Article ID Journal Published Year Pages File Type
457975 Digital Investigation 2009 9 Pages PDF
Abstract

The architecture of existing – first generation – computer forensic tools, including the widely used EnCase and FTK products, is rapidly becoming outdated. Tools are not keeping pace with increased complexity and data volumes of modern investigations. This paper discuses the limitations of first generation computer forensic tools. Several metrics for measuring the efficacy and performance of computer forensic tools are introduced. A set of requirements for second generation tools are proposed. A high-level design for a (work in progress) second generation computer forensic analysis system is presented.

Related Topics
Physical Sciences and Engineering Computer Science Computer Networks and Communications
Authors
,