Skip to Main content Skip to Navigation
Conference papers

Advanced Automated Disk Investigation Toolkit

Abstract : Open source software tools designed for disk analysis play a critical role in digital forensic investigations. The tools typically are onerous to use and rely on expertise in investigative techniques and disk structures. Previous research presented the design and initial development of a toolkit that can be used as an automated assistant in forensic investigations. This chapter builds on the previous work and presents an advanced automated disk investigation toolkit (AUDIT) that leverages a dynamic knowledge base and database. AUDIT has new reporting and inference functionality. It facilitates the investigative process by handling core information technology expertise, including the choice and operational sequence of tools and their configurations. The ability of AUDIT to serve as an intelligent digital assistant is evaluated using a series of tests that compare it against standard benchmark disk images and examine the support it provides to human investigators.
Document type :
Conference papers
Complete list of metadata

Cited literature [13 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Wednesday, April 4, 2018 - 4:48:05 PM
Last modification on : Friday, May 21, 2021 - 6:38:02 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Umit Karabiyik, Sudhir Aggarwal. Advanced Automated Disk Investigation Toolkit. 12th IFIP International Conference on Digital Forensics (DF), Jan 2016, New Delhi, India. pp.379-396, ⟨10.1007/978-3-319-46279-0_20⟩. ⟨hal-01758683⟩



Record views


Files downloads