Web
site
Home
About C-DAC
Products
Downloads
Training
Contact Us
About C-DAC
CyberCheck
E-mailTracer
TrueBack
CyberInvestigator
TrueImager
TrueTraveller
Advik CDR Analyzer
Network Session Analyzer
MobileCheck
SIMXtractor
Win-LiFT
Win-LiFTAnalyzer
Win-LiFTImager
Thursday, April 18, 2024
Home
>
Hardware Forensics
Themes:
Default
Orange
Plain
.:: Members Area ::.
User Name:
Password:
Remember Me
Forgot Password ?
Sign Up
.:: Navigation
E-MailTracer
Procedure
Photo Gallery
.:: Featured
Press Release
Laws and Rules
FAQ
.:: Support
Help Desk
Enquiry
Request For CD
Providing Solution
Contact us
Hardware Forensics
Evidence is an important factor in any investigations. Forensics investigations rely on this method. The evidence will prove vital for the success of investigation. Data or information should be communicated accurately in an investigation. Computer forensics depends on evidence in the form of bits and bytes for a case analysis. The bits and bytes reside on the storage medium of a digital device. Devices come in a variety of formats as PCs, Servers, Mobile Phones, Sim Cards, Memory Cards, iPods, Routers and more to come. Forensic experts always look on the data as a vital part in their analysis. In essence the data should be identified and reproduced with zero percentage of error. Two methods are widely adopted in acquiring data from a digital device.
Software Methods
Hardware Methods
Both the methods are interdependent and a clear-cut classification is not possible. The following discusses the different hardware forensics techniques in use and the theory underlying it.
Rule of forensics
The golden rule of forensics states that we cannot work on the suspect device. It should be copied and any analysis should be done on the copy of the original one. The data should be copied at the earliest. There should not be any tampering of the suspect device. Hence design of any forensic tool should take into consideration these factors.
A Drive Lock Scenario.
An important requirement in forensics is a drive lock. This device should lock the suspect drive as to avoid any contamination of data. Software locking is possible by blocking any write operations. This requires a PC or a laptop running the software to be carried along with the investigator every time. An improper functioning of the software can cause difficulty in acquiring. Hardware methods that substitute the software techniques will be compact and easy to use. The device will be powered from the source or from the suspect machine itself. The hardware into the development should have all possible connectors available.
Hard Disk Scenario
Acquiriring a hard disk using software methods depend on a software running on a PC. The computation speed of the device depends on the processing capability of the processor. The acquiring of a 80 GB hard disk takes roughly 4 hours. The processing capacity of processors has increased with shrinkage in sizes. This can be taken into advantage for the design of speedy acquisition devices. A portable unit would be a better ease to the investigator. So development of an embedded acquisition device will be an advantage in time and cost for the investigator.
Sim Card scenario.
GSM Mobile phones use Sim Cards as an important agent in connecting to the network. Details on the network and connections can be obtained from the Sim Card. There need to be device to read out the details in the Sim Card. This requires a combination of hardware and software. Sim Card details should be also copied and replicated further for analysis.
Advantages of hardware tools in forensics
Embedded development is done which saves the space and time.
The products will be portable.
Speedy acquisition of digital datas can be done.
Development at RCCF, CDAC
RCCF is on the way to develop indigenous hardware tools for forensic acquisition. Current activites include development of Hard Disk acquisition tool, Forensic Sim Card Reader and Drive Lock.
.:: News ::.
75 Azadi Ka Amrit Mahotsav-AKAM competition
Digital Evidence Handling during Covid-19
Training Programmes
CDAC unearthed duty-free shop scam
.:: Popular Links ::.
National Police Academy
Central Bureau of Investigation
Kerala Police
Indian Institute of Science
Directorate of Forensic Science Laboratory
.:: Downloads ::.
MobileCheck Brochure
Net Force Suite Brochure
Win-LiFT Brochure
TrueImager Brochure
TrueTraveller Brochure
Known File Hash Library
F-DAC 1.0
F-RAn 1.0
TrueBackLin
Advik CDRAnalyzer Brochure
CyberCheck Suite Brochure
PhotoExaminer Brochure
CyberCheckLite Brochure
MobileCheckPlus Brochure
.::More::.
Feedback
|
Contact Us
|
About RCCF
|Legal |For Journalists
Last Updated: THURSDAY, 25 JANUARY, 2024, © 2022 C-DAC Thiruvananthapuram. All rights reserved.
Terms of Use
|
Trademarks
|
Privacy Statement