watching you watching us . .

Research Papers

{ in no particular order }

[Sylve2011] – Joe Sylve
Phishing Web-Based Email Services with HTML 5
Department of Computer Science, University of New Orleans, 11 May 2011
http://dl.dropbox.com/u/17627038/papers/html5phishing.pdf

[Carrier2003] – Brian Carrier
Defining Digital Forensic Examination and Analysis Tools Using Abstraction Layers
International Journal of Digital Evidence, Volume 1, Issue 4, 2003
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.14.9813&rep=rep1&type=pdf

[Reith2002] – Mark Reith, Clint Carr, Gregg Gunsch
An Examination of Digital Forensic Models
International Journal of Digital Evidence, Volume 1, Issue 3, 2002
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.13.9683&rep=rep1&type=pdf

[Buskirk2006] – Eric Van Buskirk, Vincent T. Liu.
Digital Evidence: Challenging the Presumption of Reliability
Journal of Digital Forensic Practice, Volume 1, Issue 1, 2006
http://www.tandfonline.com/doi/abs/10.1080/15567280500541421

[Mislan2010] – Richard P. Mislan, Eoghan Casey, Gary C. Kessler.
The growing need for on-scene triage of mobile devices
Digital Investigation, Volume 6, p.112-124, 2010
http://disclosedigital.com/DiscloseDigital/Publications_files/Mislan-Casey-Kessler-MobileDeviceTriage.pdf

[Wei2011] – Michael Wei, Laura M. Grupp, Frederick E. Spada, Steven Swanson.
Reliably Erasing Data From Flash-Based Solid State Drives
USENIX FAST 2011, 15-17 February 2011
http://www.usenix.org/events/fast11/tech/full_papers/Wei.pdf – last access 16 March 2011

[Bell2010] – Graeme B. Bell, Richard Boddington
Solid State Drives: The Beginning of the End for Current Practice in Digital Forensic Recovery?
Journal of Digital Forensics, Security and Law, Volume 5, Number 3, 2010
http://www.jdfsl.org/subscriptions/JDFSL-V5N3-Bell.pdf

[Breeusma2007] – Marcel Breeuwsma, Martien de Jongh, Coert Klaver, Ronald van der Knijff, Mark Roeloffs.
Forensic Data Recovery from Flash Memory
Small Scale Digital Device Forensics Journal, Volume 1, No. 1, June 2007
http://www.ssddfj.org/papers/SSDDFJ_V1_1_Breeuwsma_et_al.pdf

[Bang2011] – Jewan Bang, Byeongyeong Yoo, Sangjin Lee.
Analysis of Changes in File Time Attributes with File Manipulation
Digital Investigation, Volume 7, Issues 3-4, p.103-196, April 2011
http://linkinghub.elsevier.com/retrieve/pii/S1742287610000824

[Berghel2007] – Berghel, H.
Hiding Data, Forensics and Anti-Forensics
Communications of the ACM, Vol.50, No.4, April 2007
http://www.berghel.net/col-edit/digital_village/apr-07/dv_4-07.pdf

[Bilby2006] – Bilby, D.
Low Down and Dirty: Anti-Forensics Rootkits
Black Hat Japan, 2006
http://www.blackhat.com/presentations/bh-jp-06/BH-JP-06-Bilby-up.pdf

[Burdach2006] Burdach., M.
Physical Memory Forensics
Black Hat USA, 2006
http://www.blackhat.com/presentations/bh-usa-06/BH-US-06-Burdach.pdf

[Carrier2010] – Brian D. Carrier.
Different Interpretations of ISO9660 File Systems
Digital Investigation, Volume 7, Supplement 1, P.S1-S140, August 2010
http://www.dfrws.org/2010/proceedings/2010-315.pdf
http://www.dfrws.org/2010/proceedings/carrier.pdf

[Carvey2004] – Carvey, H.
Hiding Data in a Live System
Black Hat USA, 2004
http://www.blackhat.com/presentations/win-usa-04/bh-win-04-carvey.ppt

[Case2011] – Andrew Case
De-Anonymizing Live CDs through Physical Memory Analysis
Black Hat DC, 2011
https://media.blackhat.com/bh-dc-11/Case/BlackHat_DC_2011_Case_De-Anonymizing_Live_CDs-wp.pdf

