Journal of Computer Science and Security
 +
| n/a
 +
| n/a
 +
| n/a
 +
| http://www.cscjournals.org/csc/journals/IJCSS/description.php?JCode=IJCSS
 +
| Computer Science Journals
 +
| Malaysia
 +
| Electronic
 +
| Open Access. Bi-Monthly
 +
|-
 +
| International Journal of Computer Science and Network Security
 +
| n/a
 +
| n/a
 +
| 24
 +
| http://ijcsns.org/
 +
| IJCSNS
 +
| South Korea
 +
| Electronic
 +
| Open Access. Monthly
 +
|-
 +
| International Journal of Cyber-Security and Digital Forensics
 +
| n/a
 +
| n/a
 +
| n/a
 +
| http://sdiwc.net/security-journal/index.php
 +
| The Society of Digital Information and Wireless Communications
 +
| China (Hong Kong)
 +
| Electronic
 +
|
 +
|-
 +
| International Journal of Digital Crime and Forensics
 +
| n/a
 +
| 4
 +
| n/a
 +
| http://www.igi-global.com/journals/details.asp?ID=7828
 +
| IGI Global
 +
| United States
 +
| Print/Electronic
 +
| Started in 2009, Quarterly
 +
|-
 +
| International Journal of Electronic Security and Digital Forensics
 +
| n/a
 +
| 4
 +
| n/a
 +
| http://www.inderscience.com/jhome.php?jcode=ijesdf
 +
| Inderscience Publishers
 +
| United Kingdom
 +
| Print/Electronic
 +
| Quarterly
 +
|-
 +
| International Journal of Forensic Computer Science
 +
| n/a
 +
| n/a
 +
| n/a
 +
| http://www.ijofcs.org/
 +
| Brazilian Association of High Technology Experts (ABEAT)
 +
| Brazil
 +
| Electronic
 +
|
 +
|-
 +
| International Journal of Information and Computer Security
 +
| n/a
 +
| 3
 +
| n/a
 +
| http://www.inderscience.com/jhome.php?jcode=ijics
 +
| Inderscience
 +
| United Kingdom
 +
| Electronic
 +
|
 +
|-
 +
| Journal of Digital Forensics, Security and Law
 +
| n/a
 +
| n/a
 +
| n/a
 +
| http://www.jdfsl.org/
 +
| Association of Digital Forensics, Security and Law (ADFSL)
 +
| United States
 +
| Print/Electronic
 +
| Official quarterly publication (print and online) by the [http://www.adfsl.org/  Association of Digital Forensics, Security and Law].
 +
|-
 +
| Journal of Forensic Sciences
 +
| 1.229
 +
| 52
 +
| 32
 +
| http://www.blackwell-synergy.com/loi/jfo
 +
| Blackwell Publishing
 +
| United Kingdom
 +
| Print/Electronic
 +
| Official journal of the American Academy of Forensic Sciences (AAFS). Covers most forensic science disciplines, primarily traditional forensic sciences, but some articles on digital forensics as well.  Issues prior to January 2006 are available from prior publisher [http://www.astm.org/ ASTM]
 +
|-
 +
| Microgram
 +
| n/a
 +
| n/a
 +
| n/a
 +
| http://www.justice.gov/dea/pr/micrograms.shtml
 +
| Drug Enforcement Administration
 +
| United States
 +
| Electronic
 +
| Monthly Newsletter. Some space devoted to digital evidence issues.
 +
|-
 +
| Science and Justice
 +
| 1.597
 +
| 21
 +
| 12
 +
| http://www.scienceandjusticejournal.com/
 +
| Forensic Science Society/Elsevier
 +
| United Kingdom
 +
| Print/Electronic
 +
| Seems to accept some articles on digital forensics.
 +
|-
 +
| Digital Forensics Magazine
 +
| n/a
 +
| n/a
 +
| n/a
 +
| http://www.digitalforensicsmagazine.com/
 +
| n/a
 +
| n/a
 +
| Electronic
 +
| Magazine. Accepts articles concerning digital forensics.
 +
|}
  
== Features ==
+
* Impact factors cited on 11/03/2013 from 2011 data provided by [http://www.impactfactorsearch.com/ Impact Factor Search].
Read or write supported EWF formats:
+
* H-Index cited on 11/03/2013 from [http://www.scimagojr.com/ SCImago Journal and Country Rank].
* [[SMART]] .s01 (EWF-S01)
+
* H5-Index cited on 12/03/2013 from [http://scholar.google.com/citations?view_op=top_venues&hl=en Google Scholar Metrics].
* [[EnCase]] .E01 (EWF-E01) and .Ex01 (EWF2-Ex01)
+
  
Read-only supported EWF formats:
+
==Dead Journals==
* Logical Evidence File (LEF) .L01 (EWF-L01) and .Lx01 (EWF2-Lx01)
+
These journals have ceased publication.
  
