A framework for digital investigations: a case study using BPB modifications

Mitchell, Ian (2011) A framework for digital investigations: a case study using BPB modifications. In: 6th International Annual Workshop on Digital Forensics and Incident Analysis (WDFIA 2011), July 2011, Kingston University, London.

Full text is not in this repository.

Abstract

A framework is developed and the following proposals are made: i) Notation for Framework; ii) a Framework for Digital Investigations Experiments (FDIE); iii) Case study modifying BPB and demonstrating the Framework; and iv) extending the Framework to Digital Investigations (FDI). A case study using BIOS Partition Block (BPB) modifications to render the partitions unreadable is used to demonstrate the framework. The Framework is applied and is a success. From this experiment the Framework (FDIE) is extended to Digital Investigations (FDI).

Item Type: Conference or Workshop Item (Paper)
Keywords (uncontrolled): Framework; recovery; anti-contamination; evidential integrity; BPB; FAT; NTFS
Research Areas: A. > School of Science and Technology > Computer Science
A. > School of Science and Technology > Computer Science > Artificial Intelligence group
Item ID: 11147
Useful Links:
Depositing User: Ian Mitchell
Date Deposited: 09 Aug 2013 06:10
Last Modified: 13 Oct 2016 14:27
URI: https://eprints.mdx.ac.uk/id/eprint/11147

Actions (login required)

Edit Item Edit Item