As more criminals use encryption to conceal incriminating evidence, forensic examiners require practical methods for recovering some or all of the encrypted data. This paper prese...
This paper discusses some of the unique military requirements and challenges in Cyber Forensics. A definition of Cyber Forensics is presented in a military context. Capabilities n...
The widely acknowledged problem of reliably identifying the origin of network data has been the subject of many research works. Due to the nature of Internet Protocol, a source IP...
In this paper we discuss the potential role of virtual environments in the analysis phase of computer forensics investigations. General concepts of virtual environments and softwa...
Inconsistencies in various data structures, such as missing log records and modified operating system files, have long been used by intrusion investigators and forensic analysts a...