HMWK-NIST

HMWK-NIST - Click to edit Master subtitle style 4/7/11...

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Click to edit Master subtitle style 4/7/11 4/7/11 11 Computer Forensics Tool Testing at NIST Jim Lyle Information Technology Laboratory Phone: (301) 975-3207 E-mail: JLYLE@NIST.GOV WWW: http://www.cftt.nist.gov 4/7/11 4/7/11 22 Computers &The Internet l Marvelous tools l Improve quality of life l Enable global communication l Improve productivity l Makes many activities easer, faster, l even criminal activity 4/7/11 4/7/11 33 A Shocking Revelation . . . Computers can be involved in crime l As a victim l As a weapon l As a witness l As a record l As contraband 4/7/11 4/7/11 44 Outline of an Investigation l Get proper authorization l Seize evidence (Hard drives, floppies ) l Create duplicates for analysis l Analyze the duplicates Exclude known benign files Examine obvious files Search for hidden evidence l Report results 4/7/11 4/7/11 55 Investigators Need Computer forensic investigators need tools that l Work as they should l Produce results admissible in court 4/7/11 4/7/11 66 Admissible Results l Software tools must meet Daubert criteria Tested: accurate, reliable & repeatable Peer reviewed Generally accepted methodology 4/7/11 4/7/11 77 Response to Problem l Independent testing of forensic tools l Public review of results l Apply black box testing theory to tools 4/7/11 4/7/11 88 Goals of CF at NIST l Establish methodology for testing computer forensic tools (CFTT) l Provide international standard reference data that tool makers and investigators can use in an investigations (NSRL) 4/7/11 4/7/11 99 Why NIST/ITL is involved Mission: Assist federal, state & local agencies NIST is a neutral organization not law enforcement or vendor NIST provides an open, rigorous process 4/7/11 4/7/11 1010 Project Sponsors l NIST/OLES (Program management) l NIJ (Major funding) l FBI (Additional funding)...
View Full Document

Page1 / 38

HMWK-NIST - Click to edit Master subtitle style 4/7/11...

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online