Hans Höfken

Learn More
Windows Phone 7 is a new smartphone operating system with the potential to become one of the major smartphone platforms in the near future. Phones based on Windows Phone 7 are only available since a few months, so digital forensics of the new system is still in its infancy. This paper is a first look at Windows Phone 7 from a forensics' perspective. It(More)
A secure and reliable critical infrastructure is a concern of industry and governments. SCADA systems (Supervisory Control and Data Acquisition) are a subgroup of ICS (Industrial Control Systems) and known to be well interconnected with other networks. It is not uncommon to use public networks as transport route but a rising number of incidents of(More)
Cold boot attacks provide a means to obtain a dump of a computer's volatile memory even if the machine is locked. Such a dump can be used to reconstruct hard disk encryption keys and get access to the content of Bit locker or True crypt encrypted drives. This is even possible, if the obtained dump contains errors. Cold boot attacks have been demonstrated(More)
The analysis of mobile devices is a fast moving area in digital forensics. Investigators frequently are challenged by devices which are not supported by existing mobile forensic tools. Low level techniques like de-soldering the flash memory chip and extracting its data provide an investigator with the exhibits internal memory, however, the interpretation of(More)
The Volatility Framework is a collection of tools for the analysis of computer RAM. The framework offers a multitude of analysis options and is used by many investigators worldwide. Volatility currently comes with a command line interface only, which might be a hinderer for some investigators to use the tool. In this paper we present a GUI and extensions(More)
  • 1