Digital Forensics Association

Forensics Articles

• Analysis of Microsoft's AutoComplete Function
  by Thomas Rude
• Analysis: The Forensics of Internet security
  by Carole Fennelly, 2001.
• The Application of Formal Methods to Root Cause Analysis 0f Digital Incidents
  by Peter Stephenson, 2004.
• Are Non Technical Juries Keeping Criminals at Large?
  by Carrie Moss.
• Best Practices: Collecting Computer Forensic Evidence
  by Matthew Schwartz, 2004.
• Bluepipe: A Scalable Architecture for On-the-Spot Digital Forensics
  by Yun Gao, Golden Richard III and Vassil Roussev, 2004.
• Computer Forensics Investigations: Body of Evidence
  by Daintry Duffy, 2004.
• Breaking Forensics Software: Weaknesses in Critical Evidence Collection
  by Tim Newsham, Chris Palmer, Alex Stamos & Jessie Burns, 2007.
• The Care and Feeding of Forensics Experts
  by Michael Overly, 2007.
• Case-Relevance Information Investigation: Binding Computer Intelligence to the Current Computer Forensic Framework
  by Gong Ruibin, Chan Kai Yun and Mathias Gaertner, 2005.
• Computer Forensic Analysis in a Virtual Environment
  by Derek Bem and Ewa Huebner, 2007.
• Computer Forensics Education
  by Alec Yasinac, Robert Erbacher, Donald Marks, Mark Pollitt and Peter Sommer, 2004.
• Computer Forensics for Lawyers Who Can't Set a Digital Clock
  by Craig Ball, 2007.
• Computer Forensics: The Need for Standardization and Certification
  by Matthew Meyers and Marc Rogers, 2003.
• Computer Forensics Resources: Where to Start
  by Matthew Schwartz, 2002.
• Computer Forensics: Still in the Stone Age
  by Matthew Schwartz, 2006.
• Computer Monitoring: Software vs. Hardware Keyloggers
  by Stephen Allen, 2006.
• The Coroner's Toolkit
  by Matt Frye, 2005.
• Corporate Investigations and the UK Data Protection Act
  by Rowenna Fielding, 2007.
• The Corporation: The Non-Policed State
  by Sarah Hilley, 2004.
• Cross Examination of the Computer Forensics Expert
  by Craig Ball, 2007.
• Cyber Forensics: A Military Operations Perspective
  by Joseph Giordano and Chester Maciag, 2002.
• The Debtor's Digital Reckonings
  by Jack Seward, 2003.
• Digital Evidence: The Moral Challenge
  by Tom Talleur, 2002.
• Digital Forensic Analysis of E-Mails: A Trusted E-Mail Protocol
  by Gaurav Gupta, Chandan Mazumdar and M. S. Rao, 2004.
• Digital Forensic Readiness, Are You In?
  by Sonny Discini, 2005.
• Dynamic Time & Date Stamp Analysis
  by Michael Weil, 2002.
• Enterprise Computer Forensics: A defensive and offensive strategy to fight computer crime
  by Fahmid Imtiaz, 2007.
• Error, Uncertainty, and Loss in Digital Evidence
  by Eoghan Casey, 2002.
• Evidentiary Implications of Potential Security Weaknesses in Forensic Software
  by Chris Ridder, 2007.
• Evidentiary Value of Link Files
  by Nathan Weilbacher, 2006.
• An Examination of Digital Forensic Models
  by Mark Reith, Clint Carr
• Examining the Encryption Threat
  by Jason Siegfried, Christine Siedsma, Bobbie-Jo Countryman and Chester Hosmer, 2004.
• Examining Wireless Access Points and Associated Devices
  by Sgt. Christopher Then, 2006.
• An Explanation of Computer Forensics
  by Judd Robbins.
• Exploiting the Rootkit Paradox with Windows Memory Analysis
  by Jesse Kornblum, 2006.
• An Extended Model of Cybercrime Investigations
  by Séamus Ó Ciardhuáin, 2004.
• Finding the Right Computer Forensics Expert
  by Craig Ball, 2007.
• Finite State Machine Analysis of a Blackmail Investigation
  by Pavel Gladyshev, 2005.
