One of the digital forensics activities has the goal to prove a cybercrime. There are several stages in digital forensics when doing an investigation. Each stage has its suitable hardware and software that is used while investigating a case. Standalone forensics hardware is a suitable media in the process of investigation. It can do an acquisition and imaging process at the same time as the investigation process. Nowadays, standalone forensics hardware for imaging devices has a very high price. This paper gives a solution to develop low budget portable imaging forensics devices using a raspberry device. The device enables us to do an acquisition to a hard disk or flash drive. The output has a raw format file type i.e .dd. This device includes a logging file consisting of detailed information related to the digital evidence also hashing to provide file integrity. The result of this paper describes how to construct a prototype low budget portable device for digital forensics acquisition using a raspberry device and how to operate it in GUI. The prototype was successfully created and tested in several scenarios. The performance test of this device has a result of that transfer rate of 1,85 MB/s.
- DFIR Resources
- A Prototype of Portable Digital Forensics Imaging Tools using Raspberry Device
A Prototype of Portable Digital Forensics Imaging Tools using Raspberry DeviceHot
Research and Documentation
White Papers & Journals