scispace - formally typeset
Search or ask a question
Topic

Digital evidence

About: Digital evidence is a research topic. Over the lifetime, 1621 publications have been published within this topic receiving 18476 citations.


Papers
More filters
Proceedings ArticleDOI
21 Oct 2013
TL;DR: These guidelines will significantly help to properly and consistently implement digital forensic readiness measures in different organisations in a bid to achieve higher admissibility of digital evidence in a court of law, as well as more efficient and effective digital forensic investigations.
Abstract: Digital forensic investigation readiness enables an organisation to prepare itself in order to perform a digital forensic investigation in a more efficient and effective manner. Benefits of achieving a high level of digital forensic investigation readiness include, but are not limited to, higher admissibility of digital evidence in a court of law, better utilisation of resources (including time and financial resources) and higher awareness of forensic investigation readiness. The problem that this paper addresses is that there is no harmonised digital forensic investigation readiness process model with appropriate implementation guidelines and, thus, there is a lack of an effective and standardised implementation of digital forensic investigation readiness measures within organisations. Valjarevic and Venter have, in their previous work, proposed a harmonised digital forensic investigation readiness process model. This paper proposes implementation guidelines for such a harmonised digital forensic investigation process model in order to help practitioners and researchers to successfully implement the proposed model. The authors believe that these guidelines will significantly help to properly and consistently implement digital forensic readiness measures in different organisations in a bid to achieve higher admissibility of digital evidence in a court of law, as well as more efficient and effective digital forensic investigations.

17 citations

Proceedings ArticleDOI
25 Apr 2011
TL;DR: The work presented deals with the evaluation of these security methods in order to study and understand their “goodness” and suitability to protect the integrity of the digital evidence.
Abstract: The omnipresence of e-services running on various instances of pervasive e-infrastructures that are fundamental to the contemporary information society generates an abundance of digital evidence. The evidence in a digital form stems from a myriad of sources ranging from stand alone computers and their volatile and non-volatile storages, to mobile small scale digital devices, network traffic, ever-present applications comprising social networks, ISP records, logs, Web pages, databases and both global and local information systems. The acquisition and the analysis of this evidence is crucial to understanding and functioning of the digital world, regardless of the positive or negative implications of the actions and the activities that generated the evidence. In the case of the later, when the evidence comes from illegal, illicit and malicious activities, the protection of digital evidence is of major concern for the law enforcement and legal institutions, namely for investigators and prosecutors. To protect the integrity of the digital evidence, a number of security methods are used. These methods differ in terms of performance, accuracy, security levels, computational complexity, potential errors and the statistical admissibility of the produced results, as well as the vulnerabilities to accidental or malicious modifications. The work presented deals with the evaluation of these security methods in order to study and understand their “goodness” and suitability to protect the integrity of the digital evidence. The immediate outcome of the evaluation is a set of recommendations to be considered for selecting the right algorithm to protect integrity of the digital evidence in general.

17 citations

Journal ArticleDOI
TL;DR: This paper proposes a model that is formal in that it can enable the digital forensic practitioners in following a uniform approach when carrying out investigations and that is generic in thatIt can be applied in the different environments of digital forensics.
Abstract: A formal process model is needed to enable digital forensic practitioners in following a uniform approach and to enable courts of law in determining the reliability of digital evidence presented to them. Such a model also needs to be generic in that it can be applicable in the different fields of digital forensics including law enforcement, corporates and incident response. There does not currently exist such a comprehensive process model that is both formal and generic. To address these shortcomings, this paper proposes a model that is formal in that it can enable the digital forensic practitioners in following a uniform approach when carrying out investigations and that is generic in that it can be applied in the different environments of digital forensics.

17 citations

Book
22 Nov 2004
TL;DR: From collecting actionable evidence, re-creating the criminal timeline, and zeroing in on a suspect to uncovering obscured and deleted code, unlocking encrypted files, and preparing lawful affidavits is here.
Abstract: Investigate computer crime, corporate malfeasance, and hacker break-ins quickly and effectively with help from this practical and comprehensive resource. You’ll get expert information on crucial procedures to successfully prosecute violators while avoiding the pitfalls of illicit searches, privacy violations, and illegally obtained evidence. It’s all here--from collecting actionable evidence, re-creating the criminal timeline, and zeroing in on a suspect to uncovering obscured and deleted code, unlocking encrypted files, and preparing lawful affidavits. Plus, you’ll get in-depth coverage of the latest PDA and cell phone investigation techniques and real-world case studies. Table of contents Part I: Preparing for an IncidentChapter 1: The Forensics Process Chapter 2: Computer Fundamentals Chapter 3: Forensic Lab Environment PreparationPart II: Collecting the EvidenceChapter 4: Forensically Sound Evidence Collection Chapter 5: Remote Investigations and CollectionsPart III: Forensic Investigation TechniquesChapter 6: Microsoft Windows Systems Analysis Chapter 7: Linux AnalysisChapter 8: Macintosh AnalysisChapter 9: Defeating Anti-Forensic TechniquesChapter 10: Enterprise Storage AnalysisChapter 11: E-mail AnalysisChapter 12: Tracking User ActivityChapter 13: Cell Phone and PDA AnalysisPart IV: Presenting Your FindingsChapter 14: Documenting the InvestigationChapter 15: The Justice SystemPart V: AppendixesAppendix A: Forensic Forms and ChecklistsAppendix B: Understanding Legal ConcernsAppendix C: The Digital Evidence Legal ProcessAppendix D: Searching TechniquesAppendix E: The Investigator’s ToolkitGlossary

16 citations

Book ChapterDOI
22 Aug 2011
TL;DR: Starting from digital evidence left on the computer system, this research suggests an analytic methodology useful to draw a compatible user digital profile in conjunctions to the evidenceleft on the system.
Abstract: Nowadays investigations have become more difficult than in the past. It is already clear that, in modern crime scene, a vast amount of evidence are in the electronic or digital form and that the computer system or network have a paramount role in researching of indicators and evidence. The correct analysis of log file and the data saved in the system memory, in this new scenario, are crucial for understanding the criminal actions. Moreover, in order to transform these new elements in evidence, it is important, as well, do not lose sight of the goal of the investigative process and namely identify the perpetrator, even in the cases in which the association of the criminal and of the computer, where crime has been committed, is difficult. This paper, under this prospective, aims to recognize an alternative investigation approach to traditional criminal profiling. Starting from digital evidence left on the computer system, this research suggests an analytic methodology useful to draw a compatible user digital profile in conjunctions to the evidence left on the system.

16 citations


Network Information
Related Topics (5)
Information privacy
25.4K papers, 579.6K citations
78% related
Cloud computing security
27.1K papers, 511.8K citations
77% related
Authentication
74.7K papers, 867.1K citations
77% related
Intrusion detection system
28.4K papers, 509.5K citations
76% related
Public-key cryptography
27.2K papers, 547.7K citations
75% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
20241
202387
2022206
202187
2020116
2019111