|
| An Approach for Managing Knowledge in Digital Forensics Examinations
|
|
Full
text: |
 PDF(310.6KB) |
|
|
Source |
International Journal of Computer Science and Security (IJCSS) |
|
Table of Contents |
|
|
Download
Complete Issue PDF(2.37MB) |
|
Volume: 4 Issue: 5 |
| |
Pages: 436-496 |
|
Publication
Date: December 2010 |
|
ISSN
(Online): 1985-1553 |
|
|
|
|
|
Pages |
451 - 465 |
|
Author(s) |
|
|
|
Published
Date |
20-12-2010 |
|
Publisher |
CSC
Journals, Kuala Lumpur,
Malaysia |
|
ADDITIONAL
INFORMATION |
| Keywords Abstract References Cited by Related Articles Collaborative
Colleague |
| |
|
| |
KEYWORDS: digital forensics, concept mapping, case domain modeling, digital investigations |
|
|
| |
|
|
| This Manuscript is indexed in the following databases/websites:- |
|
| 1. refSeek |
| 2. Socol@r |
| 3. iSEEK |
| 4. PDFCAST |
| 5. Google Scholar |
| 6. Directory of Open Access Journals (DOAJ) |
| 7. Scribd |
| 8. Docstoc |
| 9. Bielefeld Academic Search Engine (BASE) |
| 10. ResearchGATE |
| 11. Academic Journals Database |
| 12. Libsearch |
| |
|
| |
|
|
| Computers and digital devices are continuing to evolve in the areas of storage, processing power, memory, and features. Resultantly, digital forensic investigations are becoming more complex due to the increasing size of digital storage reaching gigabytes and terabytes. Due to this growth in disk storage, new approaches for managing the case details of a digital forensics investigation must be developed. In this paper, the importance of managing and reusing knowledge in digital forensic examinations is discussed, a modeling approach for managing knowledge is presented, and experimental results are presented that show how this modeling approach was used by law enforcement to manage the case details of a digital forensic examination. |
| |
|
| |
|
| |
| 1 |
V. Baryamureeba, F. Tushabe. “The Enhanced Digital Investigation Process Model”. In Proceedings of the 4th Annual Digital Forensic Research Workshop, Baltimore, MD, 2004
|
|
|
| 2 |
N. Beebe and J. Clark. “A Hierarchical, Objectives-Based Framework for the Digital Investigations Process”. In Proceedings of the 4 th Annual Digital Forensic Research Workshop, Baltimore, MD, 2004
|
|
|
| 3 |
B. Carrier and E. Spafford. “An Event-Based Digital Forensic Investigation Framework”. In Proceedings of the Fourth Annual Digital Forensic Research Workshop, Baltimore, MD, 2004
|
|
|
| 4 |
S. Ciardhuáin. “An Extended Model of Cybercrime Investigations”. International Journal of Digital Evidence, 3(1):1G22, 2004
|
|
|
| 5 |
M. Reith, C. Carr, G. Gunsch. “An Examination of Digital Forensic Models”. International Journal of Digital Evidence, 1(3):1G20, 2002
|
|
|
| 6 |
G. Ruibin, T. Yun, M. Gaertner. “Case-Relevance Information Investigation: Binding Computer Intelligence to the Current Computer Forensic Framework”. International Journal of Digital Evidence, 4(1):1G13, 2005
|
|
|
| 7 |
J. Venter. “Process Flow Diagrams for Training and Operations”. Advances in Digital Forensics II, Springer, pp. 331G342 (2006)
|
|
|
| 8 |
Tanner and D. Dampier. “Concept Mapping for Digital Forensics Investigations”. Advances in Digital Forensics V, Springer, pp. 201G300 (2009)
|
|
|
| 9 |
Tanner and D. Dampier. “Improving Digital Forensics Investigations with Concept Mapping”. In Proceedings of the Fifth International Conference on Digital Forensics, Orlando, FL, 2009
|
|
|
| 10 |
. S. Peisert, M.Bishop, S. Karin and K. Marzullo. “Toward Models for Forensic Analysis”. In Proceedings of the Second International Workshop on Systematic Approaches to Digital Forensic Engineering. Bell Harbor, WA, 2007
|
|
|
| 11 |
M. Khatir, S. M. Hejazi and E. Sneiders. “Two Dimensional Evidence Reliability Amplification Process Model for Digital Forensics”. In Proceedings of the Third International Workshop on Digital Forensics and Incident Analysis. Malaga, Spain, 2008
|
|
|
| 12 |
Y. Shin. “New Digital Forensics Investigation Procedure Model”. In Proceedings of the Fourth International Conference on Networked Computing and Advanced Information Management. Gyeongju, Korea, 2008
|
|
|
| 13 |
Carrier, E. Spafford. “Getting Physical with the Digital Investigation Process”. International Journal of Digital Evidence, 2(2):1G20, 2003
|
|
|
| 14 |
National Institute of Justice. Electronic Crime Scene Investigation: A Guide for First Responders 2001 [Online]. Available at: http://www.ncjrs.gov/pdffiles1/nij/187736.pdf, 2001
|
|
|
| 15 |
M. Pollitt. “An Ad Hoc Review of Digital Forensic Models”. In Proceedings of the Second International Workshop on Systematic Approaches to Digital Forensic Engineering. Bell Harbor, WA, 2007
|
|
|
| 16 |
R. Rowlingson. “A Ten Step Process for Forensic Readiness”. International Journal of Digital Evidence, 2(3):1G28, 2004
|
|
|
| 17 |
P. Stephenson. “Modeling of Post-Incident Root Cause Analysis”. International Journal of Digital Evidence, 2(2):1G16, 2003
|
|
|
| 18 |
Cañas, D. Leake, and D. Wilson. “Managing, Mapping, and Manipulating Conceptual Knowledge”. IHMC, 2007
|
|
|
| 19 |
Bruschi, M. Monga, and L. Martignoni. “How to Reuse Knowledge about Forensic Investigations”. In Proceedings of the 4 th Annual Digital Forensic Research Workshop. Baltimore, MD, 2004
|
|
|
| 20 |
M. Pollitt and A. Whitledge. “Exploring Big Haystacks: Data Mining and Knowledge Management”. Advances in Digital Forensics II, Springer, pp. 67G76 (2006)
|
|
|
| 21 |
M. Kramer. Using Concept Maps for Knowledge Acquisition in Satellite Design: Translating “Statement of Requirements on Orbit” to “Design Requirements”. PhD Thesis, Nova Southeastern University, 2005
|
|
|
| 22 |
J. D. Novak and A. J. Cañas. “The Theory Underlying Concept Maps and How to Construct Them”. Technical Report IHMC Cmap Tools 2006G01, Florida Institute for Human and Machine Cognition, 2006
|
|
|
| 23 |
S.O. Tergan, “Digital Concept Maps for Managing Knowledge and Information: Searching for Synergies”. Knowledge and Information Visualization, Springer, pp. 185–204 (2005)
|
|
|
| 24 |
C. Bogen. “Selecting Keyword Search Terms in Computer Forensics Examinations using Domain Analysis and Modeling”, PhD Thesis, Department of Computer Science and Engineering, Mississippi State University, 2006
|
|
|
| |
|
| |
|
| |
| |
|
| |
|
| |
| 1 |
MENDELEY
|
| 2 |
Center for Advanced Vehicular Systems (CAVS) at Mississippi State University
|
| 3 |
China National Publications Import & Export (Group) Corporation
|
| |
|
| |
|
| |
|
| April Tanner : Colleagues
|
|
| David Dampier : Colleagues
|
|
