Digital forensics: A demonstration of the effectiveness of the sleuth kit and autopsy forensic browser

Dowling, Anthony

OUR Archive Home
→
Research Types
→
Thesis
→
Thesis - Masters
→
View Item

Login to OUR Archive using your University of Otago credentials. We have changed how you log into OUR Archive so you will not need to create another account in order to deposit your research outputs. If you have bookmarked the old login page, please update your bookmarks. Note: This change will not affect Thesis Deposit, because an account is not required to submit your e-thesis.

Digital forensics: A demonstration of the effectiveness of the sleuth kit and autopsy forensic browser

Dowling, Anthony

Cite this item: Dowling, A. (2006, May 14). Digital forensics: A demonstration of the effectiveness of the sleuth kit and autopsy forensic browser (Dissertation, Master of Science). Retrieved from http://hdl.handle.net/10523/1338

Permanent link to OUR Archive version: http://hdl.handle.net/10523/1338

Date: 2006-05-14

Degree Name: Master of Science

Degree Discipline: Information Science

Keywords: Sleuth Kit; Linux; Autopsy Forensic Browser; investigation; digital forensic tools,

Research Type: Thesis

Abstract:

The Sleuth Kit is a collection of Linux tools that perform different aspects of a file system analysis. The Autopsy Forensic Browser is a graphical user interface that provides a user friendly interface to the command line tools contained within The Sleuth Kit.

This research project investigates the use of The Sleuth Kit and Autopsy Forensic Browser as forensic investigation tools, with the aim of demonstrating the effectiveness of these tools in real world case studies as digital forensic tools.

The research found that The Sleuth Kit and Autopsy Forensic Browser provide an effective file system analysis toolset. The flexibility of the tools contained within The Sleuth Kit often lead to complex command line strings, the complexity of which is overcome by the automation provided by the Autopsy Forensic Browser. Not only do The Sleuth Kit and Autopsy Forensic browser provide an effective toolset, they also offer an affordable alternative to expensive commercial or proprietary based toolsets.

Digital Forensics is an area of increasing importance with an expanding field of coverage requiring many different tools to help perform varying functions. It is with this in mind that the focus of this research project is three case studies that are utilised to demonstrate the effectiveness of The Sleuth Kit and Autopsy Forensic Browser.

The demonstration of The Sleuth Kit and Autopsy Forensic Browser contained within the case studies could serve as an introductory overview of a new toolset for investigators looking for an alternative or complementary Digital Forensics toolset.

Show full item record