Computer Forensics

Group Project

Due December 1st, 2009

This is a group project. Each group can have up to 2 students. Please form the group yourself.

Project Description:

Survey currently-existing forensics investigation tools. Find FOUR forensic tools and ONE anti-forensic tool.

Duplicate tools will NOT be accepted.

The following tools should NOT be used: md5sum, dd, nmap, simple password crack tools, etc.

Please do NOT select Snort (http://www.snort.org/) as your tool.

Based on the investigations, students will a) develop a new tool or b) modify an existing tool to include at least one more option.

If you plan to develop a new tool

·  Description of the tool

·  The usages of the tool (How to appropriately use this tool with provided option(s).)

·  Design, implementation and testing debrief

·  Language and OS targeted

·  Limitations (both perceived and validated through testing)

·  Description of other similar tools (if available) and how your tool is different.

If you plan to modify an existing tool

·  Description of the existing tool

·  New features you added and reasons for your modification

·  The usages of the modified tool (How to appropriately use this tool with provided option(s).)

·  Design, implementation and testing debrief

·  Language and OS targeted

·  Limitations after your modification (both perceived and validated through testing)

What to hand in:

1. A document which contains the description of the tools, including their usages and merits, drawbacks or liabilities, methods of circumvention, language in which tool written, OS targeted / limitations, and source code as available.

This document needs to be emailed to the instructor at by the midnight on Dec. 1, 2009.

2. A CD containing the source code, executable and all other necessary files. The source code must be clearly written, well structured and well documented. Clearly written documentation in the form of operation instructions for your tool or modification must accompany the documented code. Other documentation (readme files, FAQs etc) should be included as appropriate.

Demonstration:

Demonstration is needed at the end of the semester. For your selected tools, please prepare simple environment to demonstrate the usage of your tools. You need to explain how to use your selected tools based on the environment you set up.

Class Policy:

For the developed new tool, please do NOT borrow solutions from those students who have taken this class before. We keep a database of all previous solutions.

The developed new tool will be checked carefully for plagiarism. Students who are caught copying directly will receive 0 for this project.

2