Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2010.17C.4.335

The Acquisition Methodology Study of User Trace Data in Mac OS X  

Choi, Joon-Ho (고려대학교 디지털 포렌식 연구센터)
Lee, Sang-Jin (고려대학교 정보경영공학전문대학원)
Publication Information
The KIPS Transactions:PartC / v.17C, no.4, 2010 , pp. 335-346 More about this Journal
Abstract
Mac OS X is the Computer Operating System that develop in Apple Inc. Mac OS X is the successor to Mac OS 9 Version which had been Apple's primary operating system since 1984. Recently, Mac OS X 10.6 (Snow Leopard) has been manufactured and is distributed to user. Apple's Mac OS X Operating System is occupying about 10% in the world Operating System market share. But, Forensic tools that is utilized on digital forensic investigation can not forensic analysis about Mac OS X properly. To do forensic investigation about Mac OS X, information connected with user's action and trace can become important digital evidence in Operating System. This paper presents way about user trace data acquisition methodology in Mac OS X.
Keywords
Digital Forensic; Apple Mac OS X; User Trace Data;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Golden G. Richard III, "Scalpel : A Frugal, High Performance File Carver," http://www.digitalforensicssolutions.com/Scalpel/
2 Philip Craiger, Paul K. Burke, "Mac Forensics : Mac OS X and the HFS+ File System," Department of Engineering Technology University of Central Florida.
3 Seokhee Lee, Antonio Savoldi, Sangjin Lee, Jongin Lim, "Windows Pagefile Collection and Analysis for a Live Forensics Context", F2GC 2007.
4 Seokhee Lee, Antonio Savoldi, Sangjin Lee, Jongin Lim, "Password Recovery Using an Evidence Collecting Tool and Countermeasures," IIH-MSP 2007.
5 David H. Crocker, "ARPA Internet Text Messages," http://tools.ietf.org/html/rfc822
6 Philip Craiger, Paul Burke, "Mac OS X Forensics," IFIP 2006
7 Nick Peelman, "Basic Mac Forensics," Purdue University
8 Air Force Office of Special Investigations, The Center for Information Systems Security Studies and Research, "Foremost," http://foremost.sourceforge.net/
9 Amit Singh, “Mac OS X Internals : A Systems Approach,” Addison Wesley.
10 Robert A. Joyce, Judson Powers, Frank Adelstein, “MEGA : A tool for Mac OS X operaing system and application forensics,” Digital Investigation 2008.
11 Apple, “Introduction to Property Lists,” http://developer apple.com/
12 Edward R. Marczak, “Mac OS X Advanced System Administration v10.5,” Apple.
13 Apple, “NSTimeInterval, NSCalendarDate,” http://developer.apple.com/
14 Robert A. Joyce, Judson Powers, Frank Adelstein, "Mac MarshalTM: A Tool for Mac OS X OperatingSystem and Application Forensics," DFRWS 2008.
15 Ryan R. Kubasiak, “Macintosh Forensics,” New York State Police.