Forensic analysis of Scientific Linux image using commercial and opensource forensic tools

Authors

  • Tashi Wangchuk Jigme Namgyel Engineering College, Royal University of Bhutan
  • Younten Tshering Jigme Namgyel Engineering College, Royal University of Bhutan
  • Ngaira Mandela School of Digital Forensics and Cyber Security, National Forensic Sciences University
  • Parag Rughani School of Digital Forensics and Cyber Security, National Forensic Sciences University

DOI:

https://doi.org/10.54417/jaetm.v4i1.133

Keywords:

Digital forensics, evidence gathering, forensic analysis, forensic tools, Scientific Linux

Abstract

Depending on their needs and personal preferences, people choose to use different operating systems (OS) such as Windows, Linux, and Mac. The scientific Linux Operating System (SLOS) is designed to provide a stable, secure, and high-performance computing environment for scientific research and education in a steady, scalable, and extensible manner. When criminal activities are committed by suspects involving computers and the internet, it calls for digital forensics which involves the use of scientific procedures and tools to carry out the forensic investigation and analysis of digital evidence for legal and investigative purposes. Forensic investigators use commercial and opensource tools for analysis and gathering inculpatory and exculpatory pieces of evidence. This paper presents a comparative analysis of EnCase, FTK, Autopsy, bulk-extractor, and Scalpel for analyzing the Scientific Linux image. The test scenarios were designed to find out if the selected forensic tools can be appropriately used for investigating crimes committed using the SLOS. The test scenarios include extraction and analysis of operating system details, user accounts, web browsing history, and the recovery of deleted and shredded files and this paper compares and evaluates the capability of the tools in retrieving the evidence designed in the scenarios. This systematic comparison and evaluation results would assist digital forensics practitioners, researchers, and law enforcement agencies in making informed decisions regarding the selection of tools for Scientific Linux image forensics.

Author Biographies

Tashi Wangchuk, Jigme Namgyel Engineering College, Royal University of Bhutan

Dean of Research and Industrial Linkages| Lecturer at Department of Information Technology| Jigme Namgyel Engineering College, Dewathang

Younten Tshering, Jigme Namgyel Engineering College, Royal University of Bhutan

Lecturer at Department of Electrical Engineering| Jigme Namgyel Engineering College, Dewathang| Royal University of Bhutan

Ngaira Mandela, School of Digital Forensics and Cyber Security, National Forensic Sciences University

PhD, School of Digital Forensics and Cyber Security, National Forensic Sciences University

Parag Rughani, School of Digital Forensics and Cyber Security, National Forensic Sciences University

PhD, School of Digital Forensics and Cyber Security, National Forensic Sciences University

Downloads

Published

06/10/2024

How to Cite

Wangchuk, T. ., Tshering, Y. ., Mandela, N. ., & Rughani, P. . (2024). Forensic analysis of Scientific Linux image using commercial and opensource forensic tools. Journal of Applied Engineering, Technology and Management, 4(1), 68–82. https://doi.org/10.54417/jaetm.v4i1.133

Issue

Vol. 4 No. 1 (2024): Journal of Applied Engineering, Technology and Management (JAETM)

Section

Articles

License

Copyright (c) 2024 Journal of Applied Engineering, Technology and Management (JAETM), Jigme Namgyel Engineering College, Royal University of Bhutan

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

Most read articles by the same author(s)