dfm covers
 
 

In This Issue


Issue 16 - Out now!

Here's a quick review of some of the main articles within Issue 16


Issue 16 of Digital Forensics Magazine brings new techniques and ideas to the industry. Subscribe today to ensure you get digital access, or if you want, subscribe to the print edition. Find out more at our subscriptions pages.

Here's just a few of the fantastic articles inside Issue 16...


VM Introspection: Creating New Frontiers For Live Forensics

In this article Rahul Kashyap looks at the unearthing and profiling sophisticated x64 bit kernel mode bootkits that continue to leverage holes on Windows 7 to bypass protection mechanisms like windows Patchguard to persist and infect machines. This article will describe some of the holes that these bootkits leverage with in-depth details and then will present some new emerging analysis technologies that leverage hypervisor enabled VM introspection.


Google Desktop Forensic Examinations

Digital forensic examiners may examine Google Desktop artifacts during an investigation. In the first part of her two part article Jenn Byrne looked at Google Desktop, how it works and how to do searches. In this second part of her article Jenn Byrne continues the analysis of Google Desktop.


Five Tips for Using Google Earth in Forensic Cases

A variety of commercial mobile forensic tools on the market are now exporting data and files in a Google Earth file format, this article by Michael Harrington aims to give analysts five ways they can use right away to make their data more meaningful and presentable to investigating officers and in court rooms. Readers will learn how to modify description bubbles, add a logo, organize a case, locate coordinates and add pictures.


Social Networking Steganography

Hidden messaging is an ancient art that has received a mega boost in the digital age. The mediums permit open communication and, consequently, the potential of hidden message propagation (steganography). All communication media can be used for criminal purposes and the undermining of legitimate activities. The rich opportunities in social networking sites present a vast scope for messaging in images, text, sound files and so on. Brian Cusack and Aimie Chee investigate whether or not steganography should be a routine forensics check.

iPhone Backup Files

An abundance of research and time is afforded to devices such as the iPhone, due to the vast quantity of data that they can now facilitate and their potential to be utilized as a viable source of evidence. However, the iPhone backup file, a partial replica of the physical device, has yet to receive the same level of consideration. The first of two articles by Kate Wright provides an insight into the iPhone Backup file based on research and theoretical evaluation. It highlights the importance of the backup file as an integral component of the forensic process, whilst laying the foundations for the second technical-based article.


A Fresh Look at Cryptography

Julian Ashbourn takes a look at cryptography in general and introduces the simple SilkPad application as a means to demonstrate some of the principles involved. The article questions whether the sophistication and architecture of current methodologies is necessarily a good thing and will look ahead to the future of cryptography.


Utilising Reputation Data

Every day hundreds of new malware samples are discovered and the antivirus (AV) detection rate for each varies. The problem facing AV vendors is an intractable one; there are simply too many ways that authors of malware can package their code to evade detection. In this article William Anderson takes a look at why AV products need to be augmented by other tools and techniques.

History of Malware

In past three decades almost everything has changed in the field of malware and malware analysis. From malware created as proof of some security concept and malware created for financial gain to malware created to sabotage infrastructure. In this article Nikola Milosevic focus on history and evolution of malware and describes the most important malware found to date.



Plus all the regular features, news, Robservations, our legal section and Apple Autopsy...


Login to read online or Subscribe today!



 
Please make cache directory writable.
 

Submit an Article

Call for Articles

We are keen to publish new articles from all aspects of digital forensics. Click to contact us with your completed article or article ideas.

Featured Book

Learning iOS Forensics

A practical hands-on guide to acquire and analyse iOS devices with the latest forensic techniques and tools.

Meet the Authors

George Bailey

George Bailey is an IT security professional with over 15 years of experience

 

Coming up in the Next issue of Digital Forensics Magazine

Coming up in Issue 34 on sale from February 2018:


Device Forensics in the Internet of Things

As more businesses and consumers adopt IoT devices, privacy violations and cyber-attacks by malicious actors will become commonplace due to the insecure IoT infrastructure. Read More »

Data Destruction In Current Hard Disks & Data Destruction Techniques

Data destruction is a process traditionally applied using physical techniques, aiming at the completely destruction of the hard disk, however, there is an increasing interest in the use of logical techniques for data destruction, that allow reusing the physical device. Read More »

Subscribe today


Faster Searching For Known Illegal Content

Cryptographic (“MD5”) hash searching for known illegal material is one of the most thorough methods of digital forensic investigation. However, the technique is hampered by the ever-increasing size of media being examined, and the size of the hash list being searched. Read More »

Every Issue
Plus the usual Competition, Book Reviews, 360, IRQ, Legal

Click here to read more about the next issue