Forensic-Tool Development with Rust

Within the framework of this study the suitability of the Rust ecosystem for forensic tool development was evaluated. As case study, the tool Strings­ext was developed. Starting from analysing the specific requirements of forensic software in general and those of the present case study, all stages of the software development life-cycle have been executed, up to the first production release. Strings­ext is a reimplementation and enhancement of the GNU-strings tool, a widely used program in forensic investigations. Strings­ext recognizes Cyrillic, CJKV characters and other scripts in all supported multi-byte-encodings while GNU-strings fails in finding these in UTF-16 and other encodings.

During the case study it has become apparent that the Rust ecosystem provides good support for secure coding principles and unit testing. Furthermore, the benchmarks showed a satisfactory performance of the resulting Strings­ext binaries comparable to the original C version.

Read the thesis online or download the pdf-rendition.

The presentation slides are available as html or as pdf-rendition.

Comments

comments powered by Disqus