Skip to Main content Skip to Navigation
Conference papers

Advanced Automated Disk Investigation Toolkit

Abstract : Open source software tools designed for disk analysis play a critical role in digital forensic investigations. The tools typically are onerous to use and rely on expertise in investigative techniques and disk structures. Previous research presented the design and initial development of a toolkit that can be used as an automated assistant in forensic investigations. This chapter builds on the previous work and presents an advanced automated disk investigation toolkit (AUDIT) that leverages a dynamic knowledge base and database. AUDIT has new reporting and inference functionality. It facilitates the investigative process by handling core information technology expertise, including the choice and operational sequence of tools and their configurations. The ability of AUDIT to serve as an intelligent digital assistant is evaluated using a series of tests that compare it against standard benchmark disk images and examine the support it provides to human investigators.
Document type :
Conference papers
Complete list of metadata

Cited literature [13 references]  Display  Hide  Download

https://hal.inria.fr/hal-01758683
Contributor : Hal Ifip <>
Submitted on : Wednesday, April 4, 2018 - 4:48:05 PM
Last modification on : Friday, May 21, 2021 - 6:38:02 PM

File

431606_1_En_20_Chapter.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Umit Karabiyik, Sudhir Aggarwal. Advanced Automated Disk Investigation Toolkit. 12th IFIP International Conference on Digital Forensics (DF), Jan 2016, New Delhi, India. pp.379-396, ⟨10.1007/978-3-319-46279-0_20⟩. ⟨hal-01758683⟩

Share

Metrics

Record views

115

Files downloads

361