ISU Electrical and Computer Engineering Archives

Customization and automation in the future of digital forensics: Live OS forensics with FENIX (forensic examiner unix)

Howard, Sean (2007) Customization and automation in the future of digital forensics: Live OS forensics with FENIX (forensic examiner unix). Masters thesis, Iowa State University.

Full text available as:

PDF (Created with Acrobat) - Registered users only - Requires Adobe Acrobat Reader or other PDF viewer.

Abstract

FENIX (Forensic Examiner uNIX) is a Linux based live OS (Operating System) created to be used in remote environments for incident response and digital forensics. Between a joint effort between the Center for Information Protection (CIP) and the Iowa State University Police Department (ISUPD), FENIX has been tailored to suit the needs and requests of law enforcement forensic specialists. The very basis for FENIX is to allow ISU police officers the ability to carry an easy to operate and customize forensic toolkit with them at the scene of a crime allowing for better acquisitions and a deeper analysis to be conducted in an investigation. FENIX isn’t a standard forensic toolkit as others are. FENIX is a custom build of the Linux kernel with several of its own applications created for specific OS and forensic purposes and designed for a user friendly interface. However, since most users will be more familiar with existing tools those tools have the ability to interface easily with FENIX.

EPrint Type:Thesis (Masters)
Uncontrolled Keywords:This document discusses the FENIX (Forensic Examiner Unix) project. The FENIX Project contains several elements that are used to create and update LIVE OSs for the purpose of forensic examination. The three components are FENIX (the OS), Reburn (the application), and the FENIX Website (the community). This document explains in detail the purpose of each and their importance to the project.
Subjects:Computer Engineering > SOFTWARE SYSTEMS > Software Engineering
Computer Engineering > INFORMATION SYSTEMS SECURITY & NETWORKING > Information Assurance
Computer Engineering > INFORMATION SYSTEMS SECURITY & NETWORKING > Computer Networking and Security
ID Code:305
Identification Number:TR-2007-03-0
Deposited By:Mr. Sean Howard
Deposited On:29 August 2007

Archive Staff Only: edit this record