DSD and open source software
|Project:||Forensic Analysis in DSD with FOSS|
Defence Signals Directorate (DSD) is the Commonwealth authority for cyber and information security. It plays a vital role in assisting federal and state authorities on matters relating to the security and integrity of information and networks. In order to achieve these goals, DSD works closely with the open source community and employs a large number of software developers that actively contribute to open source projects. We are not as secretive as some people would have you believe, and you might already be familiar with previous software that DSD has released.
This talk will first briefly touch on some of the previous open source projects DSD has released, including the "PyFlag" framework (a forensic analysis tool), "White Trash" (a Squid dynamic whitelisting module), and "Spill Guard" (a Microsoft Office data leak prevention tool).
The main focus of the talk will be on a newly open sourced prototype tool for the purpose of hard disk analysis called Pronghorn. Pronghorn is a proof of concept block analysis framework created by DSD staff as an entry to the DFRWS 2012 forensic challenge. It's not production ready, but it uses some novel concepts to automate the analysis of hard drive images.