Thursday, June 25, 2009

Today's Forensics Tools

Today’s computer forensic research is largely divided according to the kind of data being analyzed, rather than the kind of analysis being performed. There is disk forensics, network forensics, RAM forensics, cell phone and small device forensics, document forensics and software forensics. "Research in all of these areas is limited by the inability of experimenters to obtain large datasets that are realistic, varied, and representative of the data from the field. Becausethey lack data, researchers can’t pursue many of the problems faced by today’s forensic practitioners" (Garfinkel).

Today much of the work in the field of computer forensics is focused on visualizing tools, data extraction techniques, and algorithm development. But this work is generally performed on small data sets provided by the experiment. "Few algorithms are validated on a wide range of data, and few tools developed by researchers work reliably in the field when they are exposed to data that is not conformant with the test sets" (Garfinkel). Even more troubling, researchers are missing algorithms and techniques that require massive amounts of information for proper operation.

Work Cited: Garfinkel, Simon L. "Forensic Corpora:A Challenge for Forensic Research". 10 April 2007. http://simson.net/ref/2007/Forensic_Corpora.pdf

1 comment:

  1. Reading this particular post, made it easier for me to understand, what it is that they use to get all this information about one person, or persons. Technology has made all these tools for a reason, to help find missing children, criminals, victims and many more. i can't imagine how many criminals would be roaming the streets, although there still are, but with Forensic Science it has lowered the number and it's helping many other people. As I've stated before, this is probably one of the most informative blogs I've visited and it continues to be.

    ReplyDelete