Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Inter-Packet Delay Based Correlation for Tracing Encrypted Connections through Stepping Stones
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Active Traffic Analysis Attacks and Countermeasures
ICCNMC '03 Proceedings of the 2003 International Conference on Computer Networks and Mobile Computing
The session token protocol for forensics and traceback
ACM Transactions on Information and System Security (TISSEC)
ACM Transactions on Internet Technology (TOIT)
Remote Physical Device Fingerprinting
IEEE Transactions on Dependable and Secure Computing
Sybilproof reputation mechanisms
Proceedings of the 2005 ACM SIGCOMM workshop on Economics of peer-to-peer systems
Tracking anonymous peer-to-peer VoIP calls on the internet
Proceedings of the 12th ACM conference on Computer and communications security
Hot or not: revealing hidden services by their clock skew
Proceedings of the 13th ACM conference on Computer and communications security
Dictionary attacks using keyboard acoustic emanations
Proceedings of the 13th ACM conference on Computer and communications security
Inferring the source of encrypted HTTP connections
Proceedings of the 13th ACM conference on Computer and communications security
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
DSSS-Based Flow Marking Technique for Invisible Traceback
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Highly efficient techniques for network forensics
Proceedings of the 14th ACM conference on Computer and communications security
On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoq Code Hopping Scheme
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Ether: malware analysis via hardware virtualization extensions
Proceedings of the 15th ACM conference on Computer and communications security
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
Lest we remember: cold-boot attacks on encryption keys
Communications of the ACM - Security in the Browser
De-anonymizing the internet using unreliable IDs
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
A new cell counter based attack against tor
Proceedings of the 16th ACM conference on Computer and communications security
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Compromising electromagnetic emanations of wired and wireless keyboards
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Trail of bytes: efficient support for forensic analysis
Proceedings of the 17th ACM conference on Computer and communications security
Software on the witness stand: what should it take for us to trust it?
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
Strengthening forensic investigations of child pornography on P2P networks
Proceedings of the 6th International COnference
The problem isn't attribution: it's multi-stage attacks
Proceedings of the Re-Architecting the Internet Workshop
Do incentives build robustness in bit torrent
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Forensic triage for mobile phones with DEC0DE
SEC'11 Proceedings of the 20th USENIX conference on Security
The growing need for on-scene triage of mobile devices
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Forensic investigation of the OneSwarm anonymous filesharing system
Proceedings of the 18th ACM conference on Computer and communications security
Measurement and analysis of child pornography trafficking on P2P networks
Proceedings of the 22nd international conference on World Wide Web
Driving in the cloud: an analysis of drive-by download operations and abuse reporting
DIMVA'13 Proceedings of the 10th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Hi-index | 0.00 |
Many technical mechanisms across computer security for attribution, identification, and classification are neither sufficient nor necessary for forensically valid digital investigations; yet they are often claimed as useful or necessary. Similarly, when forensic research is evaluated using the viewpoints held by computer security venues, the challenges, constraints, and usefulness of the work is often misjudged. In this paper, we point out many key aspects of digital forensics with the goal of ensuring that research seeking to advance the discipline will have the highest possible adoption rate by practitioners. We enumerate general legal and practical constraints placed on forensic investigators that set the field apart. We point out the assumptions, often limited or incorrect, made about forensics in past work, and discuss how these assumptions limit the impact of contributions.