Pypette: A Framework for the Evaluation of Live Digital Forensic Acquisition Techniques

Brett Lempereur, Madjid Merabti, Qi Shi
2012 International Workshop on Digital Forensics and Incident Analysis  
With the increasing scale of digital forensic investigations, there is a need for approaches that are capable of reducing the quantities of data forensic examiners are required to search. As this trend continues, traditional quiescent digital forensic analysis is in some cases becoming impractical; examiners must often rely on an in-situ investigation of the live computing environment. Numerous approaches to live digital forensic evidence acquisition have been proposed in the literature, but
more » ... atively little attention has been paid to the problem of identifying how the effects of these approaches, and their improvements over other techniques, can be evaluated and quantified. In this paper, we present Pypette, a novel framework enabling the automated, repeatable analysis of live digital forensic acquisition techniques.
dblp:conf/wdfia/LempereurMS12 fatcat:j2k2zx65ezh3df37nddmbnbtli