Digital Sherlock

In this team project my team and I were tasked with writing a paper that would be combined with other groups from my class to create a book that would be published as an free opensource educational resource report submitted to fulfillment of the requirements for ISA-340 Introduction to Digital Forensics at University of Hawai’i - West O’ahu.The title of the published book is “Topics in Digital Forensic Science - University of Hawaii West Oahu - Vol I No I Fall 2020”(Sharing restricted to UH account access only). Specifically our paper can be found incorporated with the rest of our classmates submission on pages 22-34.

In this paper I was able to construct the template with the requirements for the program writing intensive guidelines. I created the abstract, conclusion/ summary, and citations. We each had specific portions of the paper to contribute with information regarding the “Capabilities and Limitations of Open Source Digital Forensics Applications”, as is the title. The topics I covered detailed digital forensic application/software such as Forensically; Encrypted Disk Detector; SANS Investigate Forensic Toolkit Workstation.

Forensically is an open-source web application tool that performs digital forensic analysis. The free software includes features such as clone detection, Error Level Analysis (ELA), and metadata extraction. Digital forensic investigators survey data and view the contents of the metadata.

EDD is another digital forensic tool that is used to analyze secure drives on a workstation related to a type of malicious/negative intent event. Sometimes digital forensics requires deeper analysis of protected drives and partitions that are involved in investigatory circumstances. These types of initial exhibition of data can further justify the decision to fully assess the data from associated devices in their entirety to ensure proper cloning/replicating of information that is deemed suspect or generally in question.

Being able to accurately attend to the needs of an attack episode with regards towards identifying suspicious activity at any level, is easily comprehensible whilst utilizing professional suite-like digital forensic applications such as SIFT. Detection of interruptions of service or productivity in the business is essential towards the assertation of in-depth analytical conclusion.

Overall, the most exciting lesson learned from writing this contribution was actually the fact it was published. What a great honor, and experience. Future students will continue to study from our book and also publish other books through that ISA 340 course professor Dr. Burrell.