Home   >   CSC-OpenAccess Library   >    Manuscript Information
Full Text Available

(310.56KB)
This is an Open Access publication published under CSC-OpenAccess Policy.
Publications from CSC-OpenAccess Library are being accessed from over 74 countries worldwide.
An Approach for Managing Knowledge in Digital Forensics Examinations
April Tanner, David Dampier
Pages - 451 - 465     |    Revised - 30-11-2010     |    Published - 20-12-2010
Volume - 4   Issue - 5    |    Publication Date - December 2010  Table of Contents
MORE INFORMATION
KEYWORDS
digital forensics, concept mapping, case domain modeling, digital investigations
ABSTRACT
Computers and digital devices are continuing to evolve in the areas of storage, processing power, memory, and features. Resultantly, digital forensic investigations are becoming more complex due to the increasing size of digital storage reaching gigabytes and terabytes. Due to this growth in disk storage, new approaches for managing the case details of a digital forensics investigation must be developed. In this paper, the importance of managing and reusing knowledge in digital forensic examinations is discussed, a modeling approach for managing knowledge is presented, and experimental results are presented that show how this modeling approach was used by law enforcement to manage the case details of a digital forensic examination.
CITED BY (6)  
1 Kishore, N. (2015). Parllel hashing algorithms for security and Forensic Applicatons.
2 Tanner, A., & Duncan, S. On Integrating Mobile Applications into the Digital Forensic Investigative Process.
3 Hoelz, B. W., & Ralha, C. G. (2013, March). A framework for semantic annotation of digital evidence. In Proceedings of the 28th Annual ACM Symposium on Applied Computing (pp. 1966-1971). ACM.
4 Tanner, A., Dampier, D., & Thompson, J. (2012, November). On developing a conceptual modeling report management tool for digital forensic investigations. In Homeland Security (HST), 2012 IEEE Conference on Technologies for (pp. 445-450). IEEE.
5 Al-Fedaghi, S., & Al-Babtain, B. (2012). Modeling the forensics process. Int. J. Security Appl, 6(4).
6 Buang, M. F. M., & Daud, S. M. (2012, May). A web-based KM system for digital forensics-knowledge sharing capability. In Multimedia Computing and Systems (ICMCS), 2012 International Conference on (pp. 528-533). IEEE.
1 Google Scholar 
2 Academic Journals Database 
3 CiteSeerX 
4 refSeek 
5 iSEEK 
6 Socol@r  
7 ResearchGATE 
8 Libsearch 
9 Bielefeld Academic Search Engine (BASE) 
10 Scribd 
11 SlideShare 
12 PDFCAST 
13 PdfSR 
1 V. Baryamureeba, F. Tushabe. “The Enhanced Digital Investigation Process Model”. In Proceedings of the 4th Annual Digital Forensic Research Workshop, Baltimore, MD, 2004
2 N. Beebe and J. Clark. “A Hierarchical, Objectives-Based Framework for the Digital Investigations Process”. In Proceedings of the 4 th Annual Digital Forensic Research Workshop, Baltimore, MD, 2004
3 B. Carrier and E. Spafford. “An Event-Based Digital Forensic Investigation Framework”. In Proceedings of the Fourth Annual Digital Forensic Research Workshop, Baltimore, MD, 2004
4 S. Ciardhuáin. “An Extended Model of Cybercrime Investigations”. International Journal of Digital Evidence, 3(1):1G22, 2004
5 M. Reith, C. Carr, G. Gunsch. “An Examination of Digital Forensic Models”. International Journal of Digital Evidence, 1(3):1G20, 2002
6 G. Ruibin, T. Yun, M. Gaertner. “Case-Relevance Information Investigation: Binding Computer Intelligence to the Current Computer Forensic Framework”. International Journal of Digital Evidence, 4(1):1G13, 2005
7 J. Venter. “Process Flow Diagrams for Training and Operations”. Advances in Digital Forensics II, Springer, pp. 331G342 (2006)
8 Tanner and D. Dampier. “Concept Mapping for Digital Forensics Investigations”. Advances in Digital Forensics V, Springer, pp. 201G300 (2009)
9 Tanner and D. Dampier. “Improving Digital Forensics Investigations with Concept Mapping”. In Proceedings of the Fifth International Conference on Digital Forensics, Orlando, FL, 2009
10 . S. Peisert, M.Bishop, S. Karin and K. Marzullo. “Toward Models for Forensic Analysis”. In Proceedings of the Second International Workshop on Systematic Approaches to Digital Forensic Engineering. Bell Harbor, WA, 2007
11 M. Khatir, S. M. Hejazi and E. Sneiders. “Two Dimensional Evidence Reliability Amplification Process Model for Digital Forensics”. In Proceedings of the Third International Workshop on Digital Forensics and Incident Analysis. Malaga, Spain, 2008
12 Y. Shin. “New Digital Forensics Investigation Procedure Model”. In Proceedings of the Fourth International Conference on Networked Computing and Advanced Information Management. Gyeongju, Korea, 2008
13 Carrier, E. Spafford. “Getting Physical with the Digital Investigation Process”. International Journal of Digital Evidence, 2(2):1G20, 2003
14 National Institute of Justice. Electronic Crime Scene Investigation: A Guide for First Responders 2001 [Online]. Available at: http://www.ncjrs.gov/pdffiles1/nij/187736.pdf, 2001
15 M. Pollitt. “An Ad Hoc Review of Digital Forensic Models”. In Proceedings of the Second International Workshop on Systematic Approaches to Digital Forensic Engineering. Bell Harbor, WA, 2007
16 R. Rowlingson. “A Ten Step Process for Forensic Readiness”. International Journal of Digital Evidence, 2(3):1G28, 2004
17 P. Stephenson. “Modeling of Post-Incident Root Cause Analysis”. International Journal of Digital Evidence, 2(2):1G16, 2003
18 Cañas, D. Leake, and D. Wilson. “Managing, Mapping, and Manipulating Conceptual Knowledge”. IHMC, 2007
19 Bruschi, M. Monga, and L. Martignoni. “How to Reuse Knowledge about Forensic Investigations”. In Proceedings of the 4 th Annual Digital Forensic Research Workshop. Baltimore, MD, 2004
20 M. Pollitt and A. Whitledge. “Exploring Big Haystacks: Data Mining and Knowledge Management”. Advances in Digital Forensics II, Springer, pp. 67G76 (2006)
21 M. Kramer. Using Concept Maps for Knowledge Acquisition in Satellite Design: Translating “Statement of Requirements on Orbit” to “Design Requirements”. PhD Thesis, Nova Southeastern University, 2005
22 J. D. Novak and A. J. Cañas. “The Theory Underlying Concept Maps and How to Construct Them”. Technical Report IHMC Cmap Tools 2006G01, Florida Institute for Human and Machine Cognition, 2006
23 S.O. Tergan, “Digital Concept Maps for Managing Knowledge and Information: Searching for Synergies”. Knowledge and Information Visualization, Springer, pp. 185–204 (2005)
24 C. Bogen. “Selecting Keyword Search Terms in Computer Forensics Examinations using Domain Analysis and Modeling”, PhD Thesis, Department of Computer Science and Engineering, Mississippi State University, 2006
Mr. April Tanner
Mississippi State University - United States of America
alb117@msstate.edu
Associate Professor David Dampier
- United States of America