The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

James R. Lyle - National Institute of Standards and Technology

Students: Spring 2024, unless noted otherwise, sessions will be virtual on Zoom.

Testing Computer Forensic Tools

Feb 25, 2004

Abstract

There is a critical need in the law enforcement community to ensure the reliability of computer forensic tools. A capability is required to ensure that forensic software tools consistently produce accurate and objective test results. The goal of the Computer Forensic Tool Testing (CFTT) project at the National Institute of Standards and Technology (NIST) is to establish a methodology for testing computer forensic software tools. A methodology consisting of tool requirements specifications, test procedures, test criteria, test sets, and test hardware has been developed.



There are significant challenges for testing forensics tools. First, there are no standards or specifications for the expected behavior of forensic tools. Second, very arcane and often undocumented knowledge is required to understand the critical testing issues. Third, the behavior of the tools when executed in the presence of hardware errors is critical.



Several lessons learned during the testing of widely used tools are discussed. For example, the behavior of an imaging tool used on an unreliable (i.e., has bad sectors) disk is of interest. However, an unreliable disk is just that, unreliable. For testing, a reliable bad disk is needed. This was accomplished by using software to simulate a disk with bad sectors on a normally functioning hard disk.

About the Speaker

Dr. Lyle wrote his first FORTRAN program in 1968 and has been programming ever since. He received a B.S. in Mathematics (1972) and an M.S. in Mathematics (1975) from East Tennessee State University; from the University of Maryland at College Park, Dr. Lyle received an M.S. (1982) and PhD (1984) in Computer Science.



Before joining NIST full time in 1993, Dr. Lyle was a Faculty Associate at NIST and an Assistant Professor at the University of Maryland Baltimore County.



Dr. Lyle\'s interests include Software Engineering, Computer Science Education, Computer Graphics, Human Factors, and Computer Forensics. His interests within Software Engineering include: programming support tools, software testing, user interface design, and requirements specification.


Ways to Watch

YouTube

Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!