Forensic implications of Ext4

Authors:
Kevin D. Fairbanks;Christopher P. Lee;Henry L. Owen, III
Affiliations:
Georgia Institute of Technology, Atlanta, GA;Georgia Institute of Technology, Atlanta, GA;Georgia Institute of Technology, Atlanta, GA
Venue:
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Year:
2010

Citing 2
Cited 0

Planned Extensions to the Linux Ext2/Ext3 Filesystem

Proceedings of the FREENIX Track: 2002 USENIX Annual Technical Conference
File System Forensic Analysis

File System Forensic Analysis

Quantified Score

Hi-index	0.00

Visualization

Abstract

Ext4 has become the default file system on popular Linux distributions; this means that it will be the subject of digital forensic investigations. In this paper a brief overview of Ext4 is given followed by a discussion of how the differences between it and its predecessors affects file system forensics. The new file system presents some unique challenges not only to digital forensics but to privacy in general. Therefore, strides must be made in the open source forensic community for its support.