Laptop Inspector And Recovery System (LIARS)

Duration

July 2006 – July 2007 (Phase 1)

Internal Participants

Andrew Woodward, Craig Valli (Staff)

External Participants

WA police computer crime – Tim Thomas, Duncan Armstrong

Laptop theft is a major concern for individuals and corporations and the government. The WA Police have indicated that they do recover a large number of laptops as a result of their inquiries. However, most of these laptops are erased and sent to auction, as there are not sufficient resources to enable identification of the legitimate owner. In addition, in the course of their duties, the Police have occasion to search individuals, some of whom are in possession of laptops for which they may not be the legitimate owner. In these instances, it is useful for the Police to be able to identify on the spot whether the person in possession of the laptop is indeed the legal owner. Unless the laptop boots up and presents this information to the officer, this is not currently possible. There are two major aims of this project. The first is, to allow for on the spot identification of a laptops rightful owner, the second is to increase the clear up rate of laptops recovered that are currently erased and disposed of.

The primary goal of this project is to produce a tool which would enable someone with minimal knowledge of computers or forensic methods to identify the registered owner of a Windows XP based laptop. This will be done at a topical level, meaning that if the operating system has been formatted, then no information is likely to be found. Subsequent phases will see the drive examined at a level which will allow for owner registration data to be recovered from a formatted drive. The system will use the base live CD system being developed for the Purview system, with customised applications incorporated into it. The system is being developed from first principles and is undergoing rigorous testing and validation using industry based testing regimes or standards such ISO 17025 and NIST to produce a product of high forensic validity.

Outcomes

Release of Development 0.1 (October 31)

Publications

Woodward, A. (2006). LIARS – Laptop insepctor and recovery system. 4th Australian Digital Forensics Conference, Edith Cowan University, Perth, Western Australia. Accepted for Publication

Funding Opportunties

State Insurance Commission, various commercial insurance companies

Events

March 2010
MonTueWedThuFriSatSun
  
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31  

Latest News

Open Source Intelligence: Tradecraft & Tools – 12 March

February 25th, 2010

There has never been anything in the history of humankind that comes close to the ability of the Internet to reach to almost every part of the globe.  But, as with all new technologies, it comes at a cost—many costs, in fact.
The first Google index in 1998 captured 26 million pages, and by 2000 the [...]

secAU Special Interest Group Seminar: VoIP something old something new

February 5th, 2010

Over 30 years ago the “holy grail of hackers was the compromise and utilisation of PABX systems to enable free phone calls for voice and of course data at that stage. In response to this phenomenon PABX systems became increasingly secure and less able to be compromised. Now some 30 years on we now have [...]