Australian Digital Forensics Conference

Document Type

Conference Proceeding

Publisher

School of Computer and Information Science, Edith Cowan University, Perth, Western Australia

Abstract

The LIARS tool was designed to enable identification, and potentially the return, to the rightful owner of stolen laptop or notebook computers. Many laptops are discovered by Police, but time constraints prevent recovered devices from being identified. This project has produced a proof of concept tool which can be used by virtually any police officer, or other investigator, which does not alter the hard drive in any fashion. The tool uses a modified version of the chntpw software, and is based on a forensically tested live Linux CD. The tool examines registry hives for known location of keys which may provide information about the owner of the laptop. This paper outlines the successful first phase of the project and looks at future directions.

Comments

Originally published in the Proceedings of the 5th Australian Digital Forensics Conference, Edith Cowan University, Perth Western Australia, December 3rd 2007.

Share

 
COinS
 

Link to publisher version (DOI)

10.4225/75/57ad65df7ff38