To keep up with the size of storage devices, speeds of network connections and amount of digital devices in use, digital forensic investigations rely heavily on high performance custom software applications to perform large parts of analyses. However, the continuous introduction of new consumer applications and devices along with
regularly encountered variants of data storage formats requires forensic software to be exceptionally flexible and adaptable.
To realize these requirements, using domain-specific languages to raise the level of abstraction and separate different concerns in the domain is a viable approach. Additionally, model-driven engineering may enable additional capabilities such as reuse of models, deep application integration and extensive optimizations.
Investigating these requirements and capabilities requires analysis, design and implementation of systems employing these techniques, evaluation comparing existing systems to these alternative solutions and the development of innovative tools and techniques.
- Prof. Dr. Paul Klint (project leader)
- Dr. Tijs van der Storm
- Drs. ing. Jeroen van den Bos (PhD student)
- Jeroen van den Bos and Tijs van der Storm. A Case Study in Evidence-Based DSL Evolution, in: Proceedings of 9th European Conference on Modelling Foundations and Applications (ECMFA’13), volume 7949 of Lecture Notes in Computer Science, pages 207–219. Springer, 2013 (Experimental data: https://github.com/jvdb/derric-eval).
- Jeroen van den Bos and Tijs van der Storm. TRINITY: An IDE for The Matrix, in: Proceedings of the 29th IEEE International Conference on Software Maintenance (ICSM’13). IEEE, 2013 (tool paper).
- Jeroen van den Bos and Tijs van der Storm, Domain-Specific Optimization in Digital Forensics, in: Proceedings of the 5th International Conference on Model Transformation (ICMT'12), 2012
- L. Aronson, J. van den Bos. Towards an Engineering Approach to File Carver Construction. 2011 IEEE 35th Annual Computer Software and Applications Conference Workshops, Munich, Germany, 368–373, 2011.
- Jeroen van den Bos and Tijs van der Storm, Bringing Domain-Specific Languages to Digital Forensics, in: Proceedings of the 33rd International Conference on Software Engineering (ICSE'11), Software Engineering in Practice, ACM, 2011.
- Derric: a DSL for file recovery tools in digital forensics https://github.com/jvdb/derric
- Trinity: a data-driven debugger for Derric https://github.com/jvdb/trinity