Digital Forensics: la prospettiva di un informatico

Journal title SICUREZZA E SCIENZE SOCIALI
Author/s Alessando Amoroso
Publishing Year 2018 Issue 2017/3 Language Italian
Pages 17 P. 110-126 File size 228 KB
DOI 10.3280/SISS2017-003010
DOI is like a bar code for intellectual property: to have more infomation click here

Below, you can see the article first page

If you want to buy this article in PDF format, you can do it, following the instructions to buy download credits

Article preview

FrancoAngeli is member of Publishers International Linking Association, Inc (PILA), a not-for-profit association which run the CrossRef service enabling links to and from online scholarly content.

This paper presents some considerations by a computer scientist that is also a digital forensic practitioner. Those considerations arise from some years of consultancy. One of the main topic for this kind of science is the capability to communicate between two different disciplines, that share few common points.

Keywords: Digital forensics; scientific rigorousness; international standards; best practices; recurrent cases; basic tools.

  1. ACCESSDATA (2014, Giugno). FTK Imager. Testo disponibile al sito: http://accessdata.com/product-download/digital-forensics/ftk-imager-version-3.2.0. Data di consultazione: 2 Dicembre 2017.
  2. ACCESSDATA (2017). Forensic Toolkit (FTK). Testo disponibile al sito: http://accessdata.com/solutions/digital-forensics/forensic-toolkit-ftk. Data di consultazione: novembre 2017.
  3. ACPO (2003). Good Practice Guide for Computer-Based Electronic Evidence. Official release version 4. London, UK: Association of Chief Police Officers (ACPO) E-Crime working Group.
  4. Ajijola A., Zvarsky P., Ruhl R. (2014). A Review and Comparative Evaluation of Forensics Guidelines of NIST SP 800-Rev.1:2014 and ISO/IEC 27037:20123. World Congress on Internet Security (WorldCIS-2014) (p. 66-73). Piscataway: IEEE.
  5. ARC Group (2014). ProDiscover Forensics Edition. Testo disponibile al sito: http://www.arcgroupny.com/products/prodiscover-forensic-edition/. Data di consultazione: 4 dicembre 2017.
  6. Ayers R., Brothers S., Jansen W. (2014). Guidelines on Mobile Device Forensics – Revision 1. Gaithersburg, MD, USA: National Institute of Standards and Technology U.S. Department of Commerce.
  7. Barret D., Kipper G. (2010). Virtualization and Forensics. A digital Forensics Investigator's Guide to Virtual Environments. Burlington, MA, USA: Syngress - Elsevier.
  8. Basis Technology (2017). Autopsy digital forensics. Testo disponibile al sito: https://www.autopsy.com. Data di consultazione: 1 dicembre 2017.
  9. BLACKBAG (2017). BlackLigth. Testo disponibile al sito: https://www.blackbagtech.com/software-products/blacklight.html. Data di consultazione: settembre 2017.
  10. C.A.IN.E. (2017). C.A.IN.E 9. Testo disponibile al sito: http://www.caine-live.net. Data di consultazione: 5 dicembre 2017.
  11. Carrier B. (2005). File System Forensic Analysis. Upper Saddle River, NJ, USA: Pearson Education.
  12. Casey E., a cura di (2011). Handbook of digital forensics and investigation. Burlington, MA, USA: Academic Press - Elsevier.
  13. Casey E. (2011). Language in computer crime investigation. In E. Casey (A cura di), Digital Evidence and Computer Crime. Forensic science, computers and the internet. (3-th ed.). Burlington, MA, USA: Elsevier.
  14. Costa G., De Franceschi A. (2017). Xplico Network Forenisc Analysis Tool. Testo disponibile al sito: http://www.xplico.org. Data di consultazione: 4 dicembre 2017.
  15. Daniel L. E., Daniel L. E. (2012). Digital Forensics for Legal Professionals. Waltman, MA, USA: Syngress - Elsevier.
  16. DEFT (2014). DEFT. Testo disponibile al sito: http://www.deftlinux.net. Data di consultazione: 5 dicembre 2017.
  17. DOJ (2008). Electronic Crime Scene Investigation: A Guide for First Responders, Second Edition. Rockville, MD, USA: U.S. Department of Justice. Office of Justice Department.
  18. Farmer D., Vanema W. (2005). Forensic Discovery. Upper Saddle River, NJ, USA: Pearson Education Inc.