Other features:
+
; Journal of Digital Forensic Practice
* empty-block compression
+
: http://www.tandf.co.uk/journals/titles/15567281.asp
* read/write access using delta (or shadow) files
+
: Print journal from Taylor and Francis.
* write resume
+
  
== Tools ==
+
; International Journal of Digital Evidence (IJDE)
The '''libewf''' package contains the following tools:
+
: http://www.ijde.org
* '''ewfacquire''', which writes storage media data from devices and files to EWF files.
+
: Electronic journal that started in 2002 until 2007
* '''ewfacquirestream''', which writes data from stdin to EWF files.
+
* '''ewfdebug'''; experimental tool does nothing at the moment.
+
* '''ewfexport''', which exports storage media data in EWF files to (split) RAW format or a specific version of EWF files.
+
* '''ewfinfo''', which shows the metadata in EWF files.
+
* '''ewfmount''', which FUSE mounts EWF files.
+
* '''ewfrecover'''; special variant of ewfexport to create a new set of EWF files from a corrupt set.
+
* '''ewfverify''', which verifies the storage media data in EWF files.
+
  
The '''libewf''' package also contains the following bindings:
+
; Small Scale Digital Device Forensics Journal
* '''ewf.net''', bindings for .Net
+
: http://www.ssddfj.org/
* '''pyewf''', bindings for Python contributed by [[David Collett]] in 2008
+
: Online journal for academics and practitioners to publish articles regarding the theory, research, and practice in the rapidly changing field of Small Scale Digital Device Forensics. Ended 2011.
  
=== Contributions ===
+
=See Also=
Tools that have been contributed to the project are provided as separate tools on the sourceforge libewf project site. These are:
+
[[Conferences]]
* '''mount_ewf.py''', which allows the storage media data in a EWF files to be mounted, contributed by [[David Loveall]] in 2007.
+
* '''libewf-java''', Java (JNA) bindings were contributed by [[Bradley Schatz]] in 2009.
+
* '''delphi imdisk proxy''', Borland Delphi imdisk proxy, as an alternative to mount_ewf.py for Windows, contributed by [[Brendan Berney]] in 2010.
+
* '''jlibewf''', native Java EWF reader contributed by [[Bruce Allen]] in 2010.
+
* '''libewfcs''', native C# EWF reader contributed by [[Bruce Allen]] in 2011.
+
  
A menu based interface for ewfacquirestream called pyEWF, contributed by [[Dennis Schreiber]], was originally also available on the uitwisselplatform project site. However this is currently no longer maintained and was not moved to the sourceforge project size. The uitwisselplatform no longer exists. The name pyewf was reused for the libewf Python bindings created by [[David Collett]] which is now included in the libewf package.
+
[[Websites]]
  
=== Examples ===  
+
= Notes =
 
+
This list was originally taken from [[Brian Carrier]]'s list of conferences and journals at http://www.digital-evidence.org/publish/index.html and used with his permission.  Brian no longer maintains those listings and points back to this Wiki.
Imaging a device on a Unix-based system:
+
<pre>
+
ewfacquire /dev/sda
+
</pre>
+
 
+
Imaging a device on a Windows system:
+
<pre>
+
ewfacquire \\.\PhysicalDrive0
+
</pre>
+
 
+
Converting a RAW into an EWF image
+
<pre>
+
ewfacquire myfile.raw
+
</pre>
+
 
+
or:
+
<pre>
+
ewfacquire -c best -m fixed -t myfile -S 1T -u [-q] myfile.raw
+
</pre>
+
 
+
or
+
 
+
<pre>
+
cat split.raw.??? | ewfacquirestream
+
cat myfile.??? | ewfacquirestream  -c best -m fixed -t myfile -S 1T
+
 
+
</pre>
+
 
+
Converting an optical disc (split) RAW into an EWF image (libewf 20110109 or later)
+
<pre>
+
ewfacquire -T optical.cue optical.iso
+
</pre>
+
 
+
Converting an EWF into another EWF format or a (split) RAW image
+
<pre>
+
ewfexport image.E01
+
</pre>
+
 
+
Exporting files from a logical image (L01)
+
<pre>
+
ewfexport image.L01
+
</pre>
+
 
+
FUSE mounting an EWF image (libewf 20110828 or later)
+
<pre>
+
ewfmount image.E01 mount_point
+
</pre>
+
 
+
FUSE mounting a logical image (L01) (libewf 20111016 or later)
+
<pre>
+
ewfmount -f files image.L01 mount_point
+
</pre>
+
 
+
== History ==
+
 
+
Libewf was created by [[Joachim Metz]] in 2006, while working for [http://en.hoffmannbv.nl/ Hoffmann Investigations].
+
 
+
Libewf is a rewrite of earlier work on the EnCase 4 file format by [[Michael Cohen]] part of [[PyFlag]] and the [[:File:ASR Data's Expert Witness Compression Format.pdf|Expert Witness Compression Format]] Specification by [[Andrew Rosen]]. It has been updated to read and write EnCase version 1 to 7 .E01 files, EnCase 5 to 7 .L01 files, EnCase 7 .Ex01 and .Lx01 files and SMART .s01 files. Libewf has initiated an Extended EWF (EWF-X) specifications to bypass limitations on the format imposed by the EnCase .E01 format.
+
 
