The DCFL is working toward becoming an accredited computer forensics lab through the American Society of Crime Lab Directors, which in 2003 adopted computer forensics standards.
What sets the DCFL's program apart is its rigorous criteria for testing and evaluating the effectiveness of digital forensics toolsets, says Edmond Kong, acting director for the Research Development Test and Evaluations unit, which services the entire Department of Defense under an auspice organization called the DoD Cyber Crime Institute.
"We want accurate, repeatable results from our tools so we can go to court saying that these tools do what they're supposed to do," he explains.
Some of the 30 software and hardware tools tested and documented include:
• Write blockers that go between the hard drive and the computer so files don't get changed when the machine's booted up.
• Duplicators for fast imaging.
• Image and extraction tools for reading hard drives, computer disks, PDAs, mobile phones, GPS.
• Password cracking programs.
• Motherboard testing tools.
• Forensics workstations (Windows 2000, Macintosh and Linux).
Tools are tested on different operating systems and software versions because sometimes a tool will work perfectly on one operating system version, but not on an older or newer version. Then the results of those tests are documented and cataloged for forensics analysts in Department of Defense law enforcement agencies to use as guides during their investigations.
Back to feature: Digging for digital dirt
Rss FeedRss Feed
The Leader in Network Knowledge
Comment