| Article ID | Journal | Published Year | Pages | File Type |
|---|---|---|---|---|
| 6884367 | Digital Investigation | 2018 | 9 Pages |
Abstract
In this paper we add support for BTRFS-including support for multiple device configurations-to The Sleuth Kit, a widely used toolkit when it comes to open source file system forensics. Moreover, we provide an analysis of forensically important features of BTRFS and show how our implementation can be used to utilize these during a forensic analysis.
Keywords
Related Topics
Physical Sciences and Engineering
Computer Science
Computer Networks and Communications
Authors
Jan-Niclas Hilgert, Martin Lambertz, Shujian Yang,