8 years 7 years

From Digital Forensics 2 lecture 7

  • Project in Digital Forensics 2 is expected to be 10 pages state of the art overview. Read many papers, understand them, contribute by putting in system, argument, supporting examples, drag in things from other contexts.
  • Project in Computational forensics some 4 pages with focus on coding something

S2_CompFor_file_system_visualization_tool
size 438.8 KiB
sha256: 1553fc36a7...5517aac3d0


S2_CompFor_file_system_visualization_tool_source
size 12.4 MiB
sha256: 71bd764d66...c69d52a19b

When writing: Background writer, define the questions!, brainstorm, (who, what, when, where, why, how), add logic order, one place for each item, what is the problem, what is already known, benchmark solutions, write body when this is already known. For each paragraph, state topic, what is it about, facts, examples, personal experiences. Last write conclusion, restate thesis statement, restate topic, state opinion/preference, give solution, why it works, sum up all the paper. Where to go on, further work. Read it after a break. Peer review.

Lecture #2
Today we sat discussing our ideas even further. We were presented a site TAS3.eu with information on a project to protect personal data intended for e-health and e-employment situations. The deadline for formal deliver of topic is moved to 5th of May because of two other projects in other subjects. By then we need to decide on abstract containing:

  • What it is all about
  • Why it's important
  • Challenges in the topic
  • Research questions you want to study
  • What needs to be done in order to solve/answer the questions

Lecture #1
Today, 9th April we got some details on the computational forensics project. We are going to write a report combining digital forensics with machine learning. The focus is "trial for master thesis" and for preparing the research planning next fall. It's individual work and the output should be code and experiments, not literature studies.

Important dates: In one week (16th) we shall be ready with our initial thinking of topics we want to study. In two (23rd) weeks we are going to present (3 slides, some minutes) what we think of doing. We can combine the project in this course with digital forensics, like the practical task in CompFor and a theoretical in DF, but it's up to us. Final delivery will be the 25th of June (2 months and 2 weeks).

We talked a bit about different kinds of topics, and at the last half we went trough the presentation we did the first lecture in digital forensics (Testimon lab, reserach agenda, "big data" / usage of machine learning in forensics). It made a bit more sense now after having machine learning.

Topics (forensics and general and some relevant for compfor):

  • Internet investigation (related to social media, forums for intelligence gathering)
  • Detecting forgery in digital documents
  • Search huge amounts of data / evidence for categories of information (across file formats)
  • Malware analysis (like execution flows)
  • Translate law into technical terms / code
  • Pattern recognition in written text (number of authors, recognition of writing style)
  • Compare electronic documents with scanned documents
  • Encryption analysis (analysis of encrypted devices)
  • How to perform objective analysis on conflicting information (people make mistakes, decision making)
  • Anonymization of data for releasing it to academic purposes
  • Who created and what is the original file?

Additional reading:
Strengthening Forensic Science in the United States: A Path Forward (2009)
US Department of Defense Strategy for Operating in Cyberspace (2011)
Splunk