+
In 2007 [[David Loveall]] contributed mount_ewf.py to the libewf project. This application allows a [[fuse]] based mount of the storage media data in the EWF files to be mounted. Due to repeated issues with Python and the fuse Python-bindings on [[Mac OS X]] part of the functionality of these scripts has been rewritten into '''ewfmount'''.
+
 
+
As of version 20120715 support for EWF version 2 (.Ex01 and .Lx01) was added.
+
 
+
== External Links ==
+
 
+
* [http://code.google.com/p/libewf/ Project site]
+
* [http://libewf.sourceforge.net Old project site]
+

Revision as of 10:55, 4 April 2013

Journals

Academic and professional journals, both print and electronic, on the subject of digital forensics:

Journal Name Impact Factor H-Index H5-Index Website Publisher Country Distribution Notes
Digital Investigation 0.507 15 22 http://www.elsevier.com/locate/diin Elsevier United Kingdom Print/Electronic Started in 2004
Forensic Science Communications n/a n/a n/a http://www.fbi.gov/about-us/lab/forensic-science-communications Federal Bureau of Investigation (FBI) United States Print Current issue still 2010.
IEEE Transactions on Information Forensics and Security 1.34 35 41 http://www.signalprocessingsociety.org/publications/periodicals/forensics/ Institute of Electrical and Electronics Engineers Inc. United States Print/Electronic Print journal from IEEE Signal Processing Society that started in 2005.
International Journal of Computer Applications n/a n/a 12 http://www.ijcaonline.org/ Foundation of Computer Science United States Print/Electronic. Paid submission.
International Journal of Computer Science and Security n/a n/a n/a http://www.cscjournals.org/csc/journals/IJCSS/description.php?JCode=IJCSS Computer Science Journals Malaysia Electronic Open Access. Bi-Monthly
International Journal of Computer Science and Network Security n/a n/a 24 http://ijcsns.org/ IJCSNS South Korea Electronic Open Access. Monthly
International Journal of Cyber-Security and Digital Forensics n/a n/a n/a http://sdiwc.net/security-journal/index.php The Society of Digital Information and Wireless Communications China (Hong Kong) Electronic
International Journal of Digital Crime and Forensics n/a 4 n/a http://www.igi-global.com/journals/details.asp?ID=7828 IGI Global United States Print/Electronic Started in 2009, Quarterly
International Journal of Electronic Security and Digital Forensics n/a 4 n/a http://www.inderscience.com/jhome.php?jcode=ijesdf Inderscience Publishers United Kingdom Print/Electronic Quarterly
International Journal of Forensic Computer Science n/a n/a n/a http://www.ijofcs.org/ Brazilian Association of High Technology Experts (ABEAT) Brazil Electronic
International Journal of Information and Computer Security n/a 3 n/a http://www.inderscience.com/jhome.php?jcode=ijics Inderscience United Kingdom Electronic
Journal of Digital Forensics, Security and Law n/a n/a n/a http://www.jdfsl.org/ Association of Digital Forensics, Security and Law (ADFSL) United States Print/Electronic Official quarterly publication (print and online) by the Association of Digital Forensics, Security and Law.
Journal of Forensic Sciences 1.229 52 32 http://www.blackwell-synergy.com/loi/jfo Blackwell Publishing United Kingdom Print/Electronic Official journal of the American Academy of Forensic Sciences (AAFS). Covers most forensic science disciplines, primarily traditional forensic sciences, but some articles on digital forensics as well. Issues prior to January 2006 are available from prior publisher ASTM
Microgram n/a n/a n/a http://www.justice.gov/dea/pr/micrograms.shtml Drug Enforcement Administration United States Electronic Monthly Newsletter. Some space devoted to digital evidence issues.
Science and Justice 1.597 21 12 http://www.scienceandjusticejournal.com/ Forensic Science Society/Elsevier United Kingdom Print/Electronic Seems to accept some articles on digital forensics.
Digital Forensics Magazine n/a n/a n/a http://www.digitalforensicsmagazine.com/ n/a n/a Electronic Magazine. Accepts articles concerning digital forensics.

Dead Journals

These journals have ceased publication.

Journal of Digital Forensic Practice
http://www.tandf.co.uk/journals/titles/15567281.asp
Print journal from Taylor and Francis.
International Journal of Digital Evidence (IJDE)
http://www.ijde.org
Electronic journal that started in 2002 until 2007
Small Scale Digital Device Forensics Journal
http://www.ssddfj.org/
Online journal for academics and practitioners to publish articles regarding the theory, research, and practice in the rapidly changing field of Small Scale Digital Device Forensics. Ended 2011.

See Also

Conferences

Websites

Notes

This list was originally taken from Brian Carrier's list of conferences and journals at http://www.digital-evidence.org/publish/index.html and used with his permission. Brian no longer maintains those listings and points back to this Wiki.