Windows 7 Registry Forensics: Part 3
By John J. Barbara
A typical Windows 7 Registry consists of at least five Hives, each of which performs a different function.
Windows 7 Registry Forensics: Part 2
By John J. Barbara
Many forensic examiners are not familiar with the Registry or its forensic importance. One way to gain first-hand knowledge is to explore the Registry on a live, non-forensic computer.
CSI Cell Phone
By Douglas Page
Mobile device forensics forecast: continued oscillation, chance of cloud computing.
The Digital Forensics Cyber Exchange Principle
By Ken Zatyko, Dr. John Bay
Its application to cyber crime brings a new and exciting dimension to the famous Locard Exchange Principle.
Windows 7 Registry Forensics: Part 1
By John J. Barbara
While the Windows Registry is forensically important, frequently it is not captured during the triage of a live system. Similarly, it is often overlooked during post-mortem examinations.
Book Review: The Software IP Detective’s Handbook
By John J. Barbara
The primary focus of this book is software Intellectual Property, its authorship and ownership, and the not so commonly known field of Software Forensics.
SIM Forensics: Part 3
By John J. Barbara
Analyzing a SIM card can provide the geographical location(s) where the SIM card, the phone, and the owner of the phone (suspect) may have been.
Sim Forensics: Part 2
By John J. Barbara
Although a thorough discussion of all the potential evidence that could be on a SIM card is beyond the scope of this column, some of that information will be discussed in this and a future column.
SIM Forensics: Part 1
By John J. Barbara
SIMs are found in GSM, iDEN, and Blackberry handsets. Under the GSM framework, a cell phone is termed a Mobile Station, consisting of a SIM card and a handset. From an investigative perspective, one useful feature of a SIM card is that it can be moved from one GSM compatible phone to another.
Enhancing Investigations with GPS Evidence
By Ben LeMere
The value of collecting evidence from GPS devices has been well established over the last several years. Most investigators think in terms of being able to obtain GPS evidence in the form of the “breadcrumb trail” known as trackpoints, but much more data is available from these devices.
Understanding The World of Cellular Telephones: Part 3
By John J. Barbara
Cell phones can and do store data or information that the user may not be aware of. It should come as no surprise that this can provide a tremendous amount of potential probative information (evidence) to investigators.
Understanding the World of Cellular Telephones: Part 2
By John J. Barbara
Familiarity with the five main cell phone operating systems can aid your investigation.
Digital Forensics: Architectural and Engineering Facility Design Requirements
By Michael Mount, Adam Denmark
A fully equipped digital forensics laboratory contains numerous specialty spaces, each with its own unique and specific architectural/engineering design issues that must be addressed.
Solving Cases with Technology: Voice Stress Analysis
By Brad Schlerf
The purpose of this article is to educate you about Voice Stress Analysis, a forensic tool that can be used to determine whether someone is telling the truth or being deceptive.
Understanding the World of Cellular Telephones: Part 1
By John J. Barbara
Telephone technology has evolved by leaps and bounds. It is important to understand some of the key terminology used when discussing cellular phones and other mobile devices.
Parameters For Selecting A Triage Tool
By John J. Barbara
Triage tools vary greatly in their technical and operational performance capabilities.
Speeding The Digital Forensics Process: Bringing High Performance Computing Power into the Field
By Bob Carlson
A new generation of server-based solutions allows investigators to bring massive, data center computing capability into the field.
Triage A Computer
By John J. Barbara
Triaging a computer allows investigators to gather volatile data that would be lost by pulling the plug on a live system.
Before You Pull the Plug
By John J. Barbara
Collecting a computer into evidence requires careful consideration.
The Digital Forensic Sub-Disciplines: Part 2
By John J. Barbara
The confusion concerning the Digital and Multimedia Evidence Sub-Disciplines suggests the Discipline should be revised.
From The Editor: SWGDE Weighs in on Research Council Reports
By Patrice Galvin
Recently, the Scientific Working Group on Digital Evidence (SWGDE) posted a position paper on the National Research Council report that states the “report is a call to action for SWGDE to strengthen the digital evidence discipline.”
To Catch A Child Predator
By Douglas Page
New techniques are emerging to help forensic analysts build cases against Internet child pornographers.
The Digital Forensic Sub-Disciplines: Part 1
By John J. Barbara
Can we clearly differentiate whether an examination falls under Computer Forensics, Forensic Audio, Image Analysis, or Video Analysis?
Q&A with Larry Depew
By Ken Mohr
Insight on designing a functional and efficient digital forensics laboratory
Cloud Computing: Another Digital Forensic Challenge
By John J. Barbara
Cloud computing raises some unique law enforcement concerns regarding the location of potential digital evidence, its preservation, and its subsequent forensic analysis.
