Next Generation Digital Forensic Imaging and Acquisition Technique
University of South WalesSector(s):
Creative Industries, Information and Communications
About The Opportunity:
The digital forensics industry is expanding rapidly. Digital forensics is the practice of collecting, analysing and reporting on digital information in a way that is legally admissible in the detection and prevention of crime and any dispute where evidence is stored digitally.
One of the main challenges facing the industry is the sheer quantity of data. Storage media size is growing at a surprising rate. Only a few years ago a typical desktop PC had a 40GB hard disk which might hold 30,000 files. Now, it is not uncommon to encounter desktop PCs with 2 Terabyte drives with 600,000 files. This represents a significant problem when conducting a forensic analysis as it increases acquisition, processing and analysis time e.g. a 4 Terabyte hard drive can take 36 hours or longer. This creates backlogs in digital forensic laboratories, hindering the investigation and increasing costs. In most countries there are also laws governing the length of time a suspect can be detained. Data acquisition is now taking so long that it is having an effect on the effectiveness of the initial stages of investigations, there is therefore a critical industry need for faster data acquisition tools.
An important driver is to reduce the backlogs in digital forensic labs. Reducing processing time is the number one issue in the domain. The second issue is distributed processing on clusters of computers:
- Sheer quantity of data
- Back logs in digital forensic laboratories
- Impacts on investigations e.g. 48 hour detention
The Information Security Research Group at the University of South Wales has developed novel forensic data acquisition software and technique which offers significantly faster data acquisition than current approaches.
- Much faster delivers analysable data in seconds
- Reduced time, cost and resources
- Complies with ACPO best practice
- More effective use of time spent at a crime scene
- Uses industry standard output storage formats, AFF, DEB, ZIP.
- Law Enforcement
- Corporate Security
- Corporate IT
- National and Local Government
A patent has been filed (GB1407605.3).
The university is seeking licensing and collaborative research partners.