مرکز منطقه ای اطلاع رساني علوم و فناوري

DocumentCode :

3308960

Title :

Forensics for advanced UNIX file systems

Author :

Eckstein, Knut

Author_Institution :

NATO, The Hague, Netherlands

fYear :

2004

fDate :

10-11 June 2004

Firstpage :

377

Lastpage :

385

Abstract :

Advanced UNIX file systems differ substantially from traditional UNIX file systems with respect to their internal layout and data structures. This paper analyzes these differences and their effects on the methods and results of digital forensic media analysis. In addition, it provides results from a prototype implementation of a forensic toolkit for an advanced UNIX file system, IBM´s Journaling File System for Linux, Finally a generalized scheme for categorizing file system meta-data is proposed.

Keywords :

Unix; data structures; meta data; security of data; Linux; advanced UNIX file system; data structure; digital forensic media analysis; file system meta-data; Binary trees; Digital forensics; File systems; Linux; Open source software; Performance analysis; Prototypes; Robustness; Software packages; Transaction databases;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Information Assurance Workshop, 2004. Proceedings from the Fifth Annual IEEE SMC

Print_ISBN :

0-7803-8572-1

Type :

conf

DOI :

10.1109/IAW.2004.1437842

Filename :

1437842

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3308960