This research lays a foundation for automated acquisition of volatile data by presenting a prototype device which carries out the deeds of a forensic investigator, essentially making it a “forensic investigator on a stick”. The Teensy 3.0 device is programmed to interact with an external USB device for storage purposes. All interaction with a live target system must be documented thoroughly according to forensic best practices. Therefore quantitative measurements of system contamination related to the device actions are presented. The device is conclusively able to perform a memory dump and provide a warning of the existence of Truecrypt encrypted containers.
| Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:hh-23264 |
| Date | January 2013 |
| Creators | Berggren, Tommy, Denham-Smith, Adam |
| Publisher | Högskolan i Halmstad, Sektionen för Informationsvetenskap, Data– och Elektroteknik (IDE), Högskolan i Halmstad, Sektionen för Informationsvetenskap, Data– och Elektroteknik (IDE) |
| Source Sets | DiVA Archive at Upsalla University |
| Language | English |
| Detected Language | English |
| Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
| Format | application/pdf |
| Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0021 seconds