Welcome To digitalforensics.ch

Bruce Nikkel's Computer Forensics Homepage

A little about me:

I head the Cyber-Crime / IT investigation and forensics team at a global financial institution based in Switzerland. I have a PhD in the field of network forensics and have specialized in computer security since 1996. My research interests are in various areas of digital forensics and information security.

Any feedback or comments on this site or its content are welcome. Email me at nikkel@digitalforensics.ch

My Public Work

Practical Forensic Imaging: Securing Digital Evidence with Linux Tools
The publisher's book page: No Starch Press
[Release pending: September 2016]
ISBN: 978-1-59327-793-2



NVM Express Drives and Digital Forensics
Digital Investigation, The International Journal of Digital Forensics and Incident Response, Vol 16, No 1 (March 2016)
The original version published by Elsevier can be found here: doi:10.1016/j.diin.2016.01.001
My current version can be found here: PDF


Fostering incident response and digital forensics research
Digital Investigation, The International Journal of Digital Forensics and Incident Response, Vol 11, No 4 (December 2014)
The original version published by Elsevier can be found here: doi:10.1016/j.diin.2014.09.004
My current version can be found here: PDF


Corporate IT Forensics in the New Decade
Presented at the InfoSecurity Summit in Hong Kong, March 2010
Presented at an intellectual property workshop in Zurich, April 2010
Slides are here: PDF


Forensic analysis of GPT disks and GUID partition tables
Digital Investigation, The International Journal of Digital Forensics and Incident Response, Vol 6, No 1-2 (Sept 2009)
The original version published by Elsevier can be found here: doi:10.1016/j.diin.2009.07.001
My current version can be found here: PDF


Practical Computer Forensics using Open Source Tools
Presented to /ch/open, the Swiss Open Systems User Group
Technopark, Zurich, June 12, 2008
(Intended for Unix/Linux experts learning forensics)
Slides are here: PDF


An introduction to investigating IPv6 networks
Digital Investigation, The International Journal of Digital Forensics and Incident Response, Vol 4, No 2 (July 2007)
The original version published by Elsevier can be found here: doi:10.1016/j.diin.2007.06.001
(DI Journal's top downloaded paper in 2007!)
My current version can be found here: PDF


A portable network forensic evidence collector
Digital Investigation, The International Journal of Digital Forensics and Incident Response, Vol 3, No 3 (Oct 2006)
The original version published by Elsevier can be found here: doi:10.1016/j.diin.2006.08.012
My current version can be found here: PDF


Improving evidence acquisition from live network sources
Digital Investigation, The International Journal of Digital Forensics and Incident Response, Vol 3, No 2 (May 2006)
The original version published by Elsevier can be found here: doi:10.1016/j.diin.2006.05.002
My current version can be found here: PDF


The Role of Digital Forensics within a Corporate Organization
Presented to a banking security group in Vienna, May 2006
A condensed version of these slides was presented to the Gartner IT Security Summit in London, Sept 2006
Slides are here: PDF


Digital Forensics using Linux and Open Source Tools
Seminar given at Cranfield University on Sept 26, 2005
(Intended for forensics experts learning Unix/Linux)
Slides are here: PDF
(White) (2/page) (4/page) (6/page)


Generalizing sources of live network evidence
Digital Investigation, The International Journal of Digital Forensics and Incident Response, Vol 2, No 3 (September 2005)
The original version published by Elsevier can be found here: doi:10.1016/j.diin.2005.08.001
My current version can be found here: PDF


Forensic acquisition and analysis of magnetic tapes
Digital Investigation, The International Journal of Digital Forensics and Incident Response, Vol 2, No 1 (February 2005)
The original version published by Elsevier can be found here: doi:10.1016/j.diin.2005.01.007
My current version can be found here: PDF (includes several technical corrections)


Domain Name Forensics: A Systematic Approach to Investigating an Internet Presence
Digital Investigation, The International Journal of Digital Forensics and Incident Response, Vol 1, No 4 (November 2004)
The original version published by Elsevier can be found here: doi:10.1016/j.diin.2004.10.001
My current version can be found here: PDF

Disclaimer: This is a personal site and it is not affiliated with my employer.