Legal and technical questions of file system reverse engineering

Radina Stoykova*, Rune Nordvik, Munnazzar Ahmed, Katrin Franke, Stefan Axelsson, Fergus Toolan

*Corresponding author for this work

    Research output: Contribution to journalArticleAcademicpeer-review

    3 Citations (Scopus)
    194 Downloads (Pure)

    Abstract

    Reverse engineering of file systems is indispensable for tool testing, accurate evidence acquisition, and correct interpretation of data structures by law enforcement in criminal investigations. This position paper examines emerging techno-legal challenges from the practice of reverse engineering for law enforcement purposes. We demonstrate that this new context creates uncertainties about the legality of tools and methods used for evidence acquisition and the compliance of law enforcement with obligations to protect intellectual property and confidential information. Further identified are gaps between legal provisions and practice related to disclosure and peer-review of sensitive digital forensic methodology, trade secrets in investigations, and governmental vulnerability disclosure. It is demonstrated that reverse engineering of file systems is insufficiently addressed by legislators, which results in a lack of file system interpretation and validation information for law enforcement and their dependence on tools. Outlined are recommendations for further developments of digital forensic regulation.

    Original languageEnglish
    Article number105725
    JournalComputer Law & Security Review
    Volume46
    DOIs
    Publication statusPublished - Sept-2022

    Keywords

    • Criminal procedure
    • Digital Forensics
    • Government Vulnerability Disclosure
    • Intellectual Property
    • Reverse Engineering

    Fingerprint

    Dive into the research topics of 'Legal and technical questions of file system reverse engineering'. Together they form a unique fingerprint.

    Cite this