HOME

TheInfoList



Click Here for Items Related To - Digital Forensics Framework
OR:
Digital Forensics Framework on:   [Wikipedia]   [Google]   [Amazon]

Digital Forensics Framework (DFF) was a
computer forensics Computer forensics (also known as computer forensic science) is a branch of digital forensic science pertaining to evidence found in computers and digital storage media. The goal of computer forensics is to examine digital media in a forensica ...
open-source software Open-source software (OSS) is computer software that is released under a license in which the copyright holder grants users the rights to use, study, change, and distribute the software and its source code to anyone and for any purpose. Ope ...
. It is used by professionals and non-experts to collect, preserve and reveal
digital evidence In evidence law, digital evidence or electronic evidence is any probative information stored or transmitted in digital form that a party to a court case may use at trial. Before accepting digital evidence a court will determine if the evidenc ...
without compromising systems and data.


User interfaces

Digital Forensics Framework offers a
graphical user interface The GUI ( "UI" by itself is still usually pronounced . or ), graphical user interface, is a form of user interface that allows User (computing), users to Human–computer interaction, interact with electronic devices through graphical icon (comp ...
(GUI) developed in
PyQt PyQt is a Python (programming language), Python Language binding, binding of the cross-platform GUI toolkit Qt (toolkit), Qt, implemented as a Python Plug-in (computing), plug-in. PyQt is free software developed by the United Kingdom, British firm ...
and a classical tree view. Features such as
recursive Recursion (adjective: ''recursive'') occurs when a thing is defined in terms of itself or of its type. Recursion is used in a variety of disciplines ranging from linguistics to logic. The most common application of recursion is in mathemati ...
view, tagging, live search and bookmarking are available. Its
command line interface A command-line interpreter or command-line processor uses a command-line interface (CLI) to receive commands from a user in the form of lines of text. This provides a means of setting parameters for the environment, invoking executables and pro ...
allows the user to remotely perform digital investigation. It comes with common shell functions such as completion, task management, globing and
keyboard shortcut computing, a keyboard shortcut also known as hotkey is a series of one or several keys to quickly invoke a software program or perform a preprogrammed action. This action may be part of the standard functionality of the operating system or ...
s. DFF can run batch scripts at startup to automate repetitive tasks. Advanced users and developers can use DFF directly from a Python interpreter to script their investigation.


Distribution methods

In addition to the source code package and binary installers for
Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which i ...
and
Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for ...
, Digital Forensics Framework is available in
operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common daemon (computing), services for computer programs. Time-sharing operating systems scheduler (computing), schedule tasks for ef ...
distributions as is typical in
free and open-source software Free and open-source software (FOSS) is a term used to refer to groups of software consisting of both free software and open-source software where anyone is freely licensed to use, copy, study, and change the software in any way, and the source ...
(FOSS), including
Debian Debian (), also known as Debian GNU/Linux, is a Linux distribution composed of free and open-source software, developed by the community-supported Debian Project, which was established by Ian Murdock on August 16, 1993. The first version of De ...
,
Fedora A fedora () is a hat with a soft brim and indented crown.Kilgour, Ruth Edwards (1958). ''A Pageant of Hats Ancient and Modern''. R. M. McBride Company. It is typically creased lengthwise down the crown and "pinched" near the front on both sides ...
and
Ubuntu Ubuntu ( ) is a Linux distribution based on Debian and composed mostly of free and open-source software. Ubuntu is officially released in three editions: '' Desktop'', '' Server'', and ''Core'' for Internet of things devices and robots. All th ...
. Other Digital Forensics Framework methods available are digital forensics oriented distribution and
live cd A live CD (also live DVD, live disc, or live operating system) is a complete bootable computer installation including operating system which runs directly from a CD-ROM or similar storage device into a computer's memory, rather than loading f ...
: * DEFT Linux Live CD *
Kali Linux Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security. Kali Linux has around 600 penetration-testing programs (tools), including Armitage (a g ...


Publications

* "Scriptez vos analyses forensiques avec Python et DFF" in the French magazine MISC * Several presentations about DFF in conferences: "Digital Forensics Framework" at ESGI Security Day "An introduction to digital forensics" at RMLL 2013 Published books that mention Digital Forensics Framework are: * Digital Forensics with Open Source Tools (Syngress, 2011) * Computer Forensik Hacks (O'Reilly, 2012) * Malwares - Identification, analyse et éradication (Epsilon, 2013) * Digital Forensics for Handheld Devices (CRC Press Inc, 2012)


In literature

* Saving Rain: The First Novel in The Rain Trilogy


White papers

* Selective Imaging Revisited * A survey of main memory acquisition and analysis techniques for the windows operating system * Uforia : Universal forensic indexer and analyzer * Visualizing Indicators of Rootkit Infections in Memory Forensics * EM-DMKM Case Study Computer and Network Forensics * OV-chipcard DFF Extension * L'investigation numérique « libre » * Malware analysis method based on reverse technology (恶意 口序分析方法 耐)


Prize

DFF was used to solve the 2010 Digital Forensic Research Workshop (DFRWS) challenge consisting of the reconstructing a physical dump of a
NAND flash memory Flash memory is an electronic non-volatile computer memory storage medium that can be electrically erased and reprogrammed. The two main types of flash memory, NOR flash and NAND flash, are named for the NOR and NAND logic gates. Both use ...
.


References


External links

* {{DEFAULTSORT:S. B. Jain Institute of Technology Management and Research, Nagpur Computer forensics Digital forensics software Free security software Hard disk software Unix security-related software