An all-in-one cybersecurity toolkit developed by Purdue Polytechnic researchers and their colleagues is helping detectives dust for digital fingerprints.
The Toolkit for Selective Analysis & Reconstruction of Files (FileTSAR) combines the top open source investigative tools used by digital forensic law enforcement teams at the local, state, national and global levels. It captures data flows and provides a mechanism to selectively reconstruct multiple data types, including documents, images, email and VoIP sessions for large-scale computer networks. FileTSAR is available free to law enforcement.
“The current network forensic investigative tools have limited capabilities,“ said Kathryn Seigfried-Spellar, assistant professor of computer and information technology. “They cannot communicate with each other and their cost can be immense. This toolkit has everything criminal investigators will need to complete their work without having to rely on different network forensic tools.”
Seigfried-Spellar helps lead the research team. Other members of the team include John Springer and Baijian Yang, associate professors of computer and information technology; Marcus Rogers, professor of computer and information technology; Raymond Hansen, associate professor at Wentworth Institute of Technology; and Seunghee Lee, Siddarth Chowdhury and Niveah Abraham, graduate research assistants.
The toolkit was presented in December 2018 during the IEEE International Conference on Big Data.