Rory Yegerman's List: Senior Thesis

This article explains how the Windows registry can be a vital place to look for information regarding the uninstallation of programs. The paper goes on to tell about when a program is uninstalled and it does not allow the registry files to be removed. This is very interesting to me and will go in the general forensics/new concepts and ideas section of my paper.

portal.acm.org/citation.cfm - Preview

on 2009-02-05

This paper describes an idea that allows automated network connections to web servers in search of illegal pictures or data. This product/idea can be used to identify a possible repositiory within a network for files that are either illegal or not allowed to be there. This is a new idea that will be incorporated into my general forensics section of the paper.

portal.acm.org/citation.cfm - Preview

on 2009-02-05

This document explains what passive network forensics is. This type of forensics is different than what we are used to learning about in the classroom, which made it interesting to me. Examining behaviors instead of examining a crime that has already occurred is a new concept, and a very interesting one at that. I think that this is a great resource for my general forensics portion of the paper.

portal.acm.org/citation.cfm - Preview

on 2009-02-05

This paper examines operating systems and their weaknesses and/or strengths. The ideal forensic operating system is also discussed as well as the reason behind it. I will use this article for my general forensics portion of my paper.

portal.acm.org/citation.cfm - Preview

on 2009-02-05

This document explains the current issue of full disk encryption and what it means for the forensic examiner. This is extremely relevant to my topic because now, with full disk encryption on a computer, an examiner must make a determination of whether or not to preform a live examination. This will tie in very well with my topic of live acquisitions at an incident response.

portal.acm.org/citation.cfm - Preview

on 2009-02-05

This research paper addresses the methodology and approaches to managing criminal computer forensic investigations. This article addresses the legal aspects of computer forensics as well as some best practices, data verification and integrity, rules of evidence, and archiving. This is a well rounded research paper and will be used in the legal as well as practical parts of my paper.

portal.acm.org/citation.cfm - Preview

on 2009-02-05

This article explains how different users apply/implement/use computer forensics in different ways. Based upon their ways, they sometimes make inappropriate assumptions. This very through article goes on to explain about computer forensics systems, methods, techniques, and practices. This is a great article for general forensics practices.

portal.acm.org/citation.cfm - Preview

on 2009-02-05

This brief article addresses a few different approaches to discovering steganography. This article could be used for general forensics discovery; however, I would like to find another article with more substance to replace this one.

portal.acm.org/citation.cfm - Preview

on 2009-02-05

This paper explains what computer forensics examiners tend to run into for road blocks. The article goes on to mention common specific problems as well as some ways to better prepare yourself as a forensic examiner. Specific certifications are also mentioned along with their related estimated cost.

portal.acm.org/citation.cfm - Preview

on 2009-02-05

This paper seems to be one of the best resources I have found thus far. It focuses on the principles of the forensic examination regardless of the media type. It explains how to interpret and examine digital evidence no matter if it is on a CD, flash drive, or laptop. This is an excellent resource for the general forensics portion of my paper.

portal.acm.org/citation.cfm - Preview

on 2009-02-05

This paper researches data mining techniques with a focus on law enforcement forensic analysis. This paper will be used to show the law enforcement side of a forensics examination.

portal.acm.org/citation.cfm - Preview

on 2009-02-05

This topic focuses on general forensic examinations and research. It specifically explains the details of network forensics in a large corporation as well as the features and benefits. Network forensics does have its draw backs, which are fully explained in the article. I will use this article for general forensic information.

portal.acm.org/citation.cfm - Preview

on 2009-02-05

This article explains the point of computer forensics. The requirements of a lab are also detailed throughout the text. The article goes on to explain how the need for forensics grows as computer crime does. I will use this article to explain some of the tools used; however, I will stay away from lab-specific issues as they are irrelevant to my paper.

delivery.acm.org.cobalt.champlain.edu/...p143-francia.pdf - Preview

on 2009-02-03

This article starts by explaining how the traditional "snatch and grab" is executed. It then explains what information is available on the system before it is shut down. This article will be important to learning what information can be collected and what information this will allow the examiner to learn about the computer he/she is examining.

delivery.acm.org/...p63-adelstein.pdf - Preview

on 2009-02-03

This article explains how pulling the plug on a computer and bringing it back to the lab was once the best practice. Now it is not considered the best thing to do. Volatile data may be vital in determining criminal activity. This paper goes on to emphasize the importance of volatile data. This paper will be used to explain some background information about volatile data and how to properly acquire it.

delivery.acm.org/...p65-sutherland.pdf - Preview

on 2009-02-03

This journal article focuses on live analysis and various methods used to hide evidence from investigators. The article also explained countermeasures used for live analysis with their future direction and possible outcomes. This will be an article of importance for my paper.

delivery.acm.org/...p56-carrier.pdf - Preview

on 2009-02-03

This document explains how a static computer forensic examination is an important part of any digital investigation. It then goes on to state that there is valuable information stored in volatile memory that cannot be retrieved or analyzed using traditional static analysis techniques. This will be a main article for my thesis paper.

delivery.acm.org/...p74-hay.pdf - Preview

on 2009-02-03

This book explains how to "put on the gloves" all the way to the details of investigating routers and web attacks. The book also explains how to initially respond to UNIX systems as well as Windows machines. Network surveilance and trap and traces are also mentioned although may not be relevant to the scope of my paper.

site.ebrary.com/...docDetail.action - Preview

on 2009-01-28

This source explains where to look and what to look for on a live system. Live system analysis is also explains how to conduct an investigation of Windows and Unix systems as well as analyzing Network traffic.

site.ebrary.com/...docDetail.action - Preview

on 2009-01-28

This book explains forensic software and hardware tools used to do analysis on digital devices. It explains about the forensics process all the way from write blockers to tool testing and documentation.

site.ebrary.com/...docDetail.action - Preview

on 2009-01-28