A Review of Forensic Computer Science
Page Content
 |
David Baker - MITRE
Mar 20, 2002
RealVideo
Abstract
This was a review to identify the various work programs using forensic computer science and related tasks being supported by the MITRE Corporation, examine the minimum standards for such work, and identify areas for future research and development. Defining minimum standards was complicated as a result of different agencies having different requirements both in investigative purview and legal sufficiency. It was still important to identify the most common tasks, what tools or techniques were utilized, and attempt to determine the best practices for such analysis. Additionally, it was important to identify areas where there were inadequate guidelines, standards or tools, so that future research efforts can work towards their development. For the purposes of this project, forensic computer science examinations were divided into three categories: media analysis; code analysis; and network traffic analysis. Many other types of analysis could be identified, however many of the other types could be considered combinations of these three primary types.
The result of the investigation resulted in the identification of minimum standards for conducting each type of analysis, as well as identifying shortfalls in tools and procedures for conducting such analysis. Additionally, a substantial collection of reference material including information on file types, some basic analysis checklists for conducting media analysis, and a listing/inventory of tools used for forensic analysis was compiled.
About the Speaker
David Baker is a Lead Information Security (INFOSEC) Engineer at MITRE. He joined the MITRE team in 1998 as a Senior INFOSEC Engineer. Before MITRE, he was a Special Agent for the U.S. Army Criminal Investigation Command. His current research interests include Forensic Computer Science Best Practices and Methodologies, Computer Vulnerability and Data Mining for Intrusion Detection. Mr. Baker holds a Master of Forensic Sciences from The George Washington University, and a Bachelor of Science from the University of the State of New York© 1999-2013 Purdue University. All rights reserved.
Use/Reuse Guidelines
CERIAS Seminar materials are intended for educational, non-commercial use only and any or all commercial use is prohibited. Any use must attribute "The CERIAS Seminar at Purdue University." Opinions expressed in the recordings are not necessarily representative of the views of CERIAS or of Purdue University.
Footer
RSS Feeds
Combined XML Feed
News XML Feed Events XML Feed Weblogs XML Feed Security Seminar Podcast
Twitter: @cerias, @ceriasarchive, #cerias
CERIAS, Purdue University / Recitation Building / 656 Oval Drive / West Lafayette IN 47907-2086
phone (765)494-7841 / fax (765)496-3181
Copyright © 2013, Purdue University, all rights reserved. Purdue University is an equal access/equal opportunity university.
If you have trouble accessing this page because of a disability, please contact the CERIAS webmaster at webmaster@cerias.purdue.edu. Some content on this site may require the use of a special plug-in or application. Please visit our plug-ins page for links to download these applications.
Privacy Policy
