Software:Digital Forensics Framework

From HandWiki
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Digital Forensics Framework (DFF)
Original author(s)Frédéric Baguelin, Solal Jacob, Christophe Malinge, Jérémy Mounier
Developer(s)Frédéric Baguelin, Solal Jacob, Jérémy Mounier
Stable release
1.3.0[1] / February 28, 2013; 11 years ago (2013-02-28)
Written inC++, Python, PyQt4
Operating systemUnix-like, Windows
Available in7 languages
TypeComputer forensics
LicenseGPL
Websitewww.digital-forensic.org

Digital Forensics Framework (DFF) was a computer forensics open-source software. It is used by professionals and non-experts to collect, preserve and reveal digital evidence without compromising systems and data.[2]

User interfaces

Digital Forensics Framework offers a graphical user interface (GUI) developed in PyQt and a classical tree view. Features such as recursive view, tagging, live search and bookmarking are available. Its command line interface allows the user to remotely perform digital investigation. It comes with common shell functions such as completion, task management, globing and keyboard shortcuts. DFF can run batch scripts at startup to automate repetitive tasks. Advanced users and developers can use DFF directly from a Python interpreter to script their investigation.

Distribution methods

In addition to the source code package and binary installers for Linux and Windows,[3] Digital Forensics Framework is available in operating system distributions as is typical in free and open-source software (FOSS), including Debian,[4] Fedora and[5] Ubuntu.

Other Digital Forensics Framework methods available are digital forensics oriented distribution and live cd:

  • DEFT Linux Live CD[6]
  • Kali Linux[7]

Publications

  • "Scriptez vos analyses forensiques avec Python et DFF" in the French magazine MISC[8]
  • Several presentations about DFF in conferences: "Digital Forensics Framework" at ESGI Security Day[9] "An introduction to digital forensics" at RMLL 2013[10]

Published books that mention Digital Forensics Framework are:

  • Digital Forensics with Open Source Tools (Syngress, 2011)[11]
  • Computer Forensik Hacks (O'Reilly, 2012)[12]
  • Malwares - Identification, analyse et éradication (Epsilon, 2013)[13]
  • Digital Forensics for Handheld Devices (CRC Press Inc, 2012)[14]

In literature

  • Saving Rain: The First Novel in The Rain Trilogy[15]

White papers

  • Selective Imaging Revisited[16]
  • A survey of main memory acquisition and analysis techniques for the windows operating system[17]
  • Uforia : Universal forensic indexer and analyzer[18]
  • Visualizing Indicators of Rootkit Infections in Memory Forensics[19]
  • EM-DMKM Case Study Computer and Network Forensics[20]
  • OV-chipcard DFF Extension[21]
  • L'investigation numérique « libre »[22]
  • Malware analysis method based on reverse technology (恶意 口序分析方法 耐)[23]

Prize

DFF was used to solve the 2010 Digital Forensic Research Workshop (DFRWS) challenge consisting of the reconstructing a physical dump of a NAND flash memory.[24]

