The Association of Digital Forensics, Security and Law (ADFSL)
This paper describes a case study in which a method for forensic analysis of control was applied to resolve probative technical issues in a legal action. It describes one instance in which the analysis was successfully applied without challenge, addresses the details of most of the different facets of the analysis method, and demonstrates how such analysis provides a systematic approach to using technical methods to address legal issues as a case study.
 USC 18, PI, Ch47, § 1030, Fraud and related activity in connection with computers. http://www.law.cornell.edu/uscode/18/1030.html [Whoever (5) (A) knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer; (B) intentionally accesses a protected computer without authorization, and as a result of such conduct, recklessly causes damage; or (C) intentionally accesses a protected computer without authorization, and as a result of such conduct, causes damage and loss.]
 CA Penal Code Section 502, Unauthorized Access To Computers, Computer Systems and Computer Data [any person who commits any of the following acts is guilty of a public offense:(1) Knowingly accesses and without permission alters, damages, deletes, destroys, or otherwise uses any data, computer, computer system, or computer network in order to either (A) devise or execute any scheme or artifice to defraud, deceive, or extort, or (B) wrongfully control or obtain money, property, or data. (2) Knowingly accesses and without permission takes, copies, or makes use of any data from a computer, computer system, or computer network, or takes or copies any supporting documentation, whether existing or residing internal or external to a computer, computer system, or computer network. (3) Knowingly and without permission uses or causes to be used computer services. (4) Knowingly accesses and without permission adds, alters, damages, deletes, or destroys any data, computer software, or computer programs which reside or exist internal or external to a computer, computer system, or computer network. (5) Knowingly and without permission disrupts or causes the disruption of computer services or denies or causes the denial of computer services to an authorized user of a computer, computer system, or computer network. (7) Knowingly and without permission accesses or causes to be accessed any computer, computer system, or computer network. (8) Knowingly introduces any computer contaminant into any computer, computer system, or computer network.]
 F. Cohen, "A Method for Forensic Analysis of Control”, IFIP TC-11 Computers and Security, V29, #8, (2010) pp 891-902.
 RFC 821
 P. Mockapetris, “Domain Names – Implementation and Specification”, RFC 1035 available at ftp://ftp.rfc-editor.org/in-notes/rfc1035.txt defines Internet standard 13, November, 1987.
 RFC 2821
 F. Cohen, "Digital Forensic Evidence Examination - 2nd Edition", ASP Press, 2010
 Case BC375173, William Silverstein v. Liquid Minds, LLC, et. al.
 Turing, “On Computable Numbers, with an Application to the Entscheidungsproblem”, London Math Soc. Ser 2. Vol 42,Nov 12,1936,230-265.
 Intel Corporaiton, Plaintiff and Respondent, v. Kourosh Kenneth Hamidi, Defendant and Appellant. No. S103781. Supreme Court of California.
 F. Cohen, “A Note on Distributed Coordinated Attack”, IFIP-TC11, `Computers and Security', V15, #2, 1996, pp. 103-121(19).
 P. Gladyschev, “Formalising Event Reconstruction in Digital Investigations”, Dissertation, University College, Dublin, 2004-0-8.
 B. Carrier, “A Hypothesis-Based Approach to Digital Forensic Investigations”, Dissertation, Purdue University, 2006-05, also available as CERIAS Tech Report 2006-06.
 F. Cohen, "Two models of digital forensic examination", IEEE SADFE, 2009-05-21, Oakland, CA
 F. Cohen, "Digital Forensic Evidence Examination - 3re Edition", ASP Press, 2011, Chapter 3 available online at “http://infophys.com”
 F. Cohen, J. Lowrie, and C. Preston, “The State of the Science of Digital Evidence Examination“, IFIP Advances in Digital Forensics VII, pending publication, Springer, 2011.
"A Case Study in Forensic Analysis of Control,"
Journal of Digital Forensics, Security and Law: Vol. 6
, Article 3.
Available at: http://commons.erau.edu/jdfsl/vol6/iss1/3