ipl-logo

A Hierarchical, Objective-Based Framework For The Digital Investigation Process

516 Words3 Pages

N. L. Beebe & J. G. Clark [73] designed a new model which was based on the principles decided at the starting of the investigation .According to this framework the investigation phases can be divided in hierarchical order. Figure 10: A Hierarchical, Objective-Based Framework for the Digital Investigation Process (HODIP)
4.13.2 Phases of HODIP

All the phases listed in the framework has already been described in the above mentioned frameworks .
4.14 Computer Forensic Field Triage Process Model (CFFTPM)

4.14.1 Introduction

M. K. Rogers, J. Goldman, R. Mislan, T. Wedge & S. Debrota [74] recommends an onsite approach to provide the identification, analysis and interpretation of digital evidence within a short time span without the urge to return the devices or media back to the lab. It also does not require taking the complete …show more content…

Following the Planning phase is Triage phase. Here the evidences are collected and ranked based on importance or priority. Evidence with the highest priority needs to be processed first.
The User Usage Profile phase deals with monitoring user activity and profile with the purpose of relating evidence to the suspect. Constructing the crime case from chronological perspective by making use of MAC time (for example) to index the probable crime activities is the core objective of Chronology Timeline phase.
The task of examining the artefacts of internet related services are executed in the Interpret phase. Lastly, in Case Specific Evidence phase, the investigator can fine-tune the focus of the examination to certain aspects of the case such as the focus in child pornography would indeed be different than that of money laundering crime cases.

4.15 Framework for a Digital Forensic Investigation (FDFI)

4.15.1

Show More
Related

Nt1310 Unit 1 Chapter 3

593 Words | 3 Pages

i. Manage The term manage is used to mean acquiring the necessary contractual vehicle and resources that include financial resources that are used in running forensic labs and programs. It can also be used to mean to coordinate and build internal and external consensus that can be used to develop and manage an organizational digital forensic program. Management also is to establish a digital forensic team, usually, the one that is composed of investigators, IT professionals and incidents handlers to perform digital and network forensics. Management provides adequate workspaces that at minimum take in to account

Read More

Casey Anthony Case Study

635 Words | 3 Pages

“The special properties and technical complexity of digital evidence often makes it even more challenging, as courts find it difficult to understand the true nature and value of that evidence (Boddington, 2015)”. It’s not uncommon for innocents to be convicted and guilty people acquitted because of digital evidence (Boddington, 2015). However, other factors can also affect the validity of the evidence, including: failure of the prosecution or a plaintiff to report exculpatory data; evidence taken out of context and misinterpreted; failure to identify relevant evidence; system and application processing errors; and so forth (Boddington, 2015). “There is a perception, largely undeserved, that digital evidence somehow alters the true nature of the original evidence and is therefore unreliable. Presented properly, digital evidence is capable of being of tremendous assistance to the courts (Hak,

Read More

Nt1310 Lab 7.5

1619 Words | 7 Pages

4.7.5 Data Preservation and Isolation from the Network. The main purpose of a digital forensic report is to keep the data integrity, avoiding any type of data alteration, in order to present valid evidences, for instance in a court. The use of not valid software to check the stored information in a mobile phone can alter these information. The action of receive new data can alter the information stored, for instance an automatic firmware update, or remote device control with the risks involved. Therefore, it is extremelly important have the device completely isolated from the network.

Read More

Assante Case: Cheating V. 555 US

620 Words | 3 Pages

During the comprehensive forensic examination Assante’s personal laptop was subjected to an eighteen hour intrusive search using specialized equipment to open and read all files on the laptop, scanning the unallocated space on the hard drive for deleted files, then proceeding to

Read More

Frye And The Federal Rules Of Evidence Summary

995 Words | 4 Pages

Thus, forensic investigators, and also the courts, must trust that the vendor creating the software did so accurately, and has properly coded the software so as to obtain reliable results. Conversely, the source code of the software is typically made available in an open source tool, increasing one’s ability to test and assure the reliability of the software, and the accuracy of the results obtained. The National Institute of Standards and Technology provides a working group testing disk imagining tools that may be used in computer forensics, ensuring that the requirements are met. This is however merely one type of tool which is being tested, and whilst it is a step in the right direction, bodies such as the national institute of standards and technology do not assume liability for any results, nor do they certify

Read More

Njvc Security Incident Response Team Strategy

1071 Words | 5 Pages

The first stage will be accessing the potential crime scene to conduct their investigation (Sindhu & Meshram, 2012). This will allow for the CSIRT personnel to assess the scene, interview personnel, and document their findings to determine if a crime has been committed. If a crime has been suspected of being committed, the CSIRT personnel will then begin to collect evidence (Sindhu & Meshram, 2012). This may include retrieving hardware, log files, media, and replicating data stores to be analyzed at a later date. If evidence is collected, the CSIRT team must create and maintain a chain of custody in order to preserve the evidence’s integrity by ensuring it was not tampered and stored correctly (Sindhu & Meshram, 2012).

