Page 1 of 1

Enhanced Digital Investigation Process

PostPosted: Tue Jan 24, 2012 3:30 pm
by Prasanth
Computer crimes are on the rise and unfortunately less than two percent of the reported cases result in conviction. The process (methodology and approach) one adopts in conducting a digital forensics investigation is immensely crucial to the outcome of such an investigation. Overlooking one step or interchanging any of the steps may lead to incomplete or inconclusive results hence wrong interpretations and conclusions. A computer crime culprit may walk Scot-free or an innocent suspect may suffer negative consequences (both monetary and otherwise) simply on account of a forensics investigation that was inadequate or improperly conducted. In this paper, we present a brief overview of forensic models and propose a new model based on the Integrated Digital Investigation Model.

Digital forensics has been defined as the use of scientifically derived and proven methods towards the preservation, collection, validation, identification, analysis, interpretation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events found to be criminal or helping to anticipate the unauthorized actions shown to be disruptive to planned operations [3]. One important element of digital forensics is the credibility of the digital evidence. Digital evidence includes computer evidence, digital audio, digital video, cell phones, digital fax machines etc. The legal settings desire evidence to have integrity, authenticity, reproductivity, non-interference and minimization. Since computer forensics is a relatively new field compared to other forensic disciplines,
which can be traced back to the early 1920s, there are ongoing efforts to develop examination standards and to provide structure to computer forensic examinations. This paper attempts to address the methodology of a computer forensic investigation

Thesis By Venansius Baryamureeba and Florence Tushabe,Institute of Computer Science, Makerere University


Keywords Computer Forensics, Crime Scene Investigation, Forensic Process model, Abstract Digital Forensic Model, Integrated Digital Investigation Model