ADSL Router Forensics: Methods of Acquisition
SECAU Security Research Centre
Faculty of Computing, Health and Science
School of Computer and Security Science / Centre for Security Research
Over the last decade the necessity for ADSL router forensics has been minimal as the device had yet to be targeted by Internet based threats. As the number and sophistication of these threats increases, the need for forensic acquisition methods is in-turn increasing. Whilst the specialisation of digital forensics has evolved significantly over the years, the field of ADSL router forensics is a new and developing field. In-turn the information and analysis presented in this paper is based on research in progress. The paper begins by detailing some of the potential threats that may target ADSL routers. It continues by describing items of evidentiary values for the purpose of the research. An overview is provided of existing research on network forensics and how it may impact the ADSL router investigation. It then details high and low level methods of data acquisition which would permit evidence to be admissible in the court of law. The devices used for experimentation encompass SoHo based brands inclusive of the D-Link, Netgear, Linksys and Netcomm range.