Read More

Stereotypes And Bias Affecting Jurors Perception

1871 Words | 8 Pages

Jurors are usually everyday civillains and lack the technical expertise to fully grasp the complexity of digital evidence which can cause misunderstanding and sway the decision of a trial. This problem is heightened by the perception television places on jurors as they often oversimplify the effort that goes into digital forensics. Jurors may have the connotation that results are instant and that sophisticated techniques shown in shows are readily available for all departments, leading to unrealistic expectations for real world criminal proceedings. The media often portrays digital experts as genuises who work best alone and can solve a case independently. In reality, digital forensics investigations involve a collaborative effort to develop a wide set of diverse skills.

Read More

4th Amendment Essay

931 Words | 4 Pages

An example of a self-forensic tool used for digital extraction is Evidence Center by Belkasoft (Lun, 2012). Evidence Center can be used by investigators with evidence extraction of “messenger history profile, allocated disk space, unallocated disk space, RAM, Pagefile and Hibernation file” (Lun, 2012). When using this program, investigators are able to store all extracted evidence from the instant messenger into a database, which can be used to further analyze the data (Lun, 2012). However, this program isn’t successful in retrieving every type of information, such as pictures or videos (Lun, 2012). As a result, investigators would need to use an additional program while tracing the instant message

Read More

The Craigslist Killer: A Case Study

544 Words | 3 Pages

Computer forensics processes must adhere to standards set by the courtroom that often complicates what could have been a simple data analysis. In court, knowing who connected to the system based on logs is not enough. There must be facts that will support those connection

Read More

Science Forensic Essay

793 Words | 4 Pages

Science Forensic Essay Technology is getting better every single day. Technologies are used by a lot of people around the world to communicate, learn and discover. But these technologies can also help the people who are seeking for Justice.

Read More

Forensic Tools Validation Report

1076 Words | 5 Pages

Processes and Testing Methods for Forensic Tools

Read More

Criminal Dat Forensic Techniques

1243 Words | 5 Pages

It is used to variety of data theft incidents. Some forensic analysis services are propriety Information theft reconstruction and analysis deleted data recovery and analysis. Digital forensics in a branch of forensic science encompassing the recovery and investigations of material found in digital devices often in relation to computer crime. Digital forensics investigations have a variety of applications. The most common is to support or refute a hypothesis before criminal or civil, courts; forensics may also feature in the private sector such as during internal corporate investigations or Intrusion investigation.

Read More

Epidemics: The Rise Of Anti-Forensics

1723 Words | 7 Pages

Student Name: Keshab Rawal Student ID: 77171807 Word Count: Title: The rise of anti-forensics: The rise of anti-forensics: Tables of contents: • Overview • Introduction • History • Categories/Tools of anti-forensics • Conclusion • Future Work Overview: Computer forensics is an active topic of research, with areas of study including wireless forensics, network security and cyber investigations. The goal of the computer forensics is to provide information about how the crime happened, why and who is involved in the crime in any legal proceeding by using the computer forensic tools.

Read More

Advantages And Disadvantages Of Digital Forensics

1915 Words | 8 Pages

The following section will consider advantages and limitation of the first two mentioned types of digital forensics: Traditional (dead) and Live computer forensics. TRADITIONAL (DEAD) VS LIVE DIGITAL FORENSICS Traditional (Dead) Forensics In order forensic acquisition to be more reliable it must be performed on computers that have been powered off. This type of forensics is known as ‘traditional’ or 'dead ' forensic acquisition. The whole process of dead acquisition, including search and seizure flowchart and acquisition of digital evidence flowchart is shown on Figure 2 and Figure 3 respectively.

Read More

My Writing Experience Essay

572 Words | 3 Pages

Within every subject at school, reading, writing, and chemistry posed a big challenge for me during my high school years. I excel in most subjects, but these three were the hardest to get. The key solution to my problem was to put my mind to it and do very best that I can. This wasn’t easy and I couldn’t do it by myself, there were several factors that allowed me to overcome the difficulties and excel in all subjects. At the reading I was horrible, I couldn’t understand anything I read “What’s the purpose behind reading?”

Read More

More about A Hierarchical, Objective-Based Framework For The Digital Investigation Process

Related Topics

Open Document