CFP last date
20 December 2024
Reseach Article

Survey on Digital Investigation Process Model

Published on May 2012 by Sulbha V. Patil, Revati A. Parate
National Conference on Recent Trends in Computing
Foundation of Computer Science USA
NCRTC - Number 7
May 2012
Authors: Sulbha V. Patil, Revati A. Parate
125b22e6-6b7c-4880-bd7a-19b7883d6450

Sulbha V. Patil, Revati A. Parate . Survey on Digital Investigation Process Model. National Conference on Recent Trends in Computing. NCRTC, 7 (May 2012), 20-25.

@article{
author = { Sulbha V. Patil, Revati A. Parate },
title = { Survey on Digital Investigation Process Model },
journal = { National Conference on Recent Trends in Computing },
issue_date = { May 2012 },
volume = { NCRTC },
number = { 7 },
month = { May },
year = { 2012 },
issn = 0975-8887,
pages = { 20-25 },
numpages = 6,
url = { /proceedings/ncrtc/number7/6565-1055/ },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Proceeding Article
%1 National Conference on Recent Trends in Computing
%A Sulbha V. Patil
%A Revati A. Parate
%T Survey on Digital Investigation Process Model
%J National Conference on Recent Trends in Computing
%@ 0975-8887
%V NCRTC
%N 7
%P 20-25
%D 2012
%I International Journal of Computer Applications
Abstract

In this paper, a process model for digital investigations is defined using the theories and techniques from the physical investigation world. While digital investigations have recently become more common, physical investigations have existed for thousands of years and the experience from them can be applied to the digital world. This paper introduces the notion of a digital crime scene with its own witnesses, evidence, and events that can be investigated using the same model as a physical crime scene. This paper provides a useful review of previous work and then maps the digital investigative process to the physical investigative process. Their product is called the Integrated Digital Investigation Process and defines 17 phases organized into 5 groups: Readiness, Deployment, Physical Crime Scene Investigation, Digital Crime Scene Investigation and Review Phases. The proposed model integrates the physical crime scene investigation with the digital crime scene investigation to identify a person who is responsible for the digital activity and applies to both law enforcement and corporate investigations [2]. The focus of the investigation is on the reconstruction of events using evidence so that hypothesis can be developed and tested. This paper also includes definitions and description of the basic and core concepts that the framework [3].

References
  1. Mark Reith; Clint Carr; Gregg Gunsch, "An Examinattion of Digital Forensic Models," International Journal of Digital Evidence, vol. 1, issue 3, Fall 2002.
  2. Brian Carrier; Eugene H. Spafford, "An Getting physical with digital evidence process," International Journal of Digital Evidence, vol. 2, issue 2, Fall 2003.
  3. Brian Carrier; Eugene H. Spafford, "An Event- Based Digital forensic Investigation Framework. "
  4. Ryan Leigland and Axel W. Krings, "A Formalisation of Digital Forensics," International Journal of Digital Evidence, vol. 3, issue 2, Fall 2004
  5. Golden G. Richard; Vassil Roussev; Lodovico Marziale, "Forensic Discovery auditing of digital evidence containers," Elsevier Ltd. , 2007.
  6. Brian Carrier; "Open Source Digital Forensic Tools," 2003, www. atstake. com/research/reports/acrobat/atstake_opensource_fornsics. pdf.
  7. Brian Carrier; "Defining Digital Forensic Examination and Analysis Tools Using Abstraction Layers," International Journal of Digital Evidence, vol. 1, issue 4, 2003.
  8. Mark M. Pollitt; "An Ad Hoc Review of Digital Forensic Models," Proceedings of the Second International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'07)
Index Terms

Computer Science
Information Sciences

Keywords

Digital Forensics Law Enforcement Evidence Digital Investigation Incident Response Crime Scene Investigation