Electrical Engineers and Image Forensics
Commonly known to be associated with digital as well as other related crimes, the basics of forensic imaging, as it pertains to an electrical engineer’s area of expertise can simply mean that a hard drive is cloned thus making a “copy of a hard drive for the purposes of keeping a record of its contents.
While there can be several advantages and disadvantages to this, there are equally a plethora of tools that electrical engineers have access to that help them in sorting out the various issues that are common to image forensics. This article will attempt to provide a basic overview of the various tools and techniques used by electrical engineers and will also include information on some of the ways attorneys are helping the cause in cracking down on such crimes and related issues.
This tool is a simple to use tool that is free open source software that is capable of analyzing any image type, such as bmp, and provide every known statistic it can as it pertains to the image that has been uploaded into the system. Such stats that are analyzed include static results that details the localization, and various metadata information as it relates to EXIF, IPTC, and more. Moreover, these areas of analysis allows an electrical engineer to see where a particular image originated from as well as things such as the picture’s size and the signature levels of the picture in question.
Digital Forensics Framework
Used universally by professionals and non-experts alike this software is capable of many responsibilities that allows users to gain access to information stored on a given system. There are many benefits of using this software including the cross platform compatibility between Linux and Windows operating systems as well as the ability for the user to tailor the software itself according to the desired needs. Furthermore, some of the software’s capabilities allow users from anywhere to have accessibility to any type of device (local and remote), record information as it pertains to the ownership of any kind of information, and more. All in all, this particular software helps users with collecting and gathering data without destroying the system files and information.
Similar to the model of the WinHex program X-Ways works on nearly every version of Windows, starting as early as Windows XP. While it is mainly used by a professional forensics examiner the software works much like WinHex in that is has many of the same capabilities, functionalities, and responsibilities. Such variables of the X-Ways program provide examiners with the ability to take a closer look at the partitioning and file system structure by way of all .dd images as well as gain access to the running processes of a system to examine the logical memory; there are also several other functionalities that allows an examiner to properly analyze system information. Overall, this program looks at the inner-workings of how a system functions.http://img.wonderhowto.com/img/31/64/63522275154784/0/hack-like-pro-digital-forensics-for-aspiring-hacker-part-1-tools-techniques.1280×600.jpg
Computer Online Forensics Evidence Extractor (COFEE)
Developed for experts in the field of digital forensics this Microsoft based program works on any Windows Operating System via an external hard drive or flash drive. Once installed, the program will run a live analysis that doesn’t require a whole lot of time to complete. During the course of the live analysis the target system looks into any information that is separated from the rest of the information in an effort to gain access to the information that is important to the given situation. This is done through various commands that are used to extract such information. Moreover, access is limited to any law enforcement expert.
Unlike other programs in this list that commonly work to analyze images and other image related files PlainSight seeks to deal with the analyzation of basic system functions sought out by those who are still practicing various forensics techniques. While the main capabilities of this program surrenders itself to the abilities of accessing any type of Internet history, analyzing firewall setups on a Windows system, and more. The program works only with a Linux system and is capable of far more than what is previously stated. Along with its other capabilities, the program can look through and detect information that pertains to storage, memory dumping, and other tasks that are deemed as being in their most simplistic form.
While the majority of this list has provided an overview of the various forensics oriented programs that deals with a typical operating system like Windows or Linux the XRY program is a forensics tool that is capable of analyzing and retrieving information from the most common smartphone.
Compatible with most device operating systems (Android, iPhone, etc.) this program seeks to gather information that is stored on the phone and can even detect and recover lost information including text messages, pictures, and more. The analysis process only works by connecting the phone to the hardware that is connected to the computer and is commonly used to restore and gather information that is of extreme importance.
Continuing with the forensic tools that seeks to analyze mobile information another tool is called Oxygen. like the previously discussed program, this program is also capable of gathering and restoring information on the most common and popular smartphones; blackberry, iPhone, Android, etc. in fact, this particular tool is capable of gathering even more data and information then its competitor. However, while these capabilities are fairly common one uniquely specific type of functionality this program does have is the ability to gather information on the phone itself as well as information on the company and manufacture it oriented from. Such information includes things like the manufacturer and serial numbers, operating system type, and more. Also accessible are call logs, contacts, and calendar information.
Considerably one of the most popular programs in imaging forensics, Encase is a program that ultimately set the stage for where the standards should be as it relates to digital forensics. The program gathers information that can be used as evidence in a quick and efficient way. Moreover, after an analysis has been completed the program will issue a report on the findings produced by the analysis. Some of the benefits that come from using this type of high class program includes a friendly user interface, sharing capabilities, the ability to analyze multiple devices, advanced searches, and much more. Overall, there are several other benefits included making this program a one of a kind capable of doing any type of forensics oriented task.
In conclusion, all of the above stated tools are meant to provide a basic overview for electrical engineers as it pertains to forensics, and more specifically, imaging and digital forensics. This particular field operates in a manner that reveals crimes computer and other technology related crimes by gathering information from devices such as a smartphone, home computer, or laptop. While the majority of the discussed forensics programs listed above dealt with computer systems, there were a couple that were more exclusive to mobile technologies. Furthermore, some of the most common capabilities of these programs include information gathering and restoration as well as hard drive cloning, and much more.