The following resource is a compiled list of electronic references that relate to computer forensics in general, forensic tool validation, as well as basic and advanced forensic preview and analysis. These references will continue to be updated as computer forensics papers and documents become available. If you find any broken links or want to suggest any useful publications not already listed, please send an email to Damira Pon at [email protected].
Standard Operating Procedures Validation & Testing
The University at Albany, State University of New York has served as a non-biased and independent evaluator for digital forensic-related Standard Operating Procedures (SOP's). The revised SOP's and associated validations are available by sending a request a to: Sanjay Goel at [email protected] or Damira Pon at [email protected]. In the request please specify:
- Your agency name
- The purpose for which you require the files (e.g. prosecution/enforcement of cases)
- How you heard about this material
- The SOP's / Validation documentation you seek. Files are available in the following categories:
- ASR Data SMART for USB Preparation for Forensic Previews - USB SOP and USB Validation
- Penguin Sleuth Kit (PSK) for Forensic Previews - PSK SOP and PSK Validation
- ASR Data SMART for Forensic Previews - SMART SOP and SMART Validation
Creation of Standard Operating Procedures
Scientific Working Group on Digital Evidence (SWGDE). (2004). https://www.crime-scene-investigator.net/swgde_swgit_sop_document_v1-0.pdf
Validation and Testing of Tools
- National Institute of Standards and Technology (NIST). (2023). Digital Evidence Building Blocks: Framework for Testing and Evaluation Methods for Digital Evidence (Draft for Public Comment). https://doi.org/10.6028/NIST.IR.8265
- Scientific Working Group on Digital Evidence (SWGDE). (2023). SWGDE Guide for the Validation of Digital Forensic Tools and Methods. https://www.swgde.org/
- Garfinkel, S. (2020). Forensic Faith: Testing and the Mythology of Digital Evidence. Columbia University Press. https://coldcasechristianity.com/forensic-faith-by-j-warner-wallace/
- National Institute of Standards and Technology (NIST). (2020). Computer Forensics Tools: A NIST Special Publication. https://doi.org/10.6028/NIST.SP.800-171
- The Sleuth Kit & Autopsy Documentation. (2023). https://sleuthkit.org/autopsy/docs/user-docs/4.0/
- Carrier, N. (2014). File System Forensic Analysis. Addison-Wesley Professional.
- National Institute of Standards and Technology (NIST). (2023). CFReDS (Computer Forensic Reference Data Sets).
- Digital Forensics Cloud (DFCloud). (n.d.). Public Forensic Datasets. https://www.sans.org/cloud-security/
General Computer Forensics Investigation
- Electronic Crime Scene Investigation: A Guide for First Responders (4th Ed.). National Institute of Justice: https://www.ojp.gov/pdffiles1/nij/219941.pdf)
- Forensic Examination of Digital Evidence: A Guide for Law Enforcement (3rd Ed.). National Institute of Justice: https://nij.ojp.gov/library/publications/forensic-examination-digital-evidence-guide-law-enforcement)
- Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations (2009). U.S. Department of Justice: https://www.justice.gov/file/442111/download
- SWGDE Best Practices for Digital Evidence Collection. Scientific Working Group on Digital Evidence: https://www.swgde.org/documents/published-by-committee/forensics
- SWGDE Best Practices for Computer Forensics. Scientific Working Group on Digital Evidence: https://www.swgde.org/documents/published-by-committee/forensics
- The Association of Chief Police Officers (ACPO) Good Practice Guide for Digital Investigations. The College of Policing: https://www.digital-detective.net/digital-forensics-documents/ACPO_Good_Practice_Guide_for_Digital_Evidence_v5.pdf
- Computer Forensics Tool Catalog