Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Forensics Tool Catalog: Connecting Users With the Tools They Need AAFS –February 21, 2013 Ben Livelsberger NIST Information Technology Laboratory.

Published byMoses Harris Modified over 9 years ago

Similar presentations

Presentation on theme: "Computer Forensics Tool Catalog: Connecting Users With the Tools They Need AAFS –February 21, 2013 Ben Livelsberger NIST Information Technology Laboratory."— Presentation transcript:

1 Computer Forensics Tool Catalog: Connecting Users With the Tools They Need AAFS –February 21, 2013 Ben Livelsberger NIST Information Technology Laboratory CFTT Project

2 Disclaimer Certain trade names and company products are mentioned in the text or identified. In no case does such identification imply recommendation or endorsement by the National Institute of Standards and Technology, nor does it imply that the products are necessarily the best available for the purpose. Neither NIST nor myself has financial interest in any of the real products mentioned as part of this talk.

3 Overview Introduction How the Catalog Works Features / Benefits Website Demo ConclusionSponsorsQuestions

4 Introduction: The Perfect Tool Idea: one tool that does everything Reality: need a bunch of tools Solution: an effective way for connecting practitioners to the tools they need

5 How Does the Tool Catalog Work? It’s taxonomy-driven Taxonomy: Forensic functionalities + associated technical parameters and technical parameter values Example: Deleted File Recovery Technical Parameters: Technical Parameters: “ Tool host OS / runtime environment ”: Windows, Linux, Mac “ Tool host OS / runtime environment ”: Windows, Linux, Mac “ Supported file systems ”: FAT16, FAT32, NTFS, exFAT, EXT3 “ Supported file systems ”: FAT16, FAT32, NTFS, exFAT, EXT3 “ Overwritten file identification ”: supported, not supported “ Overwritten file identification ”: supported, not supported

6 Taxonomy-driven: benefits It’s searchable It’s searchable Uniform information across tools Uniform information across tools It’s vendor populated It’s vendor populated tool info more accurate, easier to collect tool info more accurate, easier to collect tool submissions reviewed at NIST before posting tool submissions reviewed at NIST before posting field to list available test reports field to list available test reports

7 Demo

8 Conclusion Purpose: connect practitioners w/ the tools they need Taxonomy driven, searchable, vendor populated Spread the word. Ask vendors you work with to list their tools. Give us feedback; tell us what you like/don’t like.

9 Project Sponsors Department of Homeland Security, Science and Technology Directorate (Major funding) NIST/OLES (Program management)

10 Contacts Computer Forensics Tool Catalog: www.cftt.nist.gov/tool_catalog/index.php www.cftt.nist.gov/tool_catalog/index.php Ben Livelsbergerwww.cftt.nist.gov livebe01@nist.govcftt@nist.gov Sue Ballou, Office of Law Enforcement Standards susan.ballou@nist.gov

11 Questions?

Download ppt "Computer Forensics Tool Catalog: Connecting Users With the Tools They Need AAFS –February 21, 2013 Ben Livelsberger NIST Information Technology Laboratory."

Similar presentations

The Messy World of Grey Literature in Cyber Security 8 th Grey Literature Conference 4-5 December 2006 New Orleans, Louisiana Patricia Erwin – I3P Senior.

The Messy World of Grey Literature in Cyber Security 8 th Grey Literature Conference 4-5 December 2006 New Orleans, Louisiana Patricia Erwin – I3P Senior.
A Strategy for Testing Hardware Write Block Devices James R Lyle National Institute of Standards and Technology.

A Strategy for Testing Hardware Write Block Devices James R Lyle National Institute of Standards and Technology.
Specific hardware and software products identified in this report were used in order to perform the evaluations described. In no case does such identification.

Specific hardware and software products identified in this report were used in order to perform the evaluations described. In no case does such identification.
Presentation. Contemporary Communication Fast – connects us quickly without delays Reliable – works always Global – connects us with the whole world Low.

Presentation. Contemporary Communication Fast – connects us quickly without delays Reliable – works always Global – connects us with the whole world Low.
Jim Lyle National Institute of Standards and Technology.

Jim Lyle National Institute of Standards and Technology.
Deleted File Recovery Tool Testing Results Jim Lyle NIST 2/21/13AAFS -- Washington 1.

Deleted File Recovery Tool Testing Results Jim Lyle NIST 2/21/13AAFS -- Washington 1.
Using Scan and Read Pro. CTWorks Assistive Technology This presentation is intended to provide information about and how to use the assistive technology.

Using Scan and Read Pro. CTWorks Assistive Technology This presentation is intended to provide information about and how to use the assistive technology.
Creating Deleted File Recovery Tool Testing Images Jim Lyle National Institute of Standards and Technology.

Creating Deleted File Recovery Tool Testing Images Jim Lyle National Institute of Standards and Technology.
Assistive Technologies That Help Job Seekers with Disabilities.

Assistive Technologies That Help Job Seekers with Disabilities.
Homeland Security 11 1) IT Security Courseware and Hands-on Labs, via Virtual Training Environment (VTE) 2) Federal Cybersecurity Training Exercise Program.

Homeland Security 11 1) IT Security Courseware and Hands-on Labs, via Virtual Training Environment (VTE) 2) Federal Cybersecurity Training Exercise Program.
Disclaimer Certain trade names and company products are mentioned in the text or identified. In no case does such identification imply recommendation.

Disclaimer Certain trade names and company products are mentioned in the text or identified. In no case does such identification imply recommendation.
DTIC Overview Mr. Al Astley Defense Technical Information Center Director, Information Science & Technology June 3, 2010 Approved for Public Release U.S.

DTIC Overview Mr. Al Astley Defense Technical Information Center Director, Information Science & Technology June 3, 2010 Approved for Public Release U.S.
14 May 2010Montana Supreme Court Spring Training Conference 1 Verification of Digital Forensic Tools Jim Lyle Project Leader: Computer Forensic Tool Testing.

14 May 2010Montana Supreme Court Spring Training Conference 1 Verification of Digital Forensic Tools Jim Lyle Project Leader: Computer Forensic Tool Testing.
An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.

An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.
Forensic Tool Testing Results Jim Lyle National Institute of Standards and Technology.

Forensic Tool Testing Results Jim Lyle National Institute of Standards and Technology.
Federated Testing: Well-Tested Tools, Shared Test Materials & Shared Test Reports; The Computer Forensics Tool Catalog Website: Connecting Forensic Examiners.

Federated Testing: Well-Tested Tools, Shared Test Materials & Shared Test Reports; The Computer Forensics Tool Catalog Website: Connecting Forensic Examiners.
James Tam Introduction To CPSC 203 James Tam Administrative (James Tam) Contact Information -Office: ICT 707 -

James Tam Introduction To CPSC 203 James Tam Administrative (James Tam) Contact Information -Office: ICT 707 -
Alcatel Customized Training Site David Otero University of San Diego MSIT 526 Dr. Carl Rebman.

Alcatel Customized Training Site David Otero University of San Diego MSIT 526 Dr. Carl Rebman.
Graphic File Carving Tool Testing Jenise Reyes-Rodriguez National Institute of Standards and Technology AAFS - February 19 th, 2015.

Graphic File Carving Tool Testing Jenise Reyes-Rodriguez National Institute of Standards and Technology AAFS - February 19 th, 2015.
Mobile Device Forensics Rick Ayers. Disclaimer  Certain commercial entities, equipment, or materials may be identified in this presentation in order.

Mobile Device Forensics Rick Ayers. Disclaimer  Certain commercial entities, equipment, or materials may be identified in this presentation in order.

Similar presentations

Ads by Google