Article Title

Open Forensic Devices


The Association of Digital Forensics, Security and Law (ADFSL)


Cybercrime has been a growing concern for the past two decades. What used to be the responsibility of specialist national police has become routine work for regional and district police. Unfortunately, funding for law enforcement agencies is not growing as fast as the amount of digital evidence. In this paper, we present a forensic platform that is tailored for cost effectiveness, extensibility, and ease of use. The software for this platform is open source and can be deployed on practically all commercially available hardware devices such as standard desktop motherboards or embedded systems such as Raspberry Pi and Gizmosphere’s Gizmo board. A novel user interface was designed and implemented, based on Morphological Analysis.


Carrier, B. (2010). The sleuth kit. Retrieved from http://www.sleuthkit .org/sleuthkit/

CPRTools. (2015, Aug). Psiclone disk imaging device. Retrieved from http://www.cprtools.com

Developers, A. (2012). Android debug bridge. Grenier, C. (2007). Photorec. Retrieved from http://www.cgsecurity. org/wiki/PhotoRec

Halderman, J. A., Schoen, S. D., Heninger, N., Clarkson, W., Paul, W., Calandrino, J. A., . . . Felten, E. W. (2009). Lest we remember: cold-boot attacks on encryption keys. Communications of the ACM , 52 (5), 91–98.

Harbour, N. (2006, Feb). dcfldd, an enhanced version of gnu dd. Retrieved from http://dcfldd.sourceforge .net/

Jacobson, V., Leres, C., & McCanne, S. (2003). Tcpdump public repository. Retrieved from http://www.tcpdump. org

Korsgaard, P. (2015, June). Buildroot embedded linux system. Retrieved from http://www.buildroot. org/

M¨uller, T., & Spreitzenbarth, M. (2013). Frost. In Applied cryptography and network security (pp. 373–388).

Ritchey, T. (1998). General morphological analysis. In 16th euro conference on operational analysis. Tableau. (2015, Aug). Td2u forensic duplicator. Retrieved from https://www.guidancesoftware.com

Tobin, L. (2013a, Apr). Firebrick: Open source disk imager & write blocker. In Massachusetts attorney general’s office - national cyber crime conference.

Tobin, L. (2013b, Oct). Firebrick v2: Remote open source disk imager & write blocker. In Wisconsin association of computer crime investigators conference.

Tobin, L. (2015, June). Firebrick v3: iscsi write-blocker and imaging device. Retrieved from https://github. com/leetobin/ firebrick3

Tobin, L., & Gladyshev, P. (2013, May). The FIREBrick platform. Retrieved from http://digitalfire.ucd. ie/firebrick

Zwicky, F. (1948). Morphological astronomy. Springer Science & Business Media




To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.