2024-03-28T17:33:51Zhttps://keep.lib.asu.edu/oai/requestoai:keep.lib.asu.edu:node-1501482021-08-30T18:51:12Zoai_pmh:all150148
https://hdl.handle.net/2286/R.I.9444
http://rightsstatements.org/vocab/InC/1.0/
All Rights Reserved
2011
vii, 57 p. : ill. (some col.)
Masters Thesis
Academic theses
Text
eng
Mabey, Michael Kent
Ahn, Gail-Joon
Yau, Stephen S.
Huang, Dijiang
Arizona State University
Partial requirement for: M.S., Arizona State University, 2011
Includs bibliographical references (o. 53-57)
Field of study: Computer science
In order to catch the smartest criminals in the world, digital forensics examiners need a means of collaborating and sharing information with each other and outside experts that is not prohibitively difficult. However, standard operating procedures and the rules of evidence generally disallow the use of the collaboration software and techniques that are currently available because they do not fully adhere to the dictated procedures for the handling, analysis, and disclosure of items relating to cases. The aim of this work is to conceive and design a framework that provides a completely new architecture that 1) can perform fundamental functions that are common and necessary to forensic analyses, and 2) is structured such that it is possible to include collaboration-facilitating components without changing the way users interact with the system sans collaboration. This framework is called the Collaborative Forensic Framework (CUFF). CUFF is constructed from four main components: Cuff Link, Storage, Web Interface, and Analysis Block. With the Cuff Link acting as a mediator between components, CUFF is flexible in both the method of deployment and the technologies used in implementation. The details of a realization of CUFF are given, which uses a combination of Java, the Google Web Toolkit, Django with Apache for a RESTful web service, and an Ubuntu Enterprise Cloud using Eucalyptus. The functionality of CUFF's components is demonstrated by the integration of an acquisition script designed for Android OS-based mobile devices that use the YAFFS2 file system. While this work has obvious application to examination labs which work under the mandate of judicial or investigative bodies, security officers at any organization would benefit from the improved ability to cooperate in electronic discovery efforts and internal investigations.
Computer Science
Android forensics
collaborative forensics
digital forensics
forensic framework
YAFFS
Electronics in criminal investigation
Androids
Forensic sciences--Data processing.
Forensic sciences
Collaborative digital forensics: architecture, mechanisms, and case study