Topic
Digital evidence
About: Digital evidence is a research topic. Over the lifetime, 1621 publications have been published within this topic receiving 18476 citations.
Papers published on a yearly basis
Papers
More filters
•
TL;DR: The presented monograph will deliberate the faultlessness-establishing chain procedures in disk forensics, systemForensics, network Forensics, mobile forensics and database forensics so that the products of investigation will be adopted as a leading evidence.
Abstract: Computer Forensics functions by defending the effects and extracting the evidence of the side effects for production at the court. Has the faultlessness of the digital evidence been compromised during the investigation, a critical evidence may be denied or not even be presented at the trial. The presented monograph will deliberate the faultlessness-establishing chain procedures in disk forensics, system forensics, network forensics, mobile forensics and database forensics. Once the faultlessness is established by the methods proposed, the products of investigation will be adopted as a leading evidence. Moreover, the issues and alternatives in the reality of digital investigation are presented along with the actual computer forensics cases, hopefully contributing to the advances in computer digital forensics and the field research of information security.
4 citations
••
TL;DR: The collection of digital evidence must follow certain basic steps in order to be effective and this article introduces the main principles.
Abstract: The collection of digital evidence must follow certain basic steps in order to be effective. This article introduces the main principles.
4 citations
••
04 Jul 2013TL;DR: I-Forensics (LiveDetector & LiveSearch) tools kit is used to explore digital evidence of malware attack in Windows system to produces a standard operation procedure to provide forensic operators a reliable and accountable standard and guideline mechanism.
Abstract: This study intended to improve two common problems of digital evidences: preservation and ease to modified; during preservation, collection, validation, identification, analysis, interpretation, documentation and presentation processes. We used I-Forensics (LiveDetector & LiveSearch) tools kit to explore digital evidence of malware attack in Windows system to produces a standard operation procedure. The main purpose is to provide forensic operators a reliable and accountable standard and guideline mechanism.
4 citations
•
01 Jan 2016
TL;DR: The cloud incident handing framework presented in this thesis draws upon principles and practices from both incident handling and digital forensics, and facilitates the collection of digital evidence, reconstructing of events and establish facts of who, what, when, where, how, and why an incident took place.
Abstract: Cloud computing is increasingly adopted by both individual and organisational users;
thus, ensuring the security and privacy of data stored in the cloud is a crucial
requirement in an organisation‘s business continuity and risk assessment strategies An
incident handling strategy is key to mitigating risks to the confidentiality, integrity and
availability of information assets, particularly those outsourced to the cloud located in
one or more different countries Thus, organisational cloud users may face challenges
or be limited in their capability to handle security incidents (eg security breaches) on
their sites since the infrastructure on which the data resides belongs to the cloud
providers
Surveys were conducted with industry practitioners to identify: (1) the implications of
emerging technologies and its information security threats on the incident handling
practices, and (2) the factors influencing incident handling adoption for organisational
cloud users The results indicated that the current landscape of information security
threats have impacted on their security strategic planning, resulting in practitioners
being more proactive, requiring better tactical tools, and cultivating a culture of
information security The factors identified as having a significant influence on the
adoption were determined using an integration of Situational Awareness and Protection
Motivation Theory Users are more likely to adopt if they are aware of cloud security
and privacy related risks, confident in their capability, understand the benefits, and
understand the impact due to an ineffective strategy
The cloud incident handing framework presented in this thesis draws upon principles
and practices from both incident handling and digital forensics The integration of
digital forensic principles and practices facilitates the collection of digital evidence,
reconstructing of events and establish facts of who, what, when, where, how, and why
an incident took place The framework consists of six phases, namely: Preparation
(integrated with forensic readiness principles); Identification; Assessment (integrated
with forensic collection and analysis practices); Action and Monitoring; Recovery; and
Evaluation (integrated with forensic presentation practices) A feasibility study was
conducted that simulates private cloud storage (ie ownCloud) in a virtual environment
A security information and event management tool was used to demonstrate that each
phase is feasible with significant evidence artefacts can be collected
4 citations
01 Jan 2015
TL;DR: General trends were identified through the research showing that South African digital forensic practitioners often lacked the necessary academic qualifications, training, competency and experience required of a digital forensics practitioner, raising concerns about the quality of digitalForensics practice in South Africa.
Abstract: Recent high profile court trials around the world, including South Africa, have highlighted the importance of forensic science evidence in court. They have also show what can happen when forensic science is handled poorly in court leading to incorrect convictions or acquittals. Most often the problems have been linked to the qualifications, training, competency and experience of the forensic practitioners who examined and analysed the evidence. With digital forensics being recognised as a forensics science and criminal trials such as Casey Anthony and Julia Amero dominated by errors in the digital forensics process attributed to the examiners, it is crucial to understand what the current situation is in South Africa with regards local digital forensic practitioners, so as to identify any strengths or shortcomings which could impact on digital evidence in a court of law. The research focused on understanding the academic qualifications, digital forensics training, competency, and experience of South African digital forensic practitioners. General trends were identified through the research showing that South African digital forensic practitioners often lacked the necessary academic qualifications, training, competency and experience required of a digital forensics practitioner, raising concerns about the quality of digital forensics practice in South Africa. When contrasted against international standards, the research identified areas of improvement, and suggested potential remedial actions to address the situation. Keywords-digital forensics, digital forensic practitioners, digital forensic standards
4 citations