King's College London - Homepage

• Internal

• Study
  • Undergraduate
  • Postgraduate
  • International Students
  • Learning & teaching
  • Study abroad & internships
  • Summer school
  • Executive education
  • Short courses
  • English Language Centre
  • Modern Language Centre
• Campus Life
  • Our campuses
  • Campus improvements
  • London life
  • Student life
  • Student services
  • Library services
  • Student accommodation
  • King's Venues
  • Virtual tour
  • Students' Union
  • Visiting King's
• Research &
  Innovation
  • Research at King's
  • Core facilities
  • Business & innovation
  • Research groups
  • Global Institutes
  • King's expertise
  • King's Health Partners
  • Medical Research Council centres
• Academic
  Schools
  • Arts & Humanities
  • Biomedical Sciences
  • Dental Institute
  • Institute of Psychiatry
  • Law
  • Medicine
  • Natural & Mathematical Sciences
  • Nursing & Midwifery
  • Social Science & Public Policy
• Giving
  to King's
  • King's Answers Campaign
  • Neuroscience & mental health
  • Leadership & society
  • Cancer
  • Children's health
  • Global power
  • News
  • Video
  • Give now
• Alumni
  Online
  • Connect
  • News & events
  • Alumni benefits
  • Give back
  • My King's
• About
  King's
  
  • Mission & strategy
  • History & today
  • Governance & Equality
  • Principal & President
  • Organisational structure
  • Quality management & policy
  • Job opportunities
  • King's Worldwide
  • IT Services

Digital forensics for archivists

Posted on 17 August 2011

Gareth Knight, Digital Curation Specialist at CeRch organised a training event on digital forensics for archivists in August. The event took place in the Anatomy Museum on the Strand and was aimed at staff working within the Archives & Information Management (AIM) service and IT Systems at King's College London. The aim was to provide them with an understanding of digital forensic tools and techniques and an overview of the JISC-funded Forensic Investigation of Digital Objects (FIDO) project.

Digital forensics is a branch of forensic science used in law enforcement that is concerned with the recovery and investigation of material found on digital devices. The forensic process may be used to collect and identify evidence for use by a court or employer, determine intent, and establish provenance of material. There has been considerable development in the past 30 years, resulting in the production of forensic tools and workflows that may assist an investigator. 

The acquisition and analysis of large collections of diverse data is a challenge increasingly encountered by digital curators and archivists within the academic and cultural heritage sector. Rather than produce a set of papers, many researchers create digital content that cannot be rendered in analogue form without some loss of use. These research processes have implications for the approach adopted by archival institutions to acquire, analyse, and archive research material. However, by adopting tools developed by the law enforcement community for digital forensics, curators and archivists are able to manage digital material using methods that maintain their authenticity and integrity.

The event began with a talk by Lindsay Ould of AIM, who introduced digital forensics and described its value for processing digital collections within the archives. This was followed by presentations by Kate O'Brien, who outlined worked in the FIDO project to map forensic concepts onto archival principles, and Gareth Knight, who described forensic techniques for disk imaging and analysing a hard disk for relevant data. 

Event participants were separated into four breakout groups. In the first session, staff were asked to discuss the practical and ethical issues to be considered when handling data obtained in four different scenarios. This was followed by a hands-on session, where participants were provide the opportunity to develop practical experience of forensic tools. OSForensics was used to analyse a laptop PC disk image, to identify data of potential value and determine the owner's data handling practices. These sessions were well received by archival staff, whom showed an enthusiasm for using the forensic techniques and tools in their own work.

Training material on data management and analysis produced by the FIDO project will be incorporated into future teaching sessions, workshops and seminar series organised by the Centre for e-Research.

Event material

• Introduction to the day and scenarios for discussion
• FIDO Archival-Forensic vocabulary mapping handout
• Applying Digital Forensic techniques to AIM
• Digital Forensics Exercise

• → Department of Digital Humanities Home
• Centre for e-Research
• About us
  • History
  • Networks
  • Resources
  • Collaborations & partnerships
  • Internship opportunities
  • Job Opportunities
  • Location
  • News and events archive
    • News archive
      • 2010
        • NT Live
        • Best Paper Award
        • EHRI project
        • Welcome MADAM
        • Citizen cyberscience
        • Strandlines
        • DH2010
      • 2011
        • Centre for e-Research joins Digital Humanities
        • Digital forensics for archivists
        • Stuart Dunn at the Turing Festival
        • Digital Asset Management for the Content Industry
        • Readiness for REF (R4R) Workshop
        • CeRch at MediaPro 2011
        • Facilitating Access to the Web of Data
        • Maxwell at King's
        • New projects funded at CeRch
        • euroCRIS Membership Meeting
        • Parliamentary metadata
        • MADAM admissions
        • New NT Live season announced
      • Pre-July 2010
    • Events archive
      • National Theatre Live @ King's
      • Past events 2012
    • Publications
• People
• Study
• Research
• Contact Us
• News
• Events