Digital Investigation, Volume 3

Volume 3, Number 1, March 2006

Eoghan Casey, Stroz Friedberg:
Moving forward in a changing landscape. 1-2
Guidance Software forced into self-analysis. 3-6
N. Dudley-Gough:
Digital Forensic Certification Board. 7-8
Amber Schroader, N. Dudley-Gough:
The Institute of Computer Forensic Professionals. 9-10
S. Wilson:
Case summaries. 11-12
Danny Bradbury:
At work with the digital detectives - When number crunchers and bean counters meet. 13-15
Eoghan Casey:
Applications of research. 16
Adam Laurie:
Digital detective - Bluetooth. 17-19
Eric D. Shaw:
The role of behavioral research and profiling in malicious cyber insider investigations. 20-31
Ing. M. F. Breeuwsma:
Forensic imaging of embedded systems using JTAG (boundary-scan). 32-42
Gaurav Gupta, Chandan Mazumdar, M. S. Rao, R. B. Bhosale:
Paradigm shift in document related frauds: Characteristics identification for development of a non-destructive automated system for printed documents. 43-55

Volume 3, Number 2, June 2006

Editorial

Eoghan Casey:
The value of behavioral analysis in digital investigations. 57-58
News. 59-62
Digital Investigation and the International Federation for Information Processing (IFIP). 63-64
David Bradbury:
Peer review. 65-67
Peter Sommer:
Criminalising hacking tools. 68-72
G. Fellows:
Newsgroups reborn - The binary posting renaissance. 73-78
Mike Dickson:
An examination into MSN Messenger 7.5 contact identification. 79-83
Eoghan Casey:
Applications of Research. 84
Dario V. Forte:
Advances in Onion Routing: Description and backtracing/investigation problems. 85-88
Bruce J. Nikkel:
Improving evidence acquisition from live network sources. 89-96
Marcus K. Rogers:
A two-dimensional circumplex approach to the development of a hacker taxonomy. 97-102

Book reviews

Peter Sommer:
File System Forensic Analysis, B. Carrier. Addison Wesley, ISBN 0-321-26817-2. 103
Henry B. Wolfe:
Book review. 103-104

Volume 3, Number 3, September 2006

Eoghan Casey:
This little laptop went to the black market. 107-108
Danny Bradbury:
Going, going, gone. 112-114
Tracey Stretton:
International electronic disclosure. 115-117
Andy Johnston, Jessica Reust:
Network intrusion investigation - Preparation and challenges. 118-126
Bruce J. Nikkel:
A portable network forensic evidence collector. 127-135
Eoghan Casey:
Applications of research. 136-137
Steve Mead:
Unique file identification in the National Software Reference Library. 138-150
Kris Harms:
Forensic analysis of System Restore points in Microsoft Windows XP. 151-158
Mike Dickson:
An examination into Yahoo Messenger 7.0 contact identification. 159-165
Vivienne Mee, Theodore Tryfonas, Iain Sutherland:
The Windows Registry as a forensic artefact: Illustrating evidence collection for Internet usage. 166-173
Paul Sanderson:
Identifying an existing file via KaZaA artefacts. 174-180

Volume 3, Supplement 1, 2006

The Proceedings of the 6th Annual Digital Forensic Research Workshop (DFRWS '06)

Frank Adelstein:
The proceedings of the Sixth Annual Digital Forensic Research Workshop (DFRWS '06). 1-2
James R. Lyle:
A strategy for testing hardware write block devices. 3-9
Andreas Schuster:
Searching for processes and threads in Microsoft Windows memory dumps. 10-16
Nitin Khanna, Aravind K. Mikkilineni, Anthony F. Martone, Gazi N. Ali, George T.-C. Chiu, Jan P. Allebach, Edward J. Delp:
A survey of forensic characterization methods for physical devices. 17-28
Ricci S. C. Ieong:
FORZA - Digital forensics investigation framework that incorporate legal issues. 29-36
Ashley Brinson, Abigail Robinson, Marcus Rogers:
A cyber forensics ontology: Creating a new approach to studying cyber forensics. 37-43
Ryan Harris:
Arriving at an anti-forensics consensus: Examining how to define and control the anti-forensics problem. 44-49
Wouter Alink, R. A. F. Bhoedjang, Peter A. Boncz, Arjen P. de Vries:
XIRAF - XML-based indexing and querying for digital forensics. 50-58
Philip Turner:
Selective and intelligent imaging using digital evidence bags. 59-64
Sangwon Lee, David A. Shamma, Bruce Gooch:
Detecting false captioning using common-sense reasoning. 65-70
Simson L. Garfinkel:
Forensic feature extraction and cross-drive analysis. 71-81
Vassil Roussev, Yixin Chen, Timothy Bourg, Golden G. Richard III:
md5bloom: Forensic filesystem hashing revisited. 82-90
Jesse D. Kornblum:
Identifying almost identical files using context triggered piecewise hashing. 91-97
Bradley Schatz, George M. Mohay, Andrew Clark:
A correlation method for establishing provenance of timestamps in digital evidence. 98-107
Sundararaman Jeyaraman, Mikhail J. Atallah:
An empirical study of automatic event reconstruction systems. 108-115
Marcus K. Rogers, Kate Seigfried, Kirti Tidke:
Self-reported computer criminal behavior: A psychological analysis. 116-120
Brian D. Carrier, Eugene H. Spafford:
Categories of digital investigation analysis techniques based on the computer history model. 121-130

Volume 3, Number 4, December 2006

Eoghan Casey:
Cutting corners: Trading justice for cost savings. 185-186
Paul Sanderson:
Mass image classification. 190-195
Nick L. Petroni Jr., Aaron Walters, Timothy Fraser, William A. Arbaugh:
FATKit: A framework for the extraction and analysis of digital forensic data from volatile system memory. 197-210
Ewa Huebner, Derek Bem, Cheong Kai Wee:
Data hiding in the NTFS file system. 211-226
Mike Dickson:
An examination into AOL Instant Messenger 5.5 contact identification. 227-237
Jessica Reust:
Case study: AOL instant messenger trace evidence. 238-243

Book Reviews

Peter Sommer:
Thomas Porter, editor, Practical VOIP Security, Syngress Publishing Inc., ISBN 1597490601. 244
Peter Sommer:
Edward Wilding, Information Risk and Security, Gower Publishing, ISBN 0-566-08685-9. 244-245
Nena Lim:
J. Anastasi, The new forensics: investigating corporate fraud and the theft of intellectual property, John Wiley & Sons, New Jersey (2003). 245-246