Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Forensic Science

Digital evidence

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

Report Number

Published Date

Min

Max

Displaying 76 - 97 of 97

Hashing Techniques for Mobile Device Forensics

June 15, 2009

Author(s)

Richard Ayers, Shira Danker, Rick Mislan

Technological advances found in mobile devices today, equal or exceed that of the computing power present in desktop computers of less than a decade ago. As mobile devices proliferate, techno-logical advances provide users with increased power, range

Mobile Device Forensics - Tool Testing

May 6, 2009

Author(s)

Richard Ayers

The goal of the Computer Forensic Tool Testing (CFTT) project at the National Institute of Standards and Technology (NIST) is to establish a methodology for testing computer forensic software tools. The results provide information necessary for toolmakers

Non-GSM Mobile Device Tool Specification

January 7, 2009

Author(s)

Richard Ayers

As mobile devices proliferate, incorporating a host of integrated features and capabilities, their use can be seen everywhere in our world today. Mobile communication devices contain a wealth of sensitive and non-sensitive information. In the investigative

GSM Mobile Device and Associated Media Tool Specification

January 6, 2009

Author(s)

Richard Ayers

Mobile devices incorporating cellular capabilities are ubiquitous and contain a wealth of personal information useful in criminal cases, civil disputes, employment proceedings, and recreation of incidents. Due to the rapid rate of mobile devices appearing

Non-GSM Mobile Device Tool Test Assertions and Test Plan

January 1, 2009

Author(s)

Richard Ayers

A Recommendation for the Use of PIV Credentials in Physical Access Control Systems (PACS)

November 20, 2008

Author(s)

William I. MacGregor, Ketan L. Mehta, David A. Cooper, Karen A. Scarfone

This document provides best practice guidelines for integrating the PIV Card with the physical access control systems (PACS) that authenticate the cardholders in Federal facilities. Specifically, this document recommends a risk-based approach for selecting

Forensic Filtering of Cell Phone Protocols

August 27, 2008

Author(s)

Aurelien M. Delaitre, Wayne Jansen

Phone managers are non-forensic software tools designed to carry out a range of tasks for the user, such as reading and updating the contents of a phone, using one or more of the communications protocols supported by the phone. Phone managers are sometimes

Codes for the Identification of Federal and Federally-Assisted Organization

April 25, 2008

Author(s)

William C. Barker, Hildegard Ferraiolo

The Homeland Security Presidential Directive HSPD-12 called for new standards to be adopted governing the interoperable use of identity credentials to allow physical and logical access to Federal government locations and systems. The Personal Identity

Quirks Uncovered While Testing Forensic Tool

March 28, 2008

Author(s)

James R. Lyle

Powerpoint

A Scheme for PIV Visual Card Topography

June 29, 2007

Author(s)

William I. MacGregor, Teresa T. Schwarzhoff, Ketan L. Mehta

[Superseded. Incorporated into FIPS 201-2 (August 2013): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=914530] The purpose of this document is to provide additional recommendations on the Personal Identity Verification (PIV) Card color

Guidelines on Cell Phone Forensics

May 30, 2007

Author(s)

Wayne Jansen, Richard Ayers

[Superseded by SP 800-101 Rev. 1 (May 2014): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=915021] Forensic specialists periodically encounter unusual devices and new technologies outside of traditional computer forensics. Cell phones are an

Cell Phone Forensic Tools: An Overview and Analysis Update

March 21, 2007

Author(s)

Richard Ayers, Wayne Jansen, Aurelien M. Delaitre, Ludovic Moenner

Cell phones and other handheld devices incorporating cell phone capabilities (e.g., Personal Digital Assistant (PDA) phones) are ubiquitous. Rather than just placing calls, certain phones allow users to perform additional tasks such as SMS (Short Message

PIV Card to Reader Interoperability Guidelines

December 29, 2006

Author(s)

James F. Dray Jr., April Giles, Michael Kelley, Ramaswamy Chandramouli

The purpose of this document is to present recommendations for Personal Identity Verification (PIV) card readers in the area of performance and communications characteristics to foster interoperability. This document is not intended to re-state or

Unique File Identification in the National Software Reference Library

October 24, 2006

Author(s)

Steven L. Mead

The National Software Reference Library (NSRL) provides a repository of known software, file profiles, and file signatures for use by law enforcement and other organizations involved with computer forensic investigations. This paper examines whether the

Forensic Techniques: Helping Organizations Improve Their Responses to Information Security Incidents

September 27, 2006

Author(s)

Shirley M. Radack

This bulletin explains the need for the use of digital forensic techniques, which can help organizations respond more effectively to information security incidents, and protect the confidentially, integrity and availability of their information and systems

Guide to Integrating Forensic Techniques into Incident Response

September 1, 2006

Author(s)

Timothy Grance, Suzanne Chevalier, Karen A. Scarfone, Hung Dang

This publication is intended to help organizations in investigating computer security incidents and troubleshooting some information technology (IT) operational problems by providing practical guidance on performing computer and network forensics. The

Cell Phone Forensics Tools: An Overview and Analysis

October 19, 2005

Author(s)

Richard Ayers, Wayne Jansen, Nicolas Cilleros, Ronan Daniellou

Cell phones and other handheld devices incorporating cell phone capabilities (e.g., Personal Digital Assistants (PDAs) phones) are ubiquitous. Rather than just placing calls, certain phones allow users to perform additional tasks such as SMS (Short Message

Guidelines on PDA Forensics, Recommendations of the National Institute of Standards and Technology

November 1, 2004

Author(s)

Wayne Jansen, Richard Ayers

Forensic specialists periodically encounter unusual devices and new technologies normally not envisaged as having immediate relevance from a digital forensics perspective. The objective of the guide is twofold: to help organizations evolve appropriate

PDA Forensic Tools: an Overview and Analysis

August 1, 2004

Author(s)

Richard Ayers, Wayne Jansen

Adequate user authentication is a persistent problem, particularly with mobile devices such as Personal Digital Assistants (PDAs), which tend to be highly personal and at the fringes of an organization's influence. Yet these devices are being used

Computer Forensics Tool Testing (CFTT)

October 1, 2003

Author(s)

James R. Lyle

The National Software Reference Library (NSRL) of the U.S. National Institute of Standards and Technology (NIST) collects software from various sources and publishes file profiles computed from this software (such as MD5 and SHA-1 hashes) as a Reference

National Software Reference Library (NSRL)

October 1, 2003

Author(s)

Barbara Guttman

Test Environment and Procedures for Testing SafeBack 2.18

June 1, 2003

Author(s)

James R. Lyle

This document describes the testing of SafeBack 1.18. The Test cases that were applied are described in Disk Imaging Tool Specification, Version 1.1.6.The tests were run on test systems in the Computer Forensics Tool Testing Lab at the National Institute

Was this page helpful?