Market share of the Apple computers are continuously increasing day by day and Apple provides an OS X as a default operating system in their computers. The time has already arrived when digital forensic examiner needs sound and efficient digital forensic techniques for Mac OS X to collect evidences related cybercrime. The information source for artifacts may be application such …

The field Incident Response within the IT Security is the overall process of handling an incident which occurs within a computer network or system. It involves the detection, analysis, remediation, and containment of an attack. This capabilities are necessary in order to adequately respond to attacks against systems and be able to limit the associated risk involved in such a …

A malware is deployed ubiquitously to steal safety or liability-critical information and damage the compromised systems. In this paper, the authors present a portable, scalable and transparent system for dynamic analysis of malware targeting Windows OS. The portability feature is enabled by introducing a driver capable of collecting the behavioural activities of analysed samples in low kernel level and detection …

In the course of the last years, there has been an established forensic process in place known by every investigator and researcher. This traditional process is regarded to produce valid evidence when it comes to court trials and, more importantly, it specifies on a very precise level how to acquire a suspects machine and handle the data within. However, when …

In recent times, the Internet of Things (IoT) has rapidly emerged as one of the most influential information and communication technologies (ICT). The various constituents of the IoT together offer novel technological opportunities by facilitating the so-called “hyper-connected world.” The fundamental tasks that need to be performed to provide such a function involve the transceiving, storing, and analyzing of digital …

Mobile phones have been playing a very significant role in our daily activities for the last decade. With the increase need for these devices, people are now more reliant on their smartphone applications for their daily tasks and many prefer to save their mobile data on a cloud platform to access them anywhere on any device. Cloud technology is the …

The goal of cyber attack investigation is to fully reconstruct the details of an attack, so we can trace back to its origin, and recover the system from the damage caused by the attack. However, it is often difficult and requires tremendous manual efforts because attack events occurred days or even weeks before the investigation and detailed information we need …

File systems have always played a vital role in digital forensics and during the past 30-40 years many of these have been developed to suit different needs. Some file systems are more tightly connected to a specific Operating System (OS). For instance HFS and HFS+ have been the file systems of choice in Apple devices for over 30 years. Much …

Carrier’s book File System Forensic Analysis is one of the most comprehensive sources when it comes to the forensic analysis of file systems. Published in 2005, it provides details about the most commonly used file systems of that time as well as a process model to analyze file systems in general. The Sleuth Kit is the implementation of Carrier’s model …

IoT device forensics is a difficult problem given that manufactured IoT devices are not standardized, many store little to no historical data, and are always connected; making them extremely volatile. The goal of this paper was to address these challenges by presenting a primary account for a general framework and practical approach we term Forensic State Acquisition from Internet of …