Understanding performance of digital forensics tools with NMon
Sally DeBauche | BitCurator Consortium
One of the challenges of working with digital forensics tools, especially at the command line, is understanding how they are performing. Typically lacking user friendly status indicators and clear error messages, we often find ourselves wondering if these tools are working optimally or at all. Reporting on the work of Stanford Born Digital Forensic’s Lab Assistant, Sandy Ortiz, we will discuss how to gain insight into the performance of digital forensics tools including Bulk Extractor and Brunnhilde using NMon, a computer performance monitoring system for Linux. Using NMon, Sandy has discovered some useful strategies for interpreting the performance of these command line tools, providing the basis for testing the configurations of these tools in order to improve their performance and shorten processing times.
Read More View PresentationSally DeBauche. (October 24, 2019). Understanding performance of digital forensics tools with NMon. BitCurator Consortium.