[DFSci] AFF4 Standard v1.0 Released

Baker, Dave bakerd at mitre.org
Thu Mar 30 06:10:30 PDT 2017 

I saw this on another list and thought it appropriate for this 
one.
--------------------------------------------------------
AFF4 Standard v1.0 Released

Today marks the release of the Advanced Forensic Format 4 (AFF4) 
Standard v1.0. 

Originally proposed in 2009 by Michael Cohen, Simson Garfinkel, and 
Bradley Schatz, the AFF4 forensic container enables new approaches 
to forensics, unparalleled forensic acquisition speeds and more 
accurate representation of evidence. These are enabled through 
next-generation forensic image features such as storage 
virtualisation, arbitrary metadata, and partial, non-linear and 
discontiguous images. The standard is the culmination of research 
spanning 8 years and 4 scientifically peer reviewed papers.

Bradley Schatz (Evimetry) and Michael Cohen (Google) have 
collaborated to make freely available:
*      a set of canonical reference images which serve as ground 
truth for the format [1]; and
*      an explanatory specification document describing the format 
in detail [2]; and
*      a Python reference implementation capable of reading the 
format [3].

This release of a standard specification for the file format is a 
milestone towards the wider adoption of the format, providing 
implementers an unambiguous and straightforward path to 
implementation. The release of the AFF4 Standard coincides with the 
limited release of Evimetry Community Edition, a freely licensed 
subset of the AFF4 based forensic tool, and in the coming days, a 
C++ implementation and patches to the Sleuth Kit, and support for 
Volatility and Rekall.

Implementers and interested parties are invited to join the AFF4 
Working Group mailing list [4], and/or contact Bradley Schatz or 
Michael Cohen. 

Contact:
Bradley Schatz ( bradley at evimetry.com <mailto:bradley at evimetry.com>  )
Michael Cohen (scudette at google.com <mailto:scudette at google.com>  ) 

 [1] https://github.com/aff4/ReferenceImages 
 [2] https://github.com/aff4/Standard 
 [3] https://github.com/google/aff4/tree/master/pyaff4 
 [4] https://groups.google.com/d/forum/aff4-wg
--------------------------------------------------------

 --------------------------------------------------------------------
 David W. Baker                                      bakerd at mitre.org
 Senior Principal Cyber Security Engineer           (V)-(703)983-3658
 Cyber Security Division                            (F)-(703)983-1002
 The MITRE Corporation                              
 Mailstop T240, 7515 Colshire Drive                 McLean, VA, 22102
 --------------------------------------------------------------------

More information about the DFSci mailing list