Abstract
The performance evaluation in terms of digital forensics tools and software can be characterized as challenging research area due to constant development of technology in the digital world and rise of various manners in which it can be utilized for illegal purposes. There are many developed tools and software for digital forensics, some of them available for a license, and some of them free of charge. However, given that some practitioners from this field argue for commercial while others for open-source software, the reliability of the digital evidence which is collected, analyzed, and presented by both is constantly questioned. Motivated by the dilemma which tool or software for extracting digital evidence to use, we have conducted the review of the existing studies which directed us towards the examination of the performance of two different types of digital forensics tools: open-source (Linux Autopsy Sleuth Kit) and commercial (Magnet Axiom). The results of the research showed that the open-source digital forensics tool has better performance in comparison to the commercial one. In addition to this conclusion which can be useful for further investigations and research in both practical digital forensics and academic community, we also provide open issues to be addressed in the future.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Baraković, S., Baraković Husić, J.: We have problems for solutions: the state of cybersecurity in Bosnia and Herzegovina. Inf. Secur.: Int. J. 32, 131–154 (2015)
Baraković, S., Kurtović, E., Božanović, O., Mirojević, A., Ljevaković, S., Jokić, A., Peranović, M., Baraković Husić, J.: Security issues in wireless networks: an overview. In: 11th International Symposium on Telecommunications (BIHTEL 2016) (2016)
Garfinkel, S.L.: Digital forensics research: the next 10 years. Digit. Investig. 7, 64–73 (2010)
Erbacher, R.B.: Validation for digital forensics. In: 7th International Conference on Information Technology: New Generations (2010)
Ayers, D.: A second generation computer forensic analysis system. Digit. Investig. 6, 34–42 (2009)
SIFT Workstation. https://digital-forensics.sans.org/community/downloads. Accessed March 2019
Autopsy Sleuth Kit. https://www.sleuthkit.org/autopsy/. Accessed March 2019
Data Dumper. https://perldoc.perl.org/Data/Dumper.html. Accessed March 2019
Magnet Axiom. https://www.magnetforensics.com/products/magnet-axiom/. Accessed March 2019
Forensic Toolkit (FTK). https://accessdata.com/products-services/forensic-toolkit-ftk. Accessed March 2019
EnCase Forensics. https://www.guidancesoftware.com/encase-forensic Accessed March 2019
Cellebrite UFED Ultimate. https://www.cellebrite.com/en/products/ufed-ultimate/. Accessed March 2019
WinHex: Computer Forensics & Data Recovery Software, Hex Editor & Disk Editor. https://www.x-ways.net/winhex/. Accessed March 2019
Wilsdon, T., Slay, J.: Validation of forensic computing software utilising black box testing techniques. In: Australian Digital Forensics Conference (2006)
NIST, Digital Data Acquisition Tool Specification (v4.0). Technical Report (2004)
Guo, Y., Slay, J.: Computer forensic functions testing: media preparation, write protection and verification. J. Digit. Forensics Secur. Law 5(2), 5–20 (2010)
SWGDE/SWGIT, Guidelines & Recommendation for Training in Digital & Multimedia Evidence (2009)
Computer Hope. https://www.computerhope.com/issues/ch001789.htm. Accessed March 2019
Olivier, M.: On a scientific theory of digital forensics. In: IFIP International Conference on Digital Dorensics (2016)
NIST, Digital Data Aqusition Tool Test Assertions and Test Plan (v1.0). Technical Report (2005)
NIST, Computer Forensics Tool Testing (CFTT). http://www.cftt.nist.gov. Accessed March 2019
Bellin, K., Creutzburg, R.: Concept of a master course for IT and media forensics part II: android forensics. In: 9th International Conference of IT Security Incident Management and IT Forensics (2015)
Siddique, A., Alam, M.A., Chaudhary, O.: A proposed structured digital investigation and documentation model (DIDM). Int. J. Adv. Res. Comput. Sci. 8(7) (2010)
Padmanabhan, R., Lobo, K., Ghelani, M., Sujan, D., Shirole, M.: Comparative analysis of commercial and open source mobile device forensics tools. In: 9th International Conference on Contemporary Computing (IC3) (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Dizdarević, A., Baraković, S., Baraković Husić, J. (2020). Examination of Digital Forensics Software Tools Performance: Open or Not?. In: Avdaković, S., Mujčić, A., Mujezinović, A., Uzunović, T., Volić, I. (eds) Advanced Technologies, Systems, and Applications IV -Proceedings of the International Symposium on Innovative and Interdisciplinary Applications of Advanced Technologies (IAT 2019). IAT 2019. Lecture Notes in Networks and Systems, vol 83. Springer, Cham. https://doi.org/10.1007/978-3-030-24986-1_35
Download citation
DOI: https://doi.org/10.1007/978-3-030-24986-1_35
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-24985-4
Online ISBN: 978-3-030-24986-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)