Notification: Our email services are now fully restored after a brief, temporary outage caused by a denial-of-service (DoS) attack. If you sent an email on Dec 6 and haven't received a response, please resend your email.
CFP last date
20 December 2024
Reseach Article

Digital Evidence Cabinets: A Proposed Framework for Handling Digital Chain of Custody

by Yudi Prayudi, Ahmad Ashari, Tri K Priyambodo
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 107 - Number 9
Year of Publication: 2014
Authors: Yudi Prayudi, Ahmad Ashari, Tri K Priyambodo
10.5120/18781-0106

Yudi Prayudi, Ahmad Ashari, Tri K Priyambodo . Digital Evidence Cabinets: A Proposed Framework for Handling Digital Chain of Custody. International Journal of Computer Applications. 107, 9 ( December 2014), 30-36. DOI=10.5120/18781-0106

@article{ 10.5120/18781-0106,
author = { Yudi Prayudi, Ahmad Ashari, Tri K Priyambodo },
title = { Digital Evidence Cabinets: A Proposed Framework for Handling Digital Chain of Custody },
journal = { International Journal of Computer Applications },
issue_date = { December 2014 },
volume = { 107 },
number = { 9 },
month = { December },
year = { 2014 },
issn = { 0975-8887 },
pages = { 30-36 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume107/number9/18781-0106/ },
doi = { 10.5120/18781-0106 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:40:38.297684+05:30
%A Yudi Prayudi
%A Ahmad Ashari
%A Tri K Priyambodo
%T Digital Evidence Cabinets: A Proposed Framework for Handling Digital Chain of Custody
%J International Journal of Computer Applications
%@ 0975-8887
%V 107
%N 9
%P 30-36
%D 2014
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Chain of custody is the procedure to do a chronological documentation of evidence, and it is an important procedure in the investigation process. Both physical and digital evidence is an important part in the process of investigation and courtroom. However, handling the chain of custody for digital evidence is more difficult than the handling of physical evidence. Nevertheless, the handling of digital evidence should still have the same procedure with the handling of physical evidence. Until now handling the chain of custody for digital evidence is still an open problem with a number of challenges, including the business model of the interaction of the parties that deal with digital evidence, recording of metadata information as well as issues of access control and security for all the handling digital chain of custody. The solution offered in this research is to build a model of Digital Evidence Cabinets as a new approach in implementing the digital evidence handling and chain of custody. The model is constructed through three approaches: Digital Evidence Management Frameworks, Digital Evidence Bags with Tag Cabinets as well as access control and secure communication. The proposed framework is expected to be a solution for the availability of an environment handling of digital evidence and to improve the integrity and credibility of digital evidence.

References
  1. PwC, "US cybercrime: Rising risks, reduced readiness," PricewaterhouseCoopers Report, Available at http://www. pwc. com/en_US/us/increasing-it-effectiveness/publications/assets/2014-us-state-of-cybercrime. pdf, 2014.
  2. RSA, "The Current State Of Cybercrime 2014: An Inside Look at the Changing Threat Landscape," RSA-EMC Report, Available at http://www. emc. com/collateral/white-paper/rsa-cyber-crime-report-0414. pdf, 2014.
  3. T. F. Gayed, H. Lounis, and M. Bari, "Computer Forensics: Toward the Construction of Electronic Chain of Custody on the Semantic Web," in Proc The 24th International Conference on Software Engineering & Knowledge Engineering, pp. 406–411, 2012.
  4. T. F. Gayed, H. Lounis, and M. Bari, "Cyber Forensics?: Representing and ( Im ) Proving the Chain of Custody Using the Semantic web," in Proc COGNITIVE 2012?: The Fourth International Conference on Advanced Cognitive Technologies and Applications,pp. 19–23, 2012.
  5. N. Kshetri, The Global Cybercrime Industry. Berlin, Heidelberg: Springer Berlin Heidelberg, p. 267, 2010.
  6. A. Agarwal, M. Gupta, and S. Gupta, "Systematic Digital Forensic Investigation Model," International Journal of Computer Science and Security, vol. 5, no. 1, pp. 118–134, 2011.
  7. G. Giova, "Improving Chain of Custody in Forensic Investigation of Electronic Digital Systems," International Journal of Computer Science and Network Security. , vol. 11, no. 1, pp. 1–9, 2011.
  8. J. Cosic, G. Cosic, and M. Baca, "An Ontological Approach to Study and Manage Digital Chain of Custody of Digital Evidence," JIOS Journal of Information and Organization Science. , vol. 35, no. 1, 2011.
  9. J. Cosic and G. Cosic, "Chain of Custody and Life Cycle of Digital Evidence," Journal of Computer Technology and Aplications, vol. 3, pp. 126–129, Feb-2012.
  10. C. Easttom and J. Taylor, Computer Crime, Investigation, and the Law. Boston, Massachusetts USