NASA Logo

NTRS

NTRS - NASA Technical Reports Server

Back to Results
Forensic Analysis of Compromised ComputersDirectory Tree Analysis File Generator is a Practical Extraction and Reporting Language (PERL) script that simplifies and automates the collection of information for forensic analysis of compromised computer systems. During such an analysis, it is sometimes necessary to collect and analyze information about files on a specific directory tree. Directory Tree Analysis File Generator collects information of this type (except information about directories) and writes it to a text file. In particular, the script asks the user for the root of the directory tree to be processed, the name of the output file, and the number of subtree levels to process. The script then processes the directory tree and puts out the aforementioned text file. The format of the text file is designed to enable the submission of the file as input to a spreadsheet program, wherein the forensic analysis is performed. The analysis usually consists of sorting files and examination of such characteristics of files as ownership, time of creation, and time of most recent access, all of which characteristics are among the data included in the text file.
Document ID
20110016845
Acquisition Source
Jet Propulsion Laboratory
Document Type
Other - NASA Tech Brief
Authors
Wolfe, Thomas
(California Inst. of Tech. Pasadena, CA, United States)
Date Acquired
August 25, 2013
Publication Date
June 1, 2004
Publication Information
Publication: NASA Tech Briefs, June 2004
Subject Category
Computer Programming And Software
Report/Patent Number
NPO-40165
Distribution Limits
Public
Copyright
Public Use Permitted.
No Preview Available