A methodology for the examination of the effectiveness of secure erasure tools running on Windows XP - research in progress
School of Computer and Information Science, Edith Cowan University
Faculty of Computing, Health and Science
School of Computer and Information Science / Centre for Security Research
Currently, there appears to be a lack of academic research in the area of testing the efficacy of secure erasure applications and utilities in regard to the activities of an average user in a home or small business context. This research in progress aims to develop a testing methodology that will provide a forensically sound base for which to analyse these tools. It involves the installation of various Internet related applications (for example browsers, instant messaging software and download clients), and the use of these applications for typical Internet activities (e.g. internet banking, instant messaging, web browsing and other activities that would be conducted by an average user). Following the creation of the simulated history, this paper discusses a practical testing methodology that includes the creation of image files, the allocation of these image files, and the use of forensic tools to examine disk contents before and after the execution of the secure erasure applications on the simulated user history. Additionally, a reporting mechanism has been formulated that will allow test results to be efficiently compiled and compared to form valid conclusions about the effectiveness of each erasure utility on internet history.