At the 2010 CSI Challenge, we will be including a component in Computer Forensics. This component of the CSI Challenge will enhance your learning experience and will add another life-like component to your investigation.
During your investigation, you will encounter some type of "digital evidence." Your work in collecting, documenting and analyzing this evidence will be scored as part of the evaluation process.
For purposes of the competition, any evidence you acquire will be in a "read only" format. This means that the process of taking the evidence and putting it into a "bit-for-bit image," if necessary, will already have been done for you. Any "digital evidence" you acquire at the competition will only require that you add the evidence to your case and analyze it. You will not have to create your own "bit-for-bit image."
We have taken this step for purposes of simplifying your tasks and making sure that all data analyzed is consistent across the competition.

As you analyze digital evidence, you will want to document any findings that are significant for your investigation. These might include "guilty knowledge," or any evidence found (files, snippets of information, etc), as well as any irregularities or "unusual findings" about the files or disk. Examples might include deleted or altered files, or files which have been renamed in order to hide information from the police.
Your conclusions must be written in clear, concise English as they will be part of your final evaluation at the CSI Challenge.

You are directed to review the material below. The "Tools" section contains the information necessary to download the two (2) programs you will be working with.

These programs are FTK (Forensic Tool Kit) and S-Tools. Demonstration files you can use to practice are also included.

The "Tutorials" section contains an instructional PowerPoint and movies that are screen-by-screen tutorial lessons with voice-overs and color-keyed mouse click prompts, showing how to use these two programs. You will need to have a computer with speakers or headphones to listen to the audio on the movies. The movies are very helpful.

If you have any difficulty, please e-mail our Computer Forensics expert, Professor Malinowski, at cmalinow@liu.edu. Make sure that the subject reads "CSI Challenge Help." Please extend every courtesy to Professor Malinowski as he has been very generous in sharing his expertise to add this exciting component to the CSI Challenge. Click the links below for tools and tutorials.

• Tools link page.
• Tutorials link page.

Thank you,

The CSI Challenge Team

Technical Questions about Computer Forensics are directed to Professor Malinowski at cmalinow@liu.edu.
General Questions to David Scott at csichallenge@aol.com .