References

  1. "[dff] Digital Forensics Framework 1.3.0 released". Lists.digital-forensic.org. http://lists.digital-forensic.org/pipermail/dff/2013-February/000117.html. Retrieved 2014-02-16. 
  2. "Welcome to S.B. Jain Institute of Technology Management and Research". ArxSys. http://www.sbjit.edu.in/. Retrieved 28 May 2014. 
  3. "Open Source digital forensics & incident response software". Digital-forensic.org. http://www.digital-forensic.org/downloads/dff. Retrieved 2014-02-16. 
  4. "DFF accepted into Debian - Pollux's blog". Wzdftpd.net. https://www.wzdftpd.net/blog/index.php?post/2011/10/18/DFF-accepted-into-Debian. Retrieved 2014-02-16. 
  5. "Linux Forensics Tools Repository". Archived from the original on November 4, 2013. https://web.archive.org/web/20131104091132/http://www.cert.org/forensics/tools/. Retrieved January 24, 2014. 
  6. "DEFT 8 Roadmap and features | DEFT Linux - Computer Forensics live CD". DEFT Linux. http://www.deftlinux.net/2013/02/20/deft-8-roadmap-and-features/. Retrieved 2014-02-16. 
  7. "Packages Summary". Git.kali.org. 2013-02-02. http://git.kali.org/gitweb/?p=packages/dff.git;a=summary. Retrieved 2014-02-16. 
  8. "Misc 70 - LES EDITIONS DIAMOND". Boutique.ed-diamond.com. http://boutique.ed-diamond.com/misc/506-misc70.html. Retrieved 2014-02-16. 
  9. "Security Day". Archived from the original on February 2, 2014. https://web.archive.org/web/20140202175327/http://www.esgilab-secu.com/fiche.php. Retrieved January 24, 2014. 
  10. [1][|permanent dead link|dead link}}]
  11. Altheide, Cory; Carvey, Harlan (2011-04-28). Digital Forensics with Open Source Tools: Cory Altheide, Harlan Carvey: 9781597495868: Amazon.com: Books. ISBN 978-1597495868. 
  12. Computer-Forensik Hacks: Amazon.de: Lorenz Kuhlee, Victor Völzow: Bücher. 2009-09-09. ASIN 3868991212. 
  13. Malwares - Identification, analyse et éradication: Amazon.fr: Paul Rascagneres: Livres. 2009-09-09. ASIN 2746079658. 
  14. Digital Forensics for Handheld Devices: Amazon.fr: Eamon P. Doherty: Livres anglais et étrangers. 2009-09-09. ASIN 1439898774. 
  15. "Saving Rain: The First Novel in The Rain Trilogy eBook: Karen-Anne Stewart: Kindle Store". https://www.amazon.com/Saving-Rain-First-Novel-Trilogy-ebook/dp/B00FDN3RTU. Retrieved 2014-02-16. 
  16. Stuttgen, Johannes; Dewald, Andreas; Freiling, Felix C. (2013-03-14). "Selective Imaging Revisited". 2013 Seventh International Conference on IT Security Incident Management and IT Forensics. Ieeexplore.ieee.org. pp. 45–58. doi:10.1109/IMF.2013.16. ISBN 978-1-4673-6307-5. 
  17. Vömel, Stefan; Freiling, Felix C. (2011-07-31). "A survey of main memory acquisition and analysis techniques for the windows operating system". Digital Investigation 8: 3–22. doi:10.1016/j.diin.2011.06.002. https://faui1-files.cs.fau.de/public/publications/postprint-voemel-freiling-memory-survey-2011.pdf. Retrieved 2014-02-16. 
  18. Eijkhoudt, Arnim; Suerink, Tristan (2013). "Uforia: Universal forensic indexer and analyzer". Journal of Computer Virology and Hacking Techniques 9 (2): 59–63. doi:10.1007/s11416-013-0177-4. 
  19. Vomel, Stefan; Lenz, Hermann (2013-03-14). "Visualizing Indicators of Rootkit Infections in Memory Forensics". 2013 Seventh International Conference on IT Security Incident Management and IT Forensics. Ieeexplore.ieee.org. pp. 122–139. doi:10.1109/IMF.2013.12. ISBN 978-1-4673-6307-5. 
  20. "EM-DMKM Case Study Computer and Network Forensics". Cygalski.pl. http://www.cygalski.pl/cv/files/Forensics.pdf. Retrieved 2014-02-16. [yes|permanent dead link|dead link}}]
  21. [2] [|permanent dead link|dead link}}]
  22. "L'investigation numerique" (in fr). Agence-nationale-recherche.fr. http://www.agence-nationale-recherche.fr/Colloques/WISG2013/articles/Article_Larinier.pdf. Retrieved 2014-02-16. 
  23. "Journal of Computer Applications : Vol.31 No.11". Joca.cn. November 2011. http://www.joca.cn/CN/article/downloadArticleFile.do?attachType=PDF&id=15000. Retrieved 2014-02-16. 
  24. "DFRWS 2010 Forensics Challenge Results". Dfrws.org. Archived from the original on 2014-02-03. https://web.archive.org/web/20140203144143/http://dfrws.org/2010/challenge/results.shtml. Retrieved 2014-02-16. 

External links



Retrieved from "https://handwiki.org/wiki/index.php?title=Software:Digital_Forensics_Framework&oldid=3056325"