COMPARATIVE ANALYSIS OF FORENSIC TOOLS: ENCASE AND FTK IMAGER

Disk forensics is an essential area of information security aimed at examining digital storage devices to identify, recover, and analyze data relevant to investigations. This study focuses on the functionality and performance of modern tools for disk forensics analysis, with a primary emphasis on comparing the capabilities of programs such as EnCase and FTK Imager used in this field.

The research includes an overview of existing methods and technologies underlying forensic tools, including the search for deleted files, recovery of file systems, metadata analysis, and detection of artifacts indicating traces of user activity. In addition to functional capabilities, the study evaluates the performance of the software, including data processing speed, the range of supported file formats, and the efficiency of handling large volumes of information.

Special attention is paid to quality assessment criteria for the tools, such as data recovery accuracy, user interface, and support for task automation.

The results of the study may be valuable for professionals in cybersecurity, forensic investigation, and IT administration, as well as for students and researchers studying digital forensics. The work aims to enhance understanding of the capabilities and limitations of modern disk analysis tools, facilitating the selection of optimal solutions for specific tasks.

1. Digital forensics in investigations and the growing data burden / S. Barrett et al // Herbert Smith Freehills, 2020. – URL: https://www.herbertsmithfreehills.com/insights/2020-07/digital-forensics-ininvestigations-and-the-growing-data-burden.

2. IBM Security. Cost of a Data Breach Report 2024. – IBM, 2024. – URL: https://ibm.com/.

3. Association of Certified Fraud Examiners. Occupational Fraud 2022: A Report to the Nations. – ACFE, 2022. – URL: https://acfe.com/.

4. Cybersecurity Ventures. Cybercrime To Cost The World $10.5 Trillion Annually By 2025. – Cybersecurity Ventures, 2021. – URL: https://cybersecurityventures.com/.

5. Abdulkadir A. The Evaluation of EnCase and FTK Forensic Tools for Effective Evidence Extraction / A. Abdulkadir, A. Ahmad, B. Ja'afar // Global Scientific Journal. – 2021. – Vol. 9, Issue 3. URL: https://www.globalscientificjournal.com/.

6. EnCase Forensic. – OpenText, 2021. – URL: https://www.opentext.com/.

7. Forensic Toolkit (FTK). – AccessData, 2021. – URL: https://accessdata.com./

8. National Institute of Standards and Technology (NIST). Guide to Integrating Forensic Techniques into Incident Response. – NIST, 2020. – URL: https://www.nist.gov/.

9. Shinde P. Cybersecurity and Digital Forensics: A Survey on Tools and Techniques / P. Shinde, M. Gawali // International Journal of Computer Applications. – 2021. – Vol. 175, № 13. URL: https://www.ijcaonline.org/.

10. SANS Institute. Digital Forensics and Incident Response: Challenges and Tools. – SANS, 2021. – URL: https://www.sans.org/.