Blar i Fakultet for informasjonsteknologi og elektroteknikk (IE) på tidsskrift "Digital Investigation. The International Journal of Digital Forensics and Incident Response"
Viser treff 1-8 av 8
-
Analyzing the DarkNetMarkets subreddit for evolutions of tools and trends using LDA topic modeling
(Journal article; Peer reviewed, 2018)Darknet markets, which can be considered as online black markets, in general sell illegal items such as drugs, firearms, and malware. In July 2017, significant law enforcement operations compromised or completely took down ... -
Forensics Acquisition — Analysis and Circumvention of Samsung Secure Boot enforced Common Criteria Mode
(Journal article; Peer reviewed, 2018)The acquisition of data from mobile phones have been a mainstay of criminal digital forensics for a number of years now. However, this forensic acquisition is getting more and more difficult with the increasing security ... -
Generic Metadata Time Carving
(Peer reviewed; Journal article, 2020)Recovery of files can be a challenging task in file system investigations, and most carving techniques are based on file signatures or semantics within the file. However, these carving techniques often only recover the ... -
Multinomial malware classification via low-level features
(Journal article; Peer reviewed, 2018)Because malicious software or (”malware”) is so frequently used in a cyber crimes, malware detection and relevant research became a serious issue in the information security landscape. However, in order to have an appropriate ... -
Reverse engineering of ReFS
(Journal article; Peer reviewed, 2019)File system forensics is an important part of Digital Forensics. Investigators of storage media have traditionally focused on the most commonly used file systems such as NTFS, FAT, ExFAT, Ext2-4, HFS+, APFS, etc. NTFS is ... -
The reliability of clocks as digital evidence under low voltage conditions
(Journal article; Peer reviewed, 2018)Battery powered electronic devices like mobile phones are abundant in the world today, and such devices are often subject to digital forensic examinations. In this paper, we show that the assumptions that clocks are close ... -
Using NTFS cluster allocation behavior to find the location of user data
(Journal article; Peer reviewed, 2019)Digital forensics is heavily affected by the large and increasing amount of data to be processed. To solve the problem there is ongoing research to find more efficient carving algorithms, use parallel processing in the ... -
Using the object ID index as an investigative approach for NTFS file systems
(Journal article; Peer reviewed, 2019)When investigating an incident it is important to document user activity, and to document which storage device was connected to which computer. We present a new approach to documenting user activity in computer systems ...