HOME

TheInfoList



Click Here for Items Related To - Open Computer Forensics Architecture
OR:
Open Computer Forensics Architecture on:   [Wikipedia]   [Google]   [Amazon]

The Open Computer Forensics Architecture (OCFA) is a
distributed Distribution may refer to: Mathematics *Distribution (mathematics), generalized functions used to formulate solutions of partial differential equations *Probability distribution, the probability of a particular value or value range of a varia ...
open-source Open source is source code that is made freely available for possible modification and redistribution. Products include permission to use the source code, design documents, or content of the product. The open-source model is a decentralized sof ...
computer forensics Computer forensics (also known as computer forensic science) is a branch of digital forensic science pertaining to evidence found in computers and digital storage media. The goal of computer forensics is to examine digital media in a forensica ...
framework used to analyze digital media within a digital forensics laboratory environment. The framework was built by the
Dutch Dutch commonly refers to: * Something of, from, or related to the Netherlands * Dutch people () * Dutch language () Dutch may also refer to: Places * Dutch, West Virginia, a community in the United States * Pennsylvania Dutch Country People E ...
national police.


Architecture

OCFA consists of a back end for the
Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which i ...
platform, it uses a
PostgreSQL PostgreSQL (, ), also known as Postgres, is a free and open-source relational database management system (RDBMS) emphasizing extensibility and SQL compliance. It was originally named POSTGRES, referring to its origins as a successor to the In ...
database for data storage, a custom
Content-addressable storage Content-addressable storage (CAS), also referred to as content-addressed storage or fixed-content storage, is a way to store information so it can be retrieved based on its content, not its name or location. It has been used for high-speed storage ...
or CarvFS based data repository and a
Lucene Apache Lucene is a free and open-source search engine software library, originally written in Java by Doug Cutting. It is supported by the Apache Software Foundation and is released under the Apache Software License. Lucene is widely used as ...
index. The front end for OCFA has not been made publicly available due to licensing issues. The framework integrates with other open source forensic tools and includes modules for
The Sleuth Kit The Sleuth Kit (TSK) is a library and collection of Unix- and Windows-based utilities for extracting data from disk drives and other storage so as to facilitate the forensic analysis of computer systems. It forms the foundation for Autopsy, a b ...
, Scalpel, Photorec, libmagic,
GNU Privacy Guard GNU Privacy Guard (GnuPG or GPG) is a free-software replacement for Symantec's PGP cryptographic software suite. The software is compliant with RFC 4880, the IETF standards-track specification of OpenPGP. Modern versions of PGP are interoper ...
,
objdump objdump is a command-line program for displaying various information about object files on Unix-like operating systems. For instance, it can be used as a disassembler to view an executable in assembly form. It is part of the GNU Binutils for fine- ...
, exiftags, zip,
7-zip 7-Zip is a free and open-source file archiver, a utility used to place groups of files within compressed containers known as "archives". It is developed by Igor Pavlov and was first released in 1999. 7-Zip has its own archive format called 7 ...
,
tar Tar is a dark brown or black viscosity, viscous liquid of hydrocarbons and free carbon, obtained from a wide variety of organic matter, organic materials through destructive distillation. Tar can be produced from coal, wood, petroleum, or peat. ...
,
gzip gzip is a file format and a software application used for file compression and decompression. The program was created by Jean-loup Gailly and Mark Adler as a free software replacement for the compress program used in early Unix systems, and ...
, bzip2,
rar RAR or Rar may refer to: * Radio acoustic ranging, a non-visual technique for determining a ship's position at sea * "rar", the ISO 639-2 code for the Cook Islands Māori language * RAR (file format), a proprietary compressed archive file format in ...
,
antiword Antiword is a free software reader for proprietary Microsoft Word documents, and is available for most computer platforms. Antiword can convert the documents from Microsoft Word version 2, 6, 7, 97, 2000, 2002 and 2003 to plain text, PostScript, ...
, qemu-img, and mbx2mbox. OCFA is extensible in C++ or
Java Java (; id, Jawa, ; jv, ꦗꦮ; su, ) is one of the Greater Sunda Islands in Indonesia. It is bordered by the Indian Ocean to the south and the Java Sea to the north. With a population of 151.6 million people, Java is the world's mo ...
.


See also

*
List of digital forensics tools During the 1980s, most digital forensics, digital forensic investigations consisted of "live analysis", examining digital media directly using non-specialist tools. In the 1990s, several freeware and other proprietary tools (both hardware and softw ...


External links

*
Linux Magazine article on OCFA

Open Source Software for Digital Forensics
Computer forensics Digital forensics software Data recovery Distributed computing architecture {{software-stub