Conference ProceedingsOPEN ACCESS

Criteria for validating secure wiping tools

IFIP Advances in Information and Communication Technology (2015) 462 321-339
DOI: 10.1007/978-3-319-24123-4_19
4Citations
Citations of this article
11Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

The validation of forensic tools is an important requirement in digital forensics. The National Institute of Standards and Technology has defined standards for many digital forensic tools. However, a standard has not yet been specified for secure wiping tools. This chapter defines secure wiping functionality criteria for NTFS specific to Windows 7 and magnetic hard drives. The criteria were created based on the remnants of user actions – file creation, modification and deletion – in $MFT records, the $LogFile and the hard disk. Of particular relevance is the fact that the $LogFile, which holds considerable forensic artifacts of user actions, is not wiped properly by many tools. The use of the proposed functionality criteria is demonstrated in an evaluation of the Eraser secure wiping tool.

Author supplied keywords

Cite

CITATION STYLE

APA

Zareen, M. S., Aslam, B., & Akhlaq, M. (2015). Criteria for validating secure wiping tools. In IFIP Advances in Information and Communication Technology (Vol. 462, pp. 321–339). Springer New York LLC. https://doi.org/10.1007/978-3-319-24123-4_19

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free