| Paper | Author |
| Techniques and Tools for Recovering and Analyzing Data from Volatile Memory | Amari, Kristine |
| Mobile Device Forensics | Martin, Andrew |
| A Forensic Primer for Usenet Evidence | Lachniet, Mark |
| Mac OS X Malware Analysis | Yonts, Joel |
| Data carving Concepts | Merola, Antonio |
| Ex-Tip: An Extensible Timeline Analysis Framework in Perl | Cloppert, Michael |
| Reverse Engineering the Microsoft exFAT File System | Shullich, Robert |
| Logic Models for Computer Forensics | Garrett, Jim |
| Google Desktop Search as an Analysis Tool | Poldervaart, Chris |
| Taking advantage of Ext3 journaling file system in a forensic investigation | Narvaez, Gregorio |
| A Forensic Investigation Plan and Cookbook | King, Gerald |
| Analysis of a serial based digital voice recorder | Wright, Craig |
| Analysis of a seized USB Flashdrive | Yuen, Cheuk Wai |
| Unspoken Truths - Forensic Analysis of an Unknown Binary | Velocci, Louie |
| Forensic Analysis of a SQL Server 2005 Database Server | Fowler, Kevvie |
| Forensic Analysis of a Compromised Intranet Server | Obialero, Roberto |
| Discovery Of A Rootkit: A simple scan leads to a complex solution | Melvin, John |
| Lessons from a Linux Compromise | Ritchie, John |
| CC Terminals, Inc.Forensic Examination Report: Examination of a USB Hard Drive | Duckworth, Brent |
| Forensic Analysis of a Compromised NT Server(Phishing) | Velazquez, Andres |
| CC Terminals Computer Forensics Analysis Report | Do, George |
| Analysis of a USB Flashdrive | Chablais, Christian |
| Forensic Analysis of a USB Flash Drive | Bennie, Norrie |
| Examining an Unknown Image & Analysis of a compromised Honeypot | Ramli, Farina |
| Forensic Examination of USB Data storage artifact | Reardon, Ben |
| Forensic analysis of a provided image | Pereira, Rudolph |
| Analysis of an unknown USB JumpDrive image | Hiew, Roger |
| Forensic Analysis on a compromised Windows 2000 system | Ng, George |
| Forensic Analysis: Leila Conlay versus Robert Lawrence, Harassment Case | Carpenter, Matthew |
| Forensic Investigation of USB Flashdrive Image for CC Terminals | Diggs, Rhonda |
| Forensic Analysis of a Misused System | Shettler, David |
| Forensic analysis of a Fedora Core 3 Notebook | Halm, Michael |
| Steganography for spies and spybots for hackers | Christensen, Andrew |
| ANALYSIS OF AN IMAGE PROVIDED FROM THE GIAC WEBSITE | Reyes Mu�oz, Juan Carlos |
| Forensic with Open-Source Tools and Platform: USB Flash Drive Image Forensic Analysis | Ong, Leonard |
| CC Terminals Harassment Case | Farrington, Dean |
| Computer forensics investigation - Image file analysis | Spellane, Michael |
| Careless Crackers kill Computers | O'Brien, Conall |
| Camouflaged and Attacked? | Marasky, Bertha |
| Analysis of WinHex | Dillinger, Jessica |
| Analyze an Unknown Image and Perform Forensic Tool Validation | Watson, Patricia |
| Forensic Analysis of Camouflage and Validation of X-Ways Forensics Tool | Aylor, Michael |
| Forensic Image Analysis of a USB Flashdrive | Heerwagen, Howard |
| Forensic analysis of a seized USB Flashdrive image | Doyle, Ben |
| Analysis of an unknown disk | Simsic, Jure |
| Report on the Forensic Analysis of a recovered Floppy Disk | Armstrong, Steve |
| Analysis of a FAT16 formatted image using Linux, TSK and Autopsy | Hansen, Ove |
| Oracle Database Forensics using LogMiner | Wright, Paul |
| Infected or Owned? | Chuvakin, Anton |