  19. Garfinkel S., Spafford G., Schwartz, A. (2003). Practical Unix & Internet Security. Sebastopol, CA, USA: O' Reilly & Associates, Inc.
  20. Grossi P. (2003). La prima lezione di diritto. Bari: Editori Laterza.
  21. Guidance Software (2017). EnCase Forensic. Testo disponibile al sito: https://www.guidancesoftware.com/encase-forensic. Data di consultazione: novembre 2017.
  22. Hoog A., Strzempka K. (2011). iPhone and iOS Forensics. Investigation, Analysis and Mobile Security for Apple iPhone, iPad and iOS Devices. Burlington, MA, USA: Syngress - Elsevier.
  23. ISO/IEC (2011). International standard ISO/IEC 27035 Information technology – Security techniques - Information security incident management. Geneve, CH: International Organization for Standardization/International Electrotechnical Commission.
  24. ISO/IEC (2012). International standard ISO/IEC 27037 Information technology – Security techniques - Guidelines for identification, collection, acquisition, and preservation of digital evidence. First edition. Geneve, CH: International Organization for S tandardization/International Electrotechnical Commission.
  25. ISO/IEC (2015a). International standard ISO/IEC 27041 Information technology – Security techniques - Guidance on assuring suitability and adequacy of incident investigative method. First edition. Geneva, CH: International Organization for Standardization/International Electrotechnical Commission.
  26. ISO/IEC (2015b). International standard ISO/IEC 27042 Information technology – Security techniques - Guidelines for the analysis and interpretation of digital evidence. First edition. Geneva, CH: International Organization for Standardization/International Electrotechnical Commission.
  27. ISO/IEC (2015c). International standard ISO/IEC 27043 Information technology – Security techniques - Incident investigation principles and processes. First edition. Geneva, CH: International Organization for Standardization/International Electrotechnical Commission.
  28. Jones K. J., Bejtlich R., Rose C. W. (2006). Real Digital Forensics. Computer Security and Incident Response. Upper Saddle River, NY, USA: Pearson Education Inc.
  29. Jones R. (2005). Internet Forensics. Use Digital Evidence to Solve Computer Crime. Sebastopol, CA, USA: O'Reilly Media, Inc.
  30. Luttgens J. T., Pepe M., Mandia K. (2004). Incident response & computer forensics (Third ed.). Columbus, OH, USA: McGraw Hil Education.
  31. Morrissey S. (2010). iOS Forensics Analysis. New York, NY, USA: Apress – Springer Science+Business Media.
  32. Nelson B., Philips A., Steuart C. (2015). Guide to Computer Forensics and Investigations. Processind digital evidence. Boston, MA, USA: Cengage Learning.
  33. NIST (2015, August 11). Computer Forensics Tool Testing (CFTT) Project. Testo disponibile al sito: https://www.cftt.nist.gov/index.html. Data di consultazione: 4 dicembre 2016.
  34. NIST (2017, March 6). Computer Forensics Tool Catalog. Testo disponibile al sito: https://toolcatalog.nist.gov. Data di consultazione: 5 dicembre 2017.
  35. Polstra P. (2016). Windows Forensics with Python Scripting. Germany: Pentester Academy.
  36. Sammons, J., & Daniel, L. (2017). Digital Forensics Trial Graphics. London, UK: Academic Press - Elsevier.
  37. SANS DFIR (2008). Investigative Forensic Toolkit (SIFT) Workstation Version 3. Testo disponibile al sito: https://digital-forensics.sans.org/community/downloads. Data di consultazione: aprile 2017.
  38. Solomon M. G., Rudolph K., Tittel E., Brown N., Barret D. (2011). Computer Forensics Jump Start. Hoboken, NY, USA: SYBEX Inc.
  39. USSS (2006). Best Practices For Seizing Electronic Evidence. A Pocket Guide for First Responders. v3. Washington, DC, USA: U.S. Department of Homeland Security – United States Secret Service.
  40. X-Ways (2017). X-Ways Forensics: Integrated Computer Forensics Software. Testo disponibile al sito: http://www.x-ways.net/forensics/. Data di consultazione: novembre 2017.

Alessando Amoroso, Digital Forensics: la prospettiva di un informatico in "SICUREZZA E SCIENZE SOCIALI" 3/2017, pp 110-126, DOI: 10.3280/SISS2017-003010