DIGITAL FORENSIC:A PANACEA FOR EVIDENCE PRESERVATION (original) (raw)

Abstract

Digital Forensic is the preservation, identification, recovery, documentation, analysis, and interpretation of digital evidence. Digital evidences are electronically stored records, facts, signs, information of probative value that shows clearly that an event occurred or that a crime has been committed. Preservation of Digital Evidence is the crux of Digital Forensics. As such, it must be handled in a way to ensure that it is promptly identified, preserved, collected, examined, analyzed and documented appropriately so that it is evidently weighty, authentic, reliable, believable, complete and that it passes the test of legal admissibility. Evidence Preservation is being constantly plagued with issues needed to be technically, administratively and legally resolved. Of which is, the rate of standardization of Digital Forensics Processes, particularly evidence preservation, by International standardizing bodies is slower than the challenges and continuously evolving digital technology. Consequently, Proactive, Sustained and Non-fragmented Research and Practitioner Communities must be established, where they do not exist and also supported by national and regional standardization organizations, to see to faster and up-to-date solutions. Such communities have greatly helped to sustain continuous growth and standardization in other fields such as software engineering, web frameworks, and mobile technology. A consolidated framework, the Enhanced Generic Digital Forensic Investigation Model (EGDFIM), is proposed in this work.

Loading...

Loading Preview

Sorry, preview is currently unavailable. You can download the paper by clicking the button above.

References (54)

