Article ID | Journal | Published Year | Pages | File Type |
---|---|---|---|---|
457975 | Digital Investigation | 2009 | 9 Pages |
Abstract
The architecture of existing – first generation – computer forensic tools, including the widely used EnCase and FTK products, is rapidly becoming outdated. Tools are not keeping pace with increased complexity and data volumes of modern investigations. This paper discuses the limitations of first generation computer forensic tools. Several metrics for measuring the efficacy and performance of computer forensic tools are introduced. A set of requirements for second generation tools are proposed. A high-level design for a (work in progress) second generation computer forensic analysis system is presented.
Related Topics
Physical Sciences and Engineering
Computer Science
Computer Networks and Communications
Authors
Daniel Ayers,