scispace - formally typeset
Search or ask a question
Topic

Digital evidence

About: Digital evidence is a research topic. Over the lifetime, 1621 publications have been published within this topic receiving 18476 citations.


Papers
More filters
Journal ArticleDOI
TL;DR: A comparative evaluation of the suitability of different formats for digital evidence storage and exchange by evaluating them against a set of evaluation criteria is performed.

9 citations

Book ChapterDOI
01 Jan 2010
TL;DR: This chapter describes the Open Computer Forensics Architecture (OCFA), an automated system that dissects complex file types, extracts metadata from files and ultimately creates indexes on forensic images of seized computers.
Abstract: This chapter describes the Open Computer Forensics Architecture (OCFA), an automated system that dissects complex file types, extracts metadata from files and ultimately creates indexes on forensic images of seized computers. It consists of a set of collaborating processes, called modules. Each module is specialized in processing a certain file type. When it receives a so called ’evidence’, the information that has been extracted so far about the file together with the actual data, it either adds new information about the file or uses the file to derive a new ’evidence’. All evidence, original and derived, is sent to a router after being processed by a particular module. The router decides which module should process the evidence next, based upon the metadata associated with the evidence. Thus the OCFA system can recursively process images until from every compound file the embedded files, if any, are extracted, all information that the system can derive, has been derived and all extracted text is indexed. Compound files include, but are not limited to, archive- and zip-files, disk images, text documents of various formats and, for example, mailboxes. The output of an OCFA run is a repository full of derived files, a database containing all extracted information about the files and an index which can be used when searching. This is presented in a web interface. Moreover, processed data is easily fed to third party software for further analysis or to be used in data mining or text mining-tools. The main advantages of the OCFA system are: 1. Scalability, it is able to process large amounts of data. 2. Extendable, it is easy to develop and plug in custom modules. 3. Open, the output is well suited to be used as input for other systems. 4. Analysts and tactical investigators may search the evidence without the constant intervention of digital investigators.

9 citations

Proceedings ArticleDOI
02 Apr 2010
TL;DR: The frame model of computer forensics is presented, the source of digital evidence is analyzed, and the key technologies and approaches to ensure the security of digitalevidence respectively are discussed.
Abstract: Computer Forensics is a research hot topic in the field of computer security with the recent increases in illegal accesses to computer system. According to the procedure of computer forensics, this paper presents the frame model of computer forensics, analyses the source of digital evidence. Because of digital feature, it is especially critical to how to secure the protection of digital evidence and make computer forensics have legal recognition of ability. From the computer evidence collection phase, transmission phase and the storage stage, this paper discusses the key technologies and approaches to ensure the security of digital evidence respectively. Through the guidance of the frame model and the security guarantee to each stage of computer forensics, the evidence would eventually be provided to the court.

8 citations

Journal ArticleDOI
TL;DR: The findings revealed a gap between the Judges and issues on computer forensics which if not looked at may create problems in relation to the influx of computer related crimes.
Abstract: era of Technological age also called digital age, most transactions are conducted electronically. This modern-day paradigm makes way for the possibility of harmful unanticipated information security breaches of both civil and criminal nature. However, there is a tremendous knowledge gap in the legal system concerning computer/digital forensics with respect to digital evidence. Courtroom and Legal issues relevant to computer/digital forensics are extensive and differs with respect to procedural evidence rules that ensure reliability of the evidence so produced in the court of law for fair adjudication. Electronic evidence is very fundamental to the successful handling of cases related to such information security breaches. This paper on the impact of awareness and understanding of computer/digital forensics in the Ghana Legal System especially Judges, with regards to the electronic evidence, laws and jurisprudence covered twenty (20) superior Judges. The findings revealed a gap between the Judges and issues on computer forensics which if not looked at may create problems in relation to the influx of computer related crimes.

8 citations

Journal ArticleDOI
TL;DR: Research is performed on the examination ability of two mobile forensic tools that commonly used, Oxygen and MOBILedit, in an examination of digital evidence from LINE messenger application, which has its ability to examine digital evidence and can be used based on the examiner’s needs.
Abstract: During the last decade, the number of Android smartphone users has been increased rapidly. Cybercrime is also increasing since internet was established. Instant messenger is one of internetbased application that become a new media for cybercrime. Attempts to against cybercrime can be seen from the number of forensic tools. The problem is forensic tools for mobile device available today are not completely forensically sound. Examination of digital evidence on the forensic tool is one thing offered by many vendors. However, the forensic tools have various ways of examination. This paper performed research on the examination ability of two mobile forensic tools that commonly used, Oxygen and MOBILedit, in an examination of digital evidence from LINE messenger application. Both forensic tools have its ability to examine digital evidence and can be used based on the examiner’s needs. In this experiment, both forensic tools were assessed qualitatively based on a case study.

8 citations


Network Information
Related Topics (5)
Information privacy
25.4K papers, 579.6K citations
78% related
Cloud computing security
27.1K papers, 511.8K citations
77% related
Authentication
74.7K papers, 867.1K citations
77% related
Intrusion detection system
28.4K papers, 509.5K citations
76% related
Public-key cryptography
27.2K papers, 547.7K citations
75% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
20241
202387
2022206
202187
2020116
2019111