An Open Source Forensic Software Framework for Acquiring and Decoding Data Stored in Electronic Devices
暂无分享,去创建一个
TULP2G is a forensic software framework for acquiring and decoding data stored in electronic devices. The framework consists of a layered architecture with communication, protocol, conversion, and export plug-ins to acquire, decode, and report evidence in customizable layouts. All acquired data is stored in an XML formatted evidence file along with information for auditing purposes. XML files can also be used to customize the framework with different user interface languages. A profile mechanism is built in to save and load framework configuration settings for common investigations. Conversion and export plug-ins can also be used to decode data acquired with other data acquisition methods. TULP2G is implemented in C# using .NET1.1 and released under a BSD license. All software, including source code is available at http://tulp2g.sourceforge.net/. Currently available plug-ins are mainly targeted towards GSM phone examinations, but the applied open source strategy tries to stimulate other parties in developing more examination functionality.
[1] 石田 優子. Microsoft HTML help , 1999 .
[2] Richard P. Ayers,et al. Cell Phone Forensic Tools: an Overview and Analysis , 2005 .
[3] Wayne Jansen,et al. PDA Forensic Tools: An Overview and Analysis , 2004 .
[4] C. M. Sperberg-McQueen,et al. Extensible Markup Language (XML) , 1997, World Wide Web J..