This a brief outline of projects that are in the planning or implementation phases of development that the group is undertaking in the next 6 – 12 months
| Projects |
|---|
| Mobile Phone and Device Analysis - Remnant Data |
| Cluster Based Analysis and Indexing of Forensic Images |
| NetSeer |
| Internal participants – | Craig Valli, Andrew Woodward |
| External participants – |
British Telecom (UK) Life Cycle Services (UK) Glamorgan University (UK |
This project will use the same guiding principles at the hard disk acquisition research project. Phones and portable memory devices will be purchased second hand from auctions or on-line auctions. Then a forensic recovery will be attempted on the device to ascertain if any data left on the device is sensitive or could provide sufficent detail for criminal activity be it fraud, identity theft or extortion.
| Internal participants – | Craig Valli, Andrew Woodward, Chris Bolan, Trish Williams |
| External participants – |
WA Police Computer Crime Australian Federal Police |
This project will involve the use of a clustered approach to indexing a forensic image. Indexing is the searching of a forensic image (typically a hard disk) for keywords found within the contents of the drive. This process can take up to several days to complete on a single hard disk image.
This project aims to use cluster based technology and file sharing technology to reduce these timelines to matter of minutes not days by using a distributed approach to searching and indexing. This approach could allow on-site triage of a disk contents which could be an invaluable tool in time sensitive or critical investigations such as illcit trafficking, money laundering or planned acts of terrorism.
| Internal participants – | Craig Valli, Andrew Woodward, Chris Bolan, Trish Williams |
| External participants – |
WA Police Computer Crime Australian Federal Police Andy Jones (British Telecom) |
This project is aimed at provide extensive in-band analysis of network traffic. This is using existing network techniques to intercept and interpret network traffic. Allowing for the real-time reconstruction and interpretation of network traffic be it email, Web, file download etc. Then through the intelligent use of filtering technology allow for alerting, tagging, tracking or extraction of target information.