General
This section contains various papers written and/or maintained by
members of The FTimes Project. The default format of these papers
will be PDF. To view these papers, we recommend Adobe
Acrobat Reader 5.0 or higher. Where possible, each paper will
be available in two formats: classic and on-screen. If you intend
to print the document, you should download the classic format. If
you just want to read it at your terminal, you should download the
on-screen format.
System Baselining -- A Forensic Perspective
This paper defines baselining terminology, explains the mechanics
of baselining, compares and contrasts different baselining techniques,
and describes FTimes -- a system baselining and evidence collection
tool. The paper also explores some of the criteria that evidence
collection tools and techniques must satisfy if they are going to
support prosecutions. In closing, it presents a pair of war stories
that are typical of the times.
|
