A framework for digital investigations: a case study using BPB modifications
Mitchell, Ian ORCID: https://orcid.org/0000-0002-3882-9127
(2011)
A framework for digital investigations: a case study using BPB modifications.
In: 6th International Annual Workshop on Digital Forensics and Incident Analysis (WDFIA 2011), July 2011, Kingston University, London.
.
[Conference or Workshop Item]
Abstract
A framework is developed and the following proposals are made: i) Notation for Framework; ii) a Framework for Digital Investigations Experiments (FDIE); iii) Case study modifying BPB and demonstrating the Framework; and iv) extending the Framework to Digital Investigations (FDI). A case study using BIOS Partition Block (BPB) modifications to render the partitions unreadable is used to demonstrate the framework. The Framework is applied and is a success. From this experiment the Framework (FDIE) is extended to Digital Investigations (FDI).
Item Type: | Conference or Workshop Item (Paper) |
---|---|
Keywords (uncontrolled): | Framework; recovery; anti-contamination; evidential integrity; BPB; FAT; NTFS |
Research Areas: | A. > School of Science and Technology > Computer Science A. > School of Science and Technology > Computer Science > Artificial Intelligence group |
Item ID: | 11147 |
Useful Links: | |
Depositing User: | Ian Mitchell |
Date Deposited: | 09 Aug 2013 06:10 |
Last Modified: | 13 Oct 2016 14:27 |
URI: | https://eprints.mdx.ac.uk/id/eprint/11147 |
Actions (login required)
![]() |
View Item |
Statistics
Additional statistics are available via IRStats2.