This year, in addition to the physical gathering, and addition to all epidemiological measures, MIPRO was also holding a virtual part of the gathering. In cooperation with the ZOOM platform, presenters our from all over the world held their presentations online.
INsig2 participated with three lectures, covering current issues for digital forensic examiners in MAC, Linux, and Windows forensics.
The lecture “Overview of Mac system security and its impact on digital forensics process” presented the differences and problems that occur while creating a forensic image and extracting data from a Mac computer. The lecture also covered the impact of “T1” or “T2” security chips have on the digital forensic process remediation and password recovery methods. Second lecture “Linux Forensic Triage: Overview of Process and Tools” covered challenges of performing digital forensic triage on a Linux system. It discussed the implications that different tools for acquiring memory and performing triage have by comparing the functionalities of multiple tools. Final lecture “Forensic Analysis of Windows 10 Sandbox” presented the findings related to the observation of folder structure and Windows artifacts that can be related to Windows Sandbox. Furthermore, the lecture presented testing results on the temporary characteristic of this feature and the possibility of its misuse as an anti-forensic technique.