Mastersthesis
Enabling the Remote Acquisition of Digital Forensic Evidence through Secure Data Transmission and Verification
Contribution Summary
The Remote Acquisition Forensic Tool (RAFT) is designed to facilitate digital forensic investigators by remotely gathering evidence through a secure, verifiable client/server imaging architecture. RAFT aims to reduce the time wasted in on-site collection of computer equipment by allowing law enforcement officers to transfer images from suspect computers directly to a forensic laboratory for analysis. The system ensures that the evidence gathered is court admissible by verifying its integrity and authenticity, making it a valuable tool in digital forensic investigations.
Keywords: Digital Forensics; Remote Evidence Acquisition; Secure Data Transmission; Court-Admissible Evidence; Forensic Investigation; Cybercrime; Digital Evidence
Abstract
Providing the ability to any law enforcement officer to remotely transfer an image from any suspect computer directly to a forensic laboratory for analysis, can only help to greatly reduce the time wasted by forensic investigators in conducting on-site collection of computer equipment. RAFT (Remote Acquisition Forensic Tool) is a system designed to facilitate forensic investigators by remotely gathering digital evidence. This is achieved through the implementation of a secure, verifiable client/server imaging architecture. The RAFT system is designed to be relatively easy to use, requiring minimal technical knowledge on behalf of the user. One of the key focuses of RAFT is to ensure that the evidence it gathers remotely is court admissible. This is achieved by ensuring that the image taken using RAFT is verified to be identical to the original evidence on a suspect computer.
BibTeX
@mastersthesis{scanlon2009RemoteAcquisition,
author = {Mark Scanlon},
title = "{Enabling the Remote Acquisition of Digital Forensic Evidence through Secure Data Transmission and Verification}",
booktitle = "{MSc Thesis}",
school = {School of Computer Science},
year = 2009,
address = {University College Dublin},
url={https://www.markscanlon.co/papers/EnablingRemoteEvidenceAcquisition.php},
month = 09,
abstract="{Providing the ability to any law enforcement officer to remotely transfer an image from any suspect computer directly to a forensic laboratory for analysis, can only help to greatly reduce the time wasted by forensic investigators in conducting on-site collection of computer equipment. RAFT (Remote Acquisition Forensic Tool) is a system designed to facilitate forensic investigators by remotely gathering digital evidence. This is achieved through the implementation of a secure, verifiable client/server imaging architecture. The RAFT system is designed to be relatively easy to use, requiring minimal technical knowledge on behalf of the user. One of the key focuses of RAFT is to ensure that the evidence it gathers remotely is court admissible. This is achieved by ensuring that the image taken using RAFT is verified to be identical to the original evidence on a suspect computer.}"
}