Title

ADSL Router Forensics: Methods of Acquisition

Document Type

Journal Article

Publisher

SECAU Security Research Centre

Faculty

Computing, Health and Science

School

Computer and Security Science, Centre for Security Research

RAS ID

8380

Comments

This article was originally published as: Szewczyk, P. S. (2009). ADSL Router Forensics: Methods of Acquisition. Journal of Network Forensics, 1(1), 16-29.

Abstract

Over the last decade the necessity for ADSL router forensics has been minimal as the device had yet to be targeted by Internet based threats. As the number and sophistication of these threats increases, the need for forensic acquisition methods is in-turn increasing. Whilst the specialisation of digital forensics has evolved significantly over the years, the field of ADSL router forensics is a new and developing field. In-turn the information and analysis presented in this paper is based on research in progress. The paper begins by detailing some of the potential threats that may target ADSL routers. It continues by describing items of evidentiary values for the purpose of the research. An overview is provided of existing research on network forensics and how it may impact the ADSL router investigation. It then details high and low level methods of data acquisition which would permit evidence to be admissible in the court of law. The devices used for experimentation encompass SoHo based brands inclusive of the D-Link, Netgear, Linksys and Netcomm range.