Research Projects

Access Point Tool Review

According to, an access point is a “device, such as a wireless router, that allows wireless devices to connect to a network.” The ability to examine these points could present an investigator with critical evidence. [PDF]

Android Forensics

Smartphones have become extremely popular in recent years due to their capabilities. [PDF

Internet Evidence Finder Report

Parsing internet data can be a difficult task. Internet Evidence Finder (IEF) can find and retrieve any and all supported internet related artifacts, benefiting the investigation by speeding up the process of parsing the data. [PDF]

Log2Timeline Guide for TAPEWORM

This guide walks through the process of configuring TAPEWORM for Log2Timeline, running Log2Timeline in TAPEWORM, and reading the output from TAPEWORM. [PDF]

OS Forensics Comparison

This project is intended to review a restricted version of OSForensics, a free tool created by PassMark Software, to see if it could be used as an alternative to higher priced forensic tools. [PDF]

Cloud Forensics

Cloud storage is a new technology that makes it possible for users to upload data to the web, allowing for instant accessibility and the ability to share data with others at any time.  [PDF]

Elcomsoft iOS Forensics Toolkit Guide

Elcomsoft iOS Forensic Toolkit is a set of tools aimed at making the acquisition of iOS devices easier. It consists of Toolkit Ramdisk and a set of tools to load the Ramdisk onto the iOS device. [PDF]

HDD Water Damage Report 

Our goal for this project is to determine how long a hard drive can stay submerged under water before the data becomes irretrievable.  [PDF]

Timeline Creation and Analysis Guides

This document has 5 guides that provide information about timeline creation and analysis for several different tools and platforms. [PDF]

Zeitgeist Forensics

Zeitgeist is a tool built into the Gnome Desktop Environment that will create a log of user activity in a SQLite database, which is used to help predict the user activity. [PDF]

IEF for Mobile Devices

For this project, we will be using IEF Advanced to analyze images from Android and iOS devices. Our goal is to learn what information IEF extracts from these devices and how that can help law enforcement and forensic investigators. [PDF]

Pirate Browser Artifacts Report

In our experiment, we wanted to test the difference between PirateBrowser's artifacts and its parents, Mozilla Firefox 23 and Firefox Portable.  [PDF]

Forensic Acquisition of Websites (FAW) Tool Review

Forensic Acquisition of Websites (FAW) is a way to forensically acquire a website or webpage as it is viewed by the user. [PDF]

Tool Comparison

This project will be benchmarking three digital forensic tools: EnCase v7.04.01, FTK, and Imager v3.1.1.8, as well as the SANS SIFT Workstation v2.14. [PDF]