Year-end Sale % OFF 
Abstract
AbstractSolid state drive (SSD) is rapidly replacing hard disk drive (HDD) in almost all computing devices. With the exponential growth in SSD technologies, it is quite possible that very soon HDD will become obsolete. It is good news for the end‐users, but may not be so pleasant for the digital forensics examiners. It has been a challenge for the cyber‐crime investigator ever since the evolution of SSD technology. The intrinsic characteristics of SSD are not very supportive for forensic examiners. The TRIM function and background garbage process make it difficult to retrieve deleted artifacts from the SSD. The traditional disk write blocker cannot stop the background process. There is a lot of uncertainty involved in SSD data acquisition. Sometimes it is also difficult to prove the integrity of SSD in the court of law which makes the SSD's legal admissibility questionable. The objective of this article is to examine the uncertainty involved in SSD forensics with experimental analysis. This article discusses in detail the different components of SSD and its working principle followed by experimental forensics analysis, critical observations, guidelines, and recommendations.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: Concurrency and Computation: Practice and Experience
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
