Skip to main content
SpringerLink
Log in

Open Source Live Distributions for Computer Forensics

  • Conference paper
  • First Online:
Open Source Software for Digital Forensics

Abstract

Current distributions of open source forensic software provide digital investigators with a large set of heterogeneous tools. Their use is not always focused on the target and requires high technical expertise. We present a new GNU/Linux live distribution, named CAINE (Computer Aided INvestigative Environment) that contains a collection of tools wrapped up into a user friendly environment. The CAINE forensic framework introduces novel important features, aimed at filling the interoperability gap across different forensic tools. Moreover, it provides a homogeneous graphical interface that drives digital investigators during the acquisition and analysis of electronic evidence, and it offers a semi-automatic mechanism for the creation of the final report.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    “If security is to be taken seriously, only those operating systems should be used, whose source code has been published and checked, since only then can it be determined with certainty what happens to the data.” Temporary Committee on the ECHELON Interception System. European Parliament, 4 May 2001.

References

  1. US Department of Justice (2001) Electronic Crime Scene Investigation: A Guide for First Responders. US Department of Justice

    Google Scholar 

  2. US Department of Justice (2004) Forensic Examination of Digital Evidence: A Guide for Law Enforcement. US Department of Justice

    Google Scholar 

  3. Carvey H (2207) Perl Scripting for Windows Security: Live Response, Forensic Analysis, and Monitoring. Syngress Publishing Inc.

    Google Scholar 

  4. Lacouture PV (1996) Discovery and the use of computer-based information in litigation. Rhode Island Bar Journal

    Google Scholar 

  5. Carrier B (2005) File System Forensic Analysis. Addison Wesley Professional

    Google Scholar 

  6. Solomon MG, Barrett D, Broom N (2005) Computer Forensics JumpStart. Sybex

    Google Scholar 

  7. Walsh N, Muellner L. (2007) DocBook 5.0: The Definitive Guide. O’Reilly

    Google Scholar 

  8. Chamberlain D, Cross D, Wardley A (2003) Perl Template Toolkit. O’Reilly

    Google Scholar 

  9. Foy BD, Phoenix T, Schwartz RL (2005) Learning Perl, 4th Edition. O’Reilly

    Google Scholar 

  10. Nagler R (2004) Extreme Programming in Perl. Robert Nagler

    Google Scholar 

  11. International Association of Chiefs of Police Advisory Committee for Police Investigative Operations (2005) Best Practices for Seizing Electronic Evidence. PricewaterhouseCoopers LLP

    Google Scholar 

  12. Nolan R, O’Sullivan C, Branson J, Waits C (2005) First Responders Guide to Computer Forensics. CERT Training and Education

    Google Scholar 

  13. The Internet Crime Complaint Center (2007) 2006 Internet Fraud Crime Report. National White Collar Crime Center & FBI

    Google Scholar 

  14. Computer Crime and Intellectual Property Section - Criminal Division (2002) Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations. US Department of Justice

    Google Scholar 

  15. Geiger M, Cranor LF (2005) Counter-Forensic Privacy Tools - A Forensic Evaluation. Carnegie Mellon University

    Google Scholar 

  16. Gleason BJ, Fahey D (2006) Helix 1.7 for Beginners. http://www.e-fense.com/

  17. FBI: Computer Analysis and Response Team (2007) http://www.fbi.gov/hq/lab/org/cart.htm.

  18. Robbins J (2007) An Explanation of Computer Forensics. http://www.computerforensics.net/forensics.htm.

  19. Richard Ford R (2007) Open vs. Closed: Which Source is More Secure? ACM Queue, February 2007

    Google Scholar 

  20. Hiong GS (2004) Open source vs commercial apps: the differences that matter. ZDNet Asia, October 2004

    Google Scholar 

  21. The Sleuth Kit. http://www.sleuthkit.org/.

  22. Honeynet. http://www.honeynet.org/scans/scan24/.

  23. DEFT v3. http://deft.yourside.it/

  24. Helix Live CD. http://www.e-fense.com/helix/

  25. FCCU GNU/Linux Forensic Boot CD. http://www.lnx4n6.be/

  26. EnCase Forensic. http://www.guidancesoftware.com/

  27. Forensic Toolkit. http://www.accessdata.com/Products/ftk2test.aspx.

  28. Foremost. http://foremost.sourceforge.net/

  29. Scalpel: A Frugal, High Performance File Carver. http://www.digitalforensicssolutions.com/Scalpel/

Download references

Author information

Authors and Affiliations

  1. Department of Information Engineering, University of Modena and Reggio Emilia, Modena, Italy

    Giancarlo Giustini, Mauro Andreolini & Michele Colajanni

Authors
  1. Giancarlo Giustini
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mauro Andreolini
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Michele Colajanni
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Giancarlo Giustini .

Editor information

Editors and Affiliations

  1. Computer Forensis Consulting, Great Western Highway 324, Warrimoo, 2774, Australia

    Ewa Huebner

  2. Dipto. Elettronica e Informazione (DEI), Politecnico di Milano, Via Ponzio 34/5, Milano, 20133, Italy

    Stefano Zanero

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer Science+Business Media, LLC

About this paper

Cite this paper

Giustini, G., Andreolini, M., Colajanni, M. (2010). Open Source Live Distributions for Computer Forensics. In: Huebner, E., Zanero, S. (eds) Open Source Software for Digital Forensics. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5803-7_5

Download citation

  • DOI: https://doi.org/10.1007/978-1-4419-5803-7_5

  • Published:

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-1-4419-5802-0

  • Online ISBN: 978-1-4419-5803-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation