Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Stanford Security Seminar 6/17: Digital Forensics Tools

Steve Weis steveweis at
Fri Jun 14 16:31:32 PDT 2013

There's an upcoming Stanford security seminar on how bulk data from
captured drives and network traffic are analyzed. Thought it might of
some interest to this list.


Lessons Learned Writing High-Performance Multi-Threaded Digital
Forensic Tools for Analyzing Hard Drives and Network Intercepts

Simson Garfinkel

Monday, June 17, 2013
Talk at 4:15pm
Gates Building 463A
Stanford University

Writing digital forensics (DF) tools is difficult because of the
diversity of data types that needs to be processed, the need for high
performance, the skill set of most users, and the requirement that the
software run without crashing. Developing this software is
dramatically easier when one possesses a few thousand disks of other
people’s data for testing purposes. This talk presents the internal
design of two high-performance computer forensics tools ---
bulk_extractor and tcpflow --- discussing the algorithmic and C++
coding techniques that were employed.

Come see how we peg at 64 cores on our test machine!

(Loosely based on Garfinkel's 2012 DFRWS paper,

More information about the liberationtech mailing list