Search Mailing List Archives
[liberationtech] Stanford Security Seminar 6/17: Digital Forensics Tools
steveweis at gmail.com
Fri Jun 14 16:31:32 PDT 2013
There's an upcoming Stanford security seminar on how bulk data from
captured drives and network traffic are analyzed. Thought it might of
some interest to this list.
Lessons Learned Writing High-Performance Multi-Threaded Digital
Forensic Tools for Analyzing Hard Drives and Network Intercepts
Monday, June 17, 2013
Talk at 4:15pm
Gates Building 463A
Writing digital forensics (DF) tools is difficult because of the
diversity of data types that needs to be processed, the need for high
performance, the skill set of most users, and the requirement that the
software run without crashing. Developing this software is
dramatically easier when one possesses a few thousand disks of other
people’s data for testing purposes. This talk presents the internal
design of two high-performance computer forensics tools ---
bulk_extractor and tcpflow --- discussing the algorithmic and C++
coding techniques that were employed.
Come see how we peg at 64 cores on our test machine!
(Loosely based on Garfinkel's 2012 DFRWS paper,
More information about the liberationtech