Award Information
Agency: Department of Homeland Security
Branch: N/A
Contract: HSHQDC-12-C-00082
Agency Tracking Number: DHS SBIR-2012.2-H-SB012.2-001-0001-I
Amount: $99,905.88
Phase: Phase I
Program: SBIR
Awards Year: 2012
Solicitation Year: 2012
Solicitation Topic Code: H-SB012.2-001
Solicitation Number: DHS SBIR-2012.2
Small Business Information
33 Thornwood Drive, Suite 500, Ithaca, NY, 14850-1280
DUNS: 101321479
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Judson Powers
 (607) 257-1975
Business Contact
 Richard Smith
Title: Controller
Phone: (607) 257-1975
Research Institution
Solid-state storage media, particularly solid-state drives (SSDs), present new challenges to forensic investigation that need to be addressed. The low-level behavior of these drives is dramatically different than for mechanical hard disk drives-including what low-level data is available, how that data is obtained, and how that data is interpreted. Interpreting low-level data is a useful tool in computer forensics, but disk forensics tools and techniques have not yet adapted to accommodate solid-state drives. The fundamental problem is that there is a layer of hardware logic between the computer and the raw flash storage that is difficult to bypass. To improve the analysis of SSDs in computer forensics, forensic analysts must be able to acquire data from as low a level as possible and must have tools and techniques available to properly interpret and analyze data acquired from SSDs. To address this need, ATC-NY will develop Arden, a collection of tools and techniques to acquire low-level SSD data and perform forensic analysis of both high-level and low-level data acquired from SSDs. We will develop and test techniques that obtain access to low-level device data over the peripheral bus, over debug ports, and through device reprogramming. Using Arden, a computer forensic analyst can easily acquire a forensic image of a solid-state drive; obtain SSD-specific evidence, such as hidden data; and then analyze the forensic image using existing analysis tools, such as EnCase or FTK. ATC-NY will release Arden as open-source software.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government