CFES: Comprehensive framework for forensic analysis of embedded systems

Kyung Soo Lim, Yongseok Choi, Jongsung Kim, Changhoon Lee, Sangjin Lee

    Research output: Contribution to journalArticlepeer-review

    4 Citations (Scopus)

    Abstract

    Nowadays, embedded systems such as mobile phones, MP3 players, PMPs, and GPS navigation systems have become an integral part of our life. However, the increasing popularity of the use of digital devices has led to an increase in the diversity of cyber crime. Therefore, the forensic community has concentrated on countermeasures against emerging cyber crime techniques and embedded system investigations. While novel forensic analysis methodologies have been proposed for each embedded system known to the forensic community, there is no comprehensive framework for general embedded system forensics. Therefore, in this paper, we introduce a generalpurpose framework for forensic analysis of embedded systems for future communications and computing. The CFES framework (Comprehensive Framework for Forensic analysis of Embedded Systems) is designed for a comprehensive analysis environment and is a general methodology of extracting useful information about various embedded systems. CFES provides an effective analysis environment and various analysis toolkits, which can be applied to most of embedded systems. Further, it can perform a correlation analysis on the results of embedded system investigations.

    Original languageEnglish
    Pages (from-to)549-562
    Number of pages14
    JournalJournal of Internet Technology
    Volume10
    Issue number5
    Publication statusPublished - 2009

    Keywords

    • Digital forensics
    • Embedded system investigation
    • Forensic framework
    • Forensic methodology

    ASJC Scopus subject areas

    • Software
    • Computer Networks and Communications

    Fingerprint

    Dive into the research topics of 'CFES: Comprehensive framework for forensic analysis of embedded systems'. Together they form a unique fingerprint.

    Cite this