• The Foremost Open Source Forensic Tool
  by Ray Strubinger, 2003.
• Forensic Analysis in the Digital World
  by Gary Palmer, 2002.
• Forensic Analysis of the Windows Registry
  by Lih Wern Wong, 2006.
• Forensic Contingency Planning: Where to Start
  by Matthew Schwartz, 2005.
• Forensic Image Analysis of Familiar-based iPAQ
  by Cheong Kai Wee, 2006.
• Forensic Investigation Process Model for Windows Mobile Devices
  by Anup Ramabhadran, 2007.
• Forensic Relative Strength Scoring: ASCII and Entropy Scoring
  by Matthew Shannon, 2004.
• Forensics and the GSM Mobile Telephone System
  by Svein Yngvar Willassen, 2003.
• Forensics and SIM Cards: An Overview
  by Fabio Casadei, Antonio Savoldi and Paolo Gubian, 2006.
• Formalising Event Time Bounding in Digital Investigations
  http://www.utica.edu/academic/institutes/ecii/publications/articles/B4A90270-B5A9-6380-68863F61C2F7603D.pdf
• A Formalization of Digital Forensics
  by Ryan Leigland and Axel Krings, 2004.
• Four on Forensics: Four Articles on Computer Forensics for Lawyers
  by Craig Ball, 2007 (Also listed individually by title)
• Freeware Forensic Tools
  by Kristy Westphal, 2003.
• Gatekeeping Out Of The Box: Open Source Software As A Mechanism To Assess Reliability For Digital Evidence
  by Erin Kenneally, Virginia Journal of Law and Technology, 2001.
• Getting to the Drive: Gaining Access to your Opponent's Digital Media
  by Craig Ball, 2005.
• Google Desktop as a Source of Digital Evidence
  by Benjamin Turnbull, Barry Blundell and Jill Slay, 2006.
• Hidden Disk Areas: HPA and DCO
  by Mayank Gupta, Michael Hoeschele and Marcus Rogers, 2006.
• An Historical Perspective of Digital Evidence: A Forensic Scientist's View
  by Carrie Morgan Whitcomb, 2002.
• How Do I Become a Computer Forensic Specialist?
  by Craig Ball, 2006.
• How The New Federal Rules Will Likely Change eDiscovery Practice
  by John Patzakis, 2006.
• Identifying Authorship by Byte-Level N-Grams: The Source Code Author Profile (SCAP) Method
  by Georgia Frantzeskou, Efstathios Stamatatos, Stefanos Gritzalis, Carole Chaski and Blake Stephen Howald, 2006.
• Identifying Significant Features for Network Forensic Analysis Using Artificial Intelligent Techniques
  by Srinivas Mukkamala and Andrew Sung, 2003.
• In Readiness for an Internal Investigation
  by Lee Dewey and Peter Sprung, 2005.
• Intrusion Detection System Logs as Evidence and legal aspects
  by Fahmid Imtiaz, 2007.
• iPod Forensics
  by Christopher Marsico and Marcus Rogers, 2005.
• iPod Forensics: Forensically Sound Examination of an Apple iPod
  by Andrew Przibilla.
• iPod Forensics Update
  by Matthew Kiley, Tim Shinbara and Marcus Rogers, 2007.
• A Lessons Learned Repository for Computer Forensics
  by William Harrison, David Aucsmith, George Heuston, Sarah Mocas, Mark Morrissey and Steve Russelle, 2002.
• Letting EDD Evidence Speak for Itself
  by Bruce Olson, 2007.
• The Linux Kernel and the Forensic Acquisition of Hard Disks with an Odd Number of Sectors
  by Jesse Kornblum, 2004.
• Linux Memory Forensics
  by Michael Ford, 2004.
• Mac OS X Security Part 2: The Mac Forensic Toolkit
  by Ryan Faas, Peachpit, 2007.
• Meeting the Challenge: E-Mail in Civil Discovery
  by Craig Ball, 2007.
• A Method for Forensic Previews
  by Timothy Wright, 2005.
• Mobile Forensics: Network Analysis on the Go
  by Matthew Schwartz, 2003.
• Mobile Phone Forensics Tool Testing: A Database Driven Approach
  Ibrahim M. Baggili, Richard Mislan, & Marcus Rogers, 2007.
