For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
On Link Density and Network Synchronization in Scale-Free Network
p.2276
ECoG Classification Research Based on Wavelet Variance and Probabilistic Neural Network
p.2280
An Improved AODV Routing Protocol for High Moving VANET
p.2286
Graphics Development of Fractal Tree Based on E-Learning
p.2292
Analysis for HFS+ on Windows Platform and its Application in Computer Forensics
p.2297
The Research which Succeed in Catching the Net Data Pack
p.2302
Research and Application of Web Database Security Technology
p.2306
Research on Key Technologies of Optimal Routing Design in Ad Hoc Networks
p.2312
Software Reliability Assurance Technologies of Information System
p.2316

Analysis for HFS+ on Windows Platform and its Application in Computer Forensics

Article Preview

Abstract:

HFS+ is the main file system of Mac OS. With the popularity of Apple computer, more and more security specialists pay attention to the computer forensics in Mac OS. As computer forensics technology on Windows Platforms is quite mature and can pass the limit of authority, when get the HFS+ disk or mirror from Apple computer, we can achieve data manipulation for further computer forensics through analyzing the file system on Windows platform. This paper proposed an efficient method to analyze HFS+ file system on Windows to build directory structure and get the unallocated space. This work is the important beginning of computer forensics in Mac OS.

You might also be interested in these eBooks
Vehicle, Mechatronics and Information Technologies View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 380-384)

Pages:

2297-2301

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.380-384.2297

Citation:

Cite this paper

Online since:

August 2013

Authors:

Jun Huang

Keywords:

Computer Forensics, File System, HFS+, Mac OS, Window

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2013 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

References

[1] Marin: Data reproduce [M]. Beijing: Tsinghua University Press, (2009).

Google Scholar

[2] Shijian Dai: Technology of data recovery [M]. Beijing: Electronic Industry Press, (2005).

Google Scholar

[3] Jin jin: Forensics and Analysis of Apple Computer System [J]. China information security, Vol(2011), P. 13-14.

Google Scholar

[4] Apple. Technical note TN1150: HFS plus volume format. http: /developer. apple. com/mac/library/technotes/tn/tn1150. html.

Google Scholar

[5] Laurent Marteau: Mac OS X & security-an overview [J]. Network Security, Vol (2005), P. 11-13.

DOI: 10.1016/s1353-4858(05)70236-1

Google Scholar

[6] Aaron Burghardt, Adam J. Feldman: Using the HFS+ journal for deleted file recovery [J]. Digital Investigation, Vol. 5(2008), P. 76-82.

DOI: 10.1016/j.diin.2008.05.013

Google Scholar

[7] Bugen Huang: Analysis of traces on storage media by file operation for NTFS file system [J]. Computer Engineering, Vol. 33(2007), P. 281-283.

Google Scholar

[8] Bruce Eckel, Chuck Allison: Thinking in C++ [M]. Beijing: Electronic Industry Press, (2011).

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.