[Dardick2007] – Dardick, G., et al
BLOGS: Anit-Forensics and Counter Anti-Forensics
Proceedings of The 5th Australian Digital Forensics Conference, p.203-207, 3 December 2007
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.87.7400&rep=rep1&type=pdf#page=203

[Denning1999] – Denning, D., Baugh., W.
Hiding Crimes in Cyberspace
Information, Communication and Society, Vol.2, No 3, Autumn 1999

[Garfinkel2007] – Garfinkel, S.
Anti-Forensics: Techniques, Detection and Countermeasures
2nd International Conference on Information Warfare and Security, 8-9 March 2007
http://cisr.nps.edu/downloads/iciw07-cd2.pdf#page=91

[Geiger2005] – Geiger, M.
Evaluating Commercial Counter – Forensic Tools
Digital Forensic Research Workshop (DFRWS), 2005
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.59.8438&rep=rep1&type=pdf

[Grugq2005] – The Grugq
Modern Anti Forensics – A Systems Disruption Approach
SyscanHK, May 2005
http://sebug.net/paper/Meeting-Documents/syscanhk/Modern%20Anti%20Forensics.pdf

[Grugq2005a] – The Grugq
The Art of Defiling: Defeating Forensic Analysis
Black Hat USA, Las Vegas, 23-28 July 2005
http://www.blackhat.com/presentations/bh-usa-05/bh-us-05-grugq.pdf
http://video.google.com/videoplay?docid=-6254387503498081575#

[Grugq2007] -The Grugq
Meta Anti-Forensics – The HASH Hacking Harness
Hack in the Box (HITB) 2007, 3-6 September 2007
http://conference.hitb.org/hitbsecconf2007kl/materials/D1T1%20-%20The%20Grugq%20-%20Meta%20Antiforensics%20-%20The%20HASH%20Hacking%20Harness.pdf

[Gupta2006] – Gupta, M., et all
Hidden Disk Areas: HPA and DCO
International Journal of Digital Evidence, Volume 5, Issue 1, 2006.
http://www.utica.edu/academic/institutes/ecii/publications/articles/EFE36584-D13F-2962-67BEB146864A2671.pdf

[Harris2006] – Harris, R.
Arriving at an Anti-Forensics Consensus: Examining How to Define and Control the Anti-Forensics Problem
2006 Proceedings of the DFRWS, 14 August 2006.
Digital Investigation, Volume 3, Supplement 1, p.44-49, September 2006

[Jansen2009] – Jansen, W., Delaitre, A.
Mobile Forensic Reference Materials: A Methodology and Reification
Computer Security Division, NIST October 2009
http://csrc.nist.gov/publications/nistir/ir7617/nistir-7617.pdf

[Kent2006] – Kent, K., et al
Guide to Integrating Forensic Techniques into Incident Response
NIST Special Publication 800-86, August 2006
http://csrc.nist.gov/publications/nistpubs/800-86/SP800-86.pdf

[Kessler2007] – Kessler, G.
Anti-Forensics and the Digital Investigator
Proceedings of The 5th Australian Digital Forensics Conference, p5-11, 2007
http://www.garykessler.net/library/2007_ADFC_anti-forensics.pdf

[Liu2006] – Liu, V., Brown, F.
Bleeding Edge Anti-Forensics
InfoSecWorld 2006, May 2006
http://www.metasploit.com/data/antiforensics/InfoSecWorld%202006-K2-Bleeding_Edge_AntiForensics.ppt

[NIST2006] – Kissel, R., et al
Guidelines for Media Sanitization
NIST Special Publication 800-88, September 2006
http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf

[Palmer2007] – Palmer, C., Stamos, A.
Vulnerabilities in Critical Evidence Collection
Black Hat USA, Las Vegas, 28 July – 2 August 2007
http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Slides.BH2007.pdf

[Peron2005] – Peron, C., Legary, M.
Digital Anti-Forensics: Emerging Trends in data transformation
In Proceedings of 2005 E‑Crime and Computer Evidence Conference, 1 September 2005
http://www.ide.bth.se/~andersc/kurser/DVC013/PDFs/Seccuris-Antiforensics.pdf

[Rogers2005] – Rogers, M.
Anti-Forensics
Lockheed Martin, 15 September 2005
http://www.cyberforensics.purdue.edu/documents/AntiForensics_LockheedMartin09152005.pdf

Leave a comment