  1. Readiness Phases... ................................................
  2. 2.4.2 Deployment Phases... ............................................
  3. Traceback Phases... ...............................................
  4. Dynamite Phases... ................................................
  5. 2.4.5 Review Phases... ....................................................
  6. 2.5 Abstract Digital Forensics Model (ADFM) .......................
  7. 2.6 Digital Forensic Model based on Malaysian Investigation Process…..26
  8. 2.7 Scientific Crime Scene Investigation Model ......................
  9. 2.8 End to End Digital Investigation ........................................
  10. 9 Extended Model of Cybercrime Investigation ....................
  11. 2.10 A HOB Framework for the Digital Investigations Process…....29
  12. 2.11 Framework for a Digital Forensic Investigation ...............
  13. 2.12 Computer Forensics Field Triage Process Model ............
  14. 2.13 Common Process Model for Incident and Computer Forensics ……31
  15. 2.14 Dual Data Analysis Process .............................................
  16. 2.15 Network Forensic Generic Process Model .......................
  17. 3 Identifying the Common Phases of the Models ................................
  18. 4 Generic Computer Forensic Investigation Model (GCFIM) .............
  19. Literature Summary ........................................................................... CHAPTER THREE: RESEARCH METHODOLOGY ...............................
  20. Ademu, I. O., Imafidon, C. O., & Preston, D. S. (2011). A new approach of digital forensic model for digital forensic investigation. IJACSA) International Journal of Advanced Computer Science and Applications, 2(12).
  21. Baryamureeba, V., & Tushabe, F. (2004). The enhanced digital investigation process model. Paper presented at the Proceedings of the Fourth Digital Forensic Research Workshop.
  22. Beebe, N. (2009). Digital forensic research: The good, the bad and the unaddressed Advances in digital forensics V (pp. 17-36): Springer.
  23. Beebe, N. L., & Clark, J. G. (2005). A hierarchical, objectives-based framework for the digital investigations process. Digital Investigation, 2(2), 147-167.
  24. Carrier, B., & Spafford, E. H. (2003). Getting physical with the digital investigation process. International Journal of Digital Evidence, 2(2), 1-20.
  25. Casey, E. (2009). Handbook of digital forensics and investigation: Academic Press.
  26. Ciardhuain, S. (2011). An extended model of cybercrime investigation Accessed on 20th October 2011 Available(online): www. ijde. org/citeseerx. ist. psu. edu/viewdoc/download? doi= 10.1. 1.80. A ccessed on 11th August.
  27. Corbin, J., & Strauss, A. (2008). Basics of qualitative research: Techniques and procedures for developing grounded theory: Sage.
  28. Crim, J. (2006). Digital Forensics: Tools & Identification Retrieved July, 2013, from http://www.vascan.org/webdocs/06confdocs/Day1-TechnicalTrack- DONE/CrimJesseDigital%20Forensics.pdf
  29. Freiling, F. C., & Schwittay, B. (2007). A Common Process Model for Incident Response and Computer Forensics. IMF, 7, 19-40.
  30. Garfinkel, S. L. (2010). Digital forensics research: The next 10 years. Digital Investigation, 7, S64-S73.
  31. Gingrande, A. (2013). The Long-term Preservation of Digital Evidence. Retrieved July, 2014, from http://www.cnblogs.com/ysun/archive/2013/04/09/3010345.html
  32. Ieong, R. S. C. (2006). FORZA -Digital forensics investigation framework that incorporate legal issues. ELSEVIER(3 S ( 2 0 0 6 )), S 2 9 -S 3 6.
  33. Järvinen, P. J. (2004). Annikki (2004) Tutkimustyön metodeista. Opinpajan kirja, Tampere.
  34. John, J. L. (2012). Digital Forensics and Preservation. Digital Preservation Coalition.
  35. Kaur, R., & Kaur, A. (2012). Digital forensics. International Journal of Computer Applications, 50(5), 5-9.
  36. Kelleher, K. (2010). Grounded Theory Research Tutorial. Retrieved September, 2013, from http://researchcenter.waldenu.edu/Documents/Grounded\_Full\_Captions.pdf
  37. Köhn, M., Olivier, M. S., & Eloff, J. H. (2006). Framework for a Digital Forensic Investigation. Paper presented at the ISSA.
  38. Losavio, M. (2010). What Is Digital Evidence:The Forms, Loci And Metadata Of Electronic Evidence. THE SCIENCE OF DIGITAL FORENSICS, 5.
  39. Mäkelä, M. M., & Turcan , R. V. (2007). Building Grounded Theory in Entrepreneurship Research: Edward Elgar Publishing.
  40. Murphy, J. (2006). Forensic readiness. Dexisive, Accessed, 201003(06). NIJ. (2010). Digital Evidence Analysis Tools. Retrieved July, 2014, from http://www.nij.gov/nij/topics/forensics/evidence/digital/analysis/welcome.htm
  41. Nikkel, B. J. (2006). The role of digital forensics within a corporate organization. Paper presented at the May 2006, IBSA Conference, Vienna.
  42. Palmer, G. (2001). A road map for digital forensics research-report from the first Digital Forensics Research Workshop (DFRWS). Utica, New York.
  43. Perumal, S. (2009). Digital forensic model based on Malaysian investigation process. International Journal of Computer Science and Network Security, 9(8), 38-44.
  44. Pollitt, M. M. (1995). Computer Forensics: An Approach to Evidence in Cyberspace. Paper presented at the National Information Systems Security Conference, Baltimore,USA.
  45. Pollitt, M. M. (2007). An ad hoc review of digital forensic models. Paper presented at the Systematic Approaches to Digital Forensic Engineering, 2007. SADFE 2007. Second International Workshop on.
  46. Reith, M., Carr, C., & Gunsch, G. (2002a). An examination of digital forensic models. International Journal of Digital Evidence, 1(3), 1-12.
  47. Reith, M., Carr, C., & Gunsch, G. (2002b). An Examination of Digital Forensic Models International Journal of Digital Evidence, Fall 2002: Volume.
  48. Remenyi, D. (1998). Doing research in business and management: an introduction to process and method: Sage.
  49. Rogers, M. K., Goldman, J., Mislan, R., Wedge, T., & Debrota, S. (2006). Computer forensics field triage process model. Journal of Digital Forensics, Security and Law, 1(2), 19-37.
  50. Sommer, P. (2012). Digital Evidence, Digital Investigations and E-Disclosure: A Guide to Forensic Readiness for Organisations, Security Adviders and Lawyers. Information Security Guide.
  51. Strauss, A., & Corbin, J. M. (1990). Basics of qualitative research: Grounded theory procedures and techniques: Sage Publications, Inc.
  52. Vacca, J. R. (2005). Computer Forensics: Computer Crime Scene Investigation (Networking Series)(Networking Series): Charles River Media, Inc.
  53. Walker, C. (2007). Computer forensics: bringing the evidence to court. Online: http://www. infosecwriters. com/text_resources/pdf/Com puter_Forensics_to_Court. pdf as on, 12. Wikipedia. (2014). Forensic Science. Retrieved 4 April, 2014, from http://en.wikipedia.org/wiki/Forensic\_science
  54. Yusoff, Y., Ismail, R., & Hassan, Z. (2011). Common phases of computer forensics investigation models. International Journal of Computer Science & Information Technology (IJCSIT), 3(3), 17-31.