Date of Graduation
Statler College of Engineering and Mineral Resources
Lane Department of Computer Science and Electrical Engineering
Current computer forensic practices primarily advise analysts to review and search all digital evidence within designated labs. This practice does not take into account the possibility of encryption software being present on the suspect machine. As a result, possible evidence may become unrecoverable to the investigator. This paper will review the current standard operating procedures used by law enforcement, complications with current procedures with regard to encryption, and the design of a free to use utility for law enforcement to facilitate live analysis.
McCarty, Justin John III, "A Software Response to Hard Drive Encryption" (2009). Graduate Theses, Dissertations, and Problem Reports. 2829.