Forgot your password?
Meetings
Enlightenment EVAS GUI canvas.
Document Actions
File Carving
Andy Bair will be presenting his "File Carving" talk. (This talk was previously presented at another GNHLUG chapter, and is scheduled to be done at least once more in 2007 at another GNHLUG chapter location.)
| What | Meeting |
|---|---|
| When |
2007-01-08 19:00
2007-01-08 21:00
2007-01-08 from 19:00 to 21:00 |
| Where | UNH Morse Hall conference room 301 |
| Contact Email | rea@sr.unh.edu |
| Add event to calendar |
vCal
iCal
|
Andy Bair, Klayton Monroe, and Jay Smith were announced as winners of the 2006 File Carving Challenge at the 6th Annual Digital Forensic Research Workshop (DFRWS). Challenge participants were asked to develop new tools and techniques to extract as many files as possible from a DFRWS-prepared data set while reducing the number of false positives. Data carving techniques are used during digital forensic investigations and existing file carving tools typically produce many false positives.
Andy will present the results of the challenge, following this draft outline.
Introduction to File Carving
2006 File Carving Challenge
- Methodology
- FTimes Overview
- FTimes XMagic
- Compute and Plot Statistics
- FTimes Enumeration of File Structures
Conclusion
You can download the presentation from the following link.
http://www.korelogic.com/Resources/Projects/dfrws_challenge_2006/DFRWS_2006_File_Carving_Challenge.pdf
You can read about the challenge at the following links.
You can download the challenge results, receive updates and additional information at the folowing link.
http://www.korelogic.com/Resources/Projects/dfrws_challenge_2006/
You can see our initial results at the following link, read the README.1st file then the README file.
http://www.dfrws.org/2006/challenge/submissions/bair/