University Launches Cyber-Toolkit for Detectives

An American university has launched an ingenious new toolkit that can help detectives catch cyber-criminals. 

The Toolkit for Selective Analysis and Reconstruction of Files (FileTSAR), built by cybersecurity experts at Purdue University, is an all-in-one tool that tracks and reconstructs files and online activity. 

Cleverly, the tool lets law enforcement access data that criminals believe has been safely swept under the digital carpet.

Kathryn Seigfried-Spellar, an associate professor of computer and information technology in the Purdue Polytechnic Institute who helped lead the FileTSAR research team, explained: "FileTSAR allows forensic investigators to capture, selectively analyze and reconstruct files from network traffic.

"The main functions of this tool are capturing data flows and providing a mechanism to selectively reconstruct documents, images, email and VoIP conversations."

So far, over 100 law enforcement agencies from around the globe have requested access to the technology, which is being licensed through the Purdue Research Foundation Office of Technology Commercialization. 

"Knowing that we created an affordable tool that will help law enforcement with their network forensic investigations is incredibly rewarding," Seigfried-Spellar said.

Aside from being a useful tool for digital forensic law enforcement teams tasked with tracking down cyber-criminals, the versatile Purdue toolkit has useful applications for the business world. 

For example, by recovering a company's network traffic, FileTSAR can detect employees who abused technology for their own purposes. It can also identify staff who have acted as insider threats, sending out trade secrets or sabotaging data.

The Purdue team developed its FileTSAR toolkit by collaborating with law enforcement agencies from around the country, including the High Tech Crime Unit of Tippecanoe County, Indiana, which is housed in Purdue’s Discovery Park.

In return for their help, law enforcement agencies were given access to the project for three years. 

The Purdue Research Foundation Office of Technology Commercialization operates one of the most comprehensive technology transfer programs among leading research universities in the US. 

Services provided by this office support the economic development initiatives of Purdue University and benefit the university's academic activities through commercializing, licensing, and protecting Purdue's intellectual property. 

Funding for the project was made available by the National Institute of Justice.

What’s Hot on Infosecurity Magazine?