• Modeling of Post-Incident Root Cause Analysis
  by Peter Stephenson, 2003.
• Network Forensics: Tapping the Internet
  by Simson Garfinkel, 2002.
• New Accounting Reform Laws Push for Technology-Based Document Retention Practices
  by John Patzakis, 2003.
• NIST CFTT: Testing Disk Imaging Tools
  by James Lyle, 2002.
• Open Source in the Force: One Officer Speaks
  by Jon S. Nelson, 2005.
• A Palmtop for the Prosecution
  by Jennifer Lee, 2002.
• Picking Up the Slack: A Peek Behind the Curtain of Computer Forensics
  by Craig Ball, 2005.
• Preservation of Fragile Digital Evidence by First Responders
  by Jesse Kornblum, 2002.
• Process Forensics: A Pilot Study on the Use of Checkpointing Technology in Computer Forensics
  by Mark Foster and Joseph Wilson, 2004.
• Processing Flash Memory Media
  by Officer Fred Wiechmann, Portland Police Bureau.
• A proposal for an integrated memory acquisition mechanism
  E. Libster and J. Kornblum, 2008. (ACM, paid link.)
• Proving the Integrity of Digital Evidence with Time
  by Chet Hosmer, 2002.
• Recovering Deleted Files in Linux
  by Brian Buckeye & Kevin Liston, 2002.
• Reflections on a first computer forensic investigation
  by Brian Marofsky, 2006.
• Rigorous Development of Automated Inconsistency Checks for Digital Evidence Using the B Method
  by Pavel Gladyshev & Andreas Enbacka, 2007.
• Search and Seizure from a Digital Perspective: A reflection on Kerr’s Harvard Law
  by Ibrahim Baggili, 2006.
• Security Forensics Using DTrace
  by Boris Loza, 2005.
• Session Based Packet Marking and Auditing for Network Forensics
  by Omer Demir, Ping Ji and Jinwoo Kim, 2007.
• Shrinking the Ocean: Formalizing I/O Methods Modern Operating Systems
  by Matthew Berger and John Leeson, 2002.
• Speciation in the computing sciences: digital forensics as an emerging academic discipline
  by Peter Cooper, 2005 (paid link).
• Standardizing Digital Evidence Storage
  by Jesse Kornblum, 2006.
• Using every part of the buffalo in Windows memory analysis
  J. Kornblum, 2007.
• Toward Defining the Intersection of Forensics and Information Technology
  by Gregory Hall and Wilbon Davis, 2005.
• The Trojan Made Me Do It: A First Step in Statistical Based Computer Forensic Event Reconstruction
  by Megan Carney and Marc Rogers, 2004.
• The Two-edged Sword: Legal Computer Forensics and Open Source
  by Bruce Byfield, 2005.
• Understanding IM as Evidence
  by Ken Strutin, 2007.
• Unique File Identification in the National Software Reference Library
  by Steve Mead, 2006.
• Unleash the Cyberhounds!
  by Matthew Schwartz, 2002.
• US Court Says Just Viewing Child Porn is Not a Crime
  article from the Register--2007.
• Using Extended File Information (EXIF) File Headers in Digital Evidence Analysis
  by Paul Alvarez, 2004.
• VMWare as a Forensic Tool
  by Brett Shavers, 2006.
• WebJob - Virtual Evidence Locker and Administration Tool
  by Dave Mangot, 2004.
• What is Forensic Computing?
  by Rodney McKemmish, 1999.
• Whole Disk Encryption and Forensics
  by eMag, 2007.
• Who's at the Keyboard? Authorship Attribution in Digital Evidence Investigations
  by Carole Chaski, 2005.
• Windows Vista - Notes for Forensic Examiners (part one)
  by Jamie Morris, 2007.
• Windows Vista - Notes for Forensic Examiners (part two)
  by Jamie Morris, 2007.
• Wireless Forensics: Tapping the Air - Part One
  by Raul Siles, 2007.
• Wireless Forensics: Tapping the Air - Part Two
  by Raul Siles, 2007.
• Working with Victims of Computer Network Hacks
  by Richard P. Salgado, 2001.