Showing papers on "Digital evidence published in 2003"

Open Source Digital Forensics Tools The Legal Argument 1

Abstract: This paper addresses digital forensic analysis tools and their use in a legal setting. To enter scientific evidence into a United States court, a tool must be reliable and relevant. The reliability of evidence is tested by applying “Daubert” guidelines. To date, there have been few legal challenges to digital evidence, but as the field matures this will likely change. This paper examines the Daubert guidelines and shows that open source tools may more clearly and comprehensively meet the guidelines than closed source tools.

Electronic Signatures in Law

Abstract: Stephen Mason is a leading authority on electronic signatures and electronic evidence, having advised global corporations and governments on these topics. He is also the founder and editor of the international open source journal the Digital Evidence and Electronic Signature Law Review. Stephen is an Associate Research Fellow at the IALS. This fourth edition of the well-established practitioner text sets out what constitutes an electronic signature; the form an electronic signature can take; and discusses the issues relating to evidence – illustrated by analysis of relevant case law and legislation from a wide range of common law and civil law jurisdictions.

Digital evidence: dream and reality

Abstract: Digital evidence is inherently weak. New evidence-gathering technologies-digital black boxes-must be developed and deployed to support investigations of irreproducible events such as digitally signing a document or electronically casting a ballot.

Forensic Computing Theory & Practice: Towards developing a methodology for a standardised approach to Computer misuse

Abstract: The increasing risk and incidence of computer misuse has raised awareness in the public and private sectors of the need to develop defensive and offensive responses. There is now widespread recognition of the importance of specialised forensic computing investigation (FCI) teams able to operate across conventional boundaries of law enforcement and national defence. More specifically, recent research on Australian FCI teams has revealed the critical role of investigative skills alongside digital evidence acquisition and presentation competences. At the level of practice these investigative skills extend beyond a methodical approach, to include case management, critical thinking and sensitivity to the corroborative importance of non-digital evidence. This paper considers the implications of these practical insights for forensic computing theory and presents a matrix for classifying behaviours and types of computer misuse. It also examines the European CTOSE methodology and reflects on how it is re-contextualised by these insights derived from FCI practice. It is anticipated that this paper will contribute towards the development of a standardised and comprehensive forensic approach to computer misuse.

Digital "evidence" and reasonable doubt

Abstract: Unlike conventional analog data, such as a witness's subjective recollection, digital data seems, to the average person, to be endowed with intrinsic and unassailable truth. (Perhaps this is because it takes only one of two unambiguous values.) The truth, in fact, is quite the opposite. Using the right equipment, experts can generally detect tampering with conventional analog data and evidence. Digital data, on the other hand, can be manipulated at will, and depending on the manipulator's sophistication, the alteration can be undetectable, regardless of digital forensics experts' competence and equipment.

The Federal Court, the Music Industry and the Universities: Lessons for Forensic Computing Specialists

Abstract: The recent judgement in the Australian Federal Court case involving the Music Industry and three Australian Universities is disturbing in a number of ways. Aside from the worrying implications of the judgement for individual privacy and data protection, the case has revealed serious flaws in understanding amongst all participants over the nature of digital evidence and how it should best be collected, analysed and presented. In this context, this paper reviews the case from a forensic computing perspective and considers the approaches of the three parties involved – applicants, respondents and federal court judge. The paper also recommends the development of standard framework for forensic investigations and briefly presents the framework proposed by European CTOSE project. The paper concludes by considering the implications of this case for the forensic computing domain.

Digital Forensics: Principles of digital evidence collection

Abstract: The collection of digital evidence must follow certain basic steps in order to be effective. This article introduces the main principles.

Legal Issues for Computer Forensics

Abstract: The adoption of computers into every aspect of modern society has been accompanied by the rise of e-crime. The processes and techniques employed by the field of computer forensics offer huge potential for the extraction and presentation of electronic evidence in a court of law. Yet, the current research that has been conducted in this field is minimal. In this study, current and potential IS legal issues that impact on the computer forensic field are analysed. Due to the field being comprised with aspects of both law and computers this causes much conflict, mainly due to the law’s inability to adapt and evolve as quickly as the computing environment.

The very brief history of digital evidence standards

Abstract: This paper will trace the development of forensic standards from the early efforts of law enforcement officers to its current state. The author will describe the role that national and regional groups have had upon the evolution of forensic practice. A number of current standards will be described as well as some developing ones.