| Analysis of a 64MB Lexar Media USB JumpDrive | Chen, Joseph |
| Spanish-Forensic Analysis of a Windows 98b system | Ruiz, Oscar |
| Forensic Analysis on a Windows 2000 Server | Cassidy, Regis |
| Forensic Analysis of an Apple iBook G4 | Partida, Alberto |
| NTLast as a Forensic Tool | Grime, Richard |
| Analyze an image and Perform Forensic | Pecorella, Francisco |
| Evaluaton of a Zero-Day Worm Variant at a Health Clinic | Taylor, Jonathan |
| Analyze an Unknown Image and Forensic Tool Validation: Sterilize | Becker, Steven |
| Analysis of a Windows XP Professional compromised system | Santander, Manuel |
| Analysis of a Commercial Keylogger installed on multiple systems | Namuth, Merlin |
| HONORS-Analysis of a USB Flashdrive Image | Siles, Raul |
| Analysis of a USB Flashdrive Image | Wenchel, Kevin |
| A Touch of Superiority in Linux | Griffin, Slade |
| Forensic Analysis of a Windows 2000 Server | Ghavalas, Byrne |
| Forensic analysis of a Windows XP SP1 | Ferrill, Rob |
| Forensic analysis of a honeypot RedHat Linux 6.2 | Read, Mark |
| Compromise analysis of a University SGI Indy workstation running IRIX | Russel, Chris |
| Forensic analysis of a compromised Solaris server | Shepherd, Russell |
| Analysis on a compromised RedHat 8.0 machine | Deline, Jessica |
| Analysis on a compromised Linux RedHat 8.0 Honeypot | Bryner, Jeff |
| Forensic analysis of a Windows 98 system | Shenk, Jerry |
| Forensic Analysis on a Windows 2000 system | Hayday, John |
| Forensic Investigation of a Hacked Redhat 7.1 System | Khedekar, Nihar |
| Perform Forensic Analysis on a Red Hat Linux release 7.1.2 Server | Pawar, Pramod |
| Forensic Analysis of a Red Hat Linux release 7.1 Server | VK, Vijaykumar |
| Use of SSH as a forensic tool | Bro, Layne |
| Forensic Analysis on a compromised Windows 2000 Honeypot | Hewitt, Peter |
| Forensic Tool Validation of Compromised Computer Inventory System | Perry, James |
| How not to use a rootkit | Wilson, Michael |
| Analysis of a Red Hat Honeypot | Shewmaker, James |
| Forensic Analysis on a compromised Linux Web Server | Malone, Jeri |
| Forensic Analysis of a Sun Ultra System | Chmielarski, Tom |
| Forensic Validity of Netcat | Worman, Michael |
| Forensic Analysis on a Windows 2000 Pro Workstation | Cragg, David |
| Forensic Analysis on acquired EBay Hard Drives | Bunnell, Richard |
| Forensic Analysis on a Linux IPNET challenge syste | Rinaldi, Alfredo |
| Forensic Analysis of a Windows 2000 Web Server | Liu, Yi-Chung |
| Evaluation of The Forensic Toolkit | Kamoshida, Akiteru |
| Forensic Analysis of an EBay acquired Drive | Wesemann, Daniel |
| Analysis of a Compromised Honeypot-VMware/Linux7.3 | Hall, Stephen |
| Becoming a Forensic Investigator/Use of Forensic Toolkit | Maher, Mark |
| Forensic analysis of a Windows 2000 computer literacy training and software development device | Richard, Golden |
| Sys Admins and Hackers/Analysis of a hacked system | Fresen, Lars |
| Forensic Analysis of a Windows 2000 server with IIS and Oracle | Binde, Beth |
| Romanian Winter-Forensic Analysis of a Linux system | Ladstaetter, Garnot |
| Forensic Analysis of a compromised Sun Ultra 5 workstation | Madzelan, Carl |
| Forensic analysis of a compromised Linux RedHat 7.3 system | Miller, Kevin |
| Analysis of a Linux Honeypot | Hudak, Tyler |
| Forensic Analysis Procedures of a Compromised system using Encase | McGurk, Jeffrey |
| Analysis of tar2d2 as a Forensic Tool | Adelstein, Frank |
| Forensic analysis of a Compromised Red Hat 7.2 Web Server | Walker, Martin |
| Forensic analysis of a Compromised Windows 2000 workstation | Fraser, Charles |
| Forensic Examination of a home firewall and network services system | Carlson, Brian |
| Evaluation of Crocwareis Mount Image Pro as a Forensic Tool | Tower-Pierce, Hugh |
| Forensic Tool Evaluation-Pasco | Larabee, Rick |
| Forensic Tool Evaluation-MiTeC Registry File Viewer | Fiscus, Kevin |
| Hidden Data Is Evidence Too/Metadata Assistant tool Evaluation | Pelcher, Bob |
| Compromised Redhat Linux 7.2 Honeypot Analysis | Anderson, Jason |
| Forensic analysis/process for a Windows 2000 SP2 Pro with IIS installed | Callahan, Jennie |
| Trash and Treasure-Computer Forensics and Public Domain Data (Bmap Tool Analysis) | Scott, Michael |
| Evaluation of Forensics SF-5000u as forensic Hardware | Hickey, Steven |
| Hackers and Trackers(Linux Forensic Analysis) | Scott, Andy |
| Review of Foundstone Vision as a forensic tool | Bingham, Bil |
| Forensic Analysis of a RedHat 7.1 Server with Apache Web Server | Sierra, Aaron |
| Analysis of a Suspect Red Hat 6.2 Linux Server | Venere, Guilherme |
| Forensics under Brazilian Legislation(HoneyPot evaluation) | Piccolini, Jacomo |
| Piping a Shell in a ICMP Tunnel-A Forensic Study of Malicious Code | Noakes, Robert |
| Analysis of an IRC-bot compromised Microsoft Windows system | Kolde, Jennifer |
| Eavaluation of Linux ext2 file system debugger/debugfs for forensic use | Harvey, Michael |
| Evaluation of Windows Forensic Toolchest | McDougal, Monty |
| An Endeavor Down the Forensic Highway(Windows 2000 Professional) | Westphal, Kristy |
| Forensic Analysis of a Honeypot Redhat 6.2 system | Olensky, Sven |
| Forensic Analysis of a Compromised Windows NT4 workstation | Hammill, Adrian |
| Analysis of a Windows 2000 corporate web server | Cordeschi, Carlo |
| Forensic event with a Microsoft Windows 2000 Server | Nolin, Norbert |
| Validaton of icat and ils for Forensic Use | Gabler, David |
| Safe at Home? | Perez, David |
| Evaluation of a Honeypot Windows 2000 Server with an IIS Web/FTP Server | Pearlstein, Kenneth |
| Forensic Tool Validation, and Legal Issues of Incident Handling | Vera, Christopher |
| Forensic Analysis and process of a Mandrake Linux 9.1 system | Da Cruz, Dennis |
| Binary Analysis, Forensics and Legal Issues | Wyman, Michael |
| Analyses of Italian Malware, Romanian Rootkits, and United States Computer Law | Ford, Michael |
| Forensic Analysis of a Compromised System | Lee, Richard |
| Analysis of a compromised RedHat 6.2 web server running Apache | Filmer, Bradley |
| If it quacks like a duck, is it really a duck? | Hall, Andrew |
| Forensic Analysis of Shared Workstation | Kerr, Michael |
| Ironically , Some Targets Are Harder Than Others | Clarkson, Michael |
| Legal Issues of Computer Incident Handling | Psaila, Helen |
| Forensics and Incident Response : Three Investigations | Hutson, Brian |
| Digging covert tunnels Analysis of an unknown binary | Murr, Michael |
| Computer Forensic Analysis of an Unknown Binary and The Complete Computer Forensic Investigation of a Hard Drive | Capellini, Brian |
| An Exercise In Practical Computer Forensic Analysis | Campaign, Adam |
| Forensic Analysis of a MUD Gaming/Development Server | Banghart, John |
| Forensic Investigation, Analysis, Documentation, and Law | Prentner, Karl |
| Forensic Analysis of Suplused system hard drives | Bellamy, Jr., William |
| Analyzing a Binary File and File Partitions for Forensic Evidence | Butler, James |
| Open Source Forensic Analysis - Windows 2000 Server - | Arnes, Andre |
| Forensic Analysis of Another Honeypot | Lisman, Jarrad |
| Forensic Analysis Think pad 600 laptop running Windows 2000 server | Bowers, Brad |
| Analysis of a Suspect Red Hat Linux 7.2 System Running Apache v1.3.22 | Lee, Christopher |
| EasyRecovery Professional (ER Pro) | Khalid, Kamarul Baharin |
| A Proposal for a Binary Comparison Technique | Lamastra, Gerardo |
| Forensic Analysis of dual bootable Operating System (OS) running a default Red Hat 6.2 Linux server installation and Windows 98 | Othman, Mohd Shukri |
| Analysis of a Software Write Blocker - That Works? | Chevalier, Suzanne |
| Forensic Analysis of an unfamiliar Windows 2000 system | Kurasiewicz, Jeff |
| An Examination of a Compromised Solaris Honeypot, an Unknown Binary, and the Legal Issues Surrounding Incident Investigations | Mccauley, Robert |
| Analysis of LOKI2, Using mtree as a Forensic Tool, and Sharing Data with Law Enforcement | Korty, Andrew |
| Forensic Studies in the Digital World | de Jong, Mark |
| System Analysis of a Compromised Windows 2000 Professional System | Stuart, Robin |
| Loki & the Honeypot: Forensic Analyses | Geiger, Matthew |
| Use of sg_dd for Computer Forensics | Stone, Michael |
| Forensic Analysis of a Discarded University Computer System | Craiger, Philip |
| Analysis of a Suspect Windows 2000 Server SP3 Running IIS | Faber, Sid |
| Forensic analysis of a compromised RedHat Linux 7.0 system | Cunningham, Jacob |
| Analysis of a Compromised Honeypot on a Cable Modem | Schlereth, Matthew |
| Validation of Norton Ghost 2003 | Brozycki, John |
| Validation of NTLast v3.0 | Dolak, John |
| Analysis of a Suspect Red Hat Linux 6.2 System | Strubinger, Ray |
| Analysis of a Suspect Windows 95 SR2 System | Filiberto, James |
| Validation of TASK v1.50 fsstat and dstat | Ginski, Richard |
| A Search for the Origin of a September 2001 Bomb Threat | Curd, Bill |
| Validation of The Coroner's Toolkit v1.11 mactime | Dalton, Matthew |
| Validation of GNU tar v1.13.19 & v1.13.25 and GNU cpio v2.4.2 & v2.5 | Calabrese, Chris |
| Analysis of a Compromised Windows NT 4.0 Server Running MS SQL Server 7.0 | Lukacs, Steven |
| Validation of GNU strings v2.11.90.0.8 | Desai, Neil |
| Validation of Process Accounting Records | Clausing, Jim |
| Analysis of a Honeypot running Red Hat Linux 6.2 | Murphy, Keven |
| Analysis and Comparison of Red Hat Linux 6.2 Honeypots With & Without LIDS-enabled Kernels | Owen, Greg |
| Analysis of a Suspect Red Hat Linux 6.2 System | Van Riper, Ryan |
| Analysis of a Compromised Red Hat Linux 7.2 System | Pierce, Jerry |
| Analysis of an Unknown Red Hat Linux 7.3 System | Pedersen, Stephen |
| Analysis of an Unknown Mac OS X Public Beta System Using Mac OS X 10.2 | Miller, Roland |
| Validation of ISObuster v1.0 | Dietz, Steven |
| Analysis of a Suspect Windows XP Professional System | Wagner, Dave |
| Analysis of a Potentially Misused Windows 95 System | Leibolt, Gregory |
| Validation of Restorer 2000 Pro v1.1 (Build 110621) | Brooker, Denis |
| Validation of a Modified UNIX "script" Command to Monitor Shell Sessions | Barnett, Ryan |
| Analysis of a Suspect Red Hat Linux 6.1 System | Fung, James
|
| Analysis of a Virus Infected Windows 98 SE System | Hayler, Richard |
發表文章
0 意見: