ipl-logo

A Hierarchical, Objective-Based Framework For The Digital Investigation Process

516 Words3 Pages

N. L. Beebe & J. G. Clark [73] designed a new model which was based on the principles decided at the starting of the investigation .According to this framework the investigation phases can be divided in hierarchical order. Figure 10: A Hierarchical, Objective-Based Framework for the Digital Investigation Process (HODIP)
4.13.2 Phases of HODIP

All the phases listed in the framework has already been described in the above mentioned frameworks .
4.14 Computer Forensic Field Triage Process Model (CFFTPM)

4.14.1 Introduction

M. K. Rogers, J. Goldman, R. Mislan, T. Wedge & S. Debrota [74] recommends an onsite approach to provide the identification, analysis and interpretation of digital evidence within a short time span without the urge to return the devices or media back to the lab. It also does not require taking the complete …show more content…

Following the Planning phase is Triage phase. Here the evidences are collected and ranked based on importance or priority. Evidence with the highest priority needs to be processed first.
The User Usage Profile phase deals with monitoring user activity and profile with the purpose of relating evidence to the suspect. Constructing the crime case from chronological perspective by making use of MAC time (for example) to index the probable crime activities is the core objective of Chronology Timeline phase.
The task of examining the artefacts of internet related services are executed in the Interpret phase. Lastly, in Case Specific Evidence phase, the investigator can fine-tune the focus of the examination to certain aspects of the case such as the focus in child pornography would indeed be different than that of money laundering crime cases.

4.15 Framework for a Digital Forensic Investigation (FDFI)

4.15.1

More about A Hierarchical, Objective-Based Framework For The Digital Investigation Process

Open Document