Learn More
In this paper we discuss the potential role of virtual environments in the analysis phase of computer forensics investigations. General concepts of virtual environments and software tools are presented and discussed. Further we identify the limitations of virtual environments leading to the conclusion that this method can not be considered to be a(More)
In this paper we examine the methods of hiding data in the NTFS file system. Further we discuss the analysis techniques which can be applied to detect and recover data hidden using each of these methods. We focus on sophisticated data hiding where the goal is to prevent detection by forensic analysis. Obvious data hiding techniques, for example setting the(More)
In this paper we present the results of experiments we conducted on Suse Linux and Windows XP systems to determine the age of user process data in physical memory. To be able to measure the age of pages we used an artificial load program which time-stamps data segment and block device cache pages. Our goal was to compare the behaviour of both systems and to(More)
In this paper we examine the emergence and evolution of computer crime and computer forensics, as well as the crisis computer forensics is now facing. We propose new directions and approaches which better reflect the current objectives of this discipline. We further discuss important challenges that this discipline will be facing in the near future, and we(More)
Web browsers have evolved from a single-prin-<lb>cipal platform on which one site is browsed at a time into a multi-principal platform on which data and code from mu-<lb>tually distrusting sites interact programmatically in a single page at the browser. Today’s “Web 2.0” applications (or<lb>mashups) offer rich services, rivaling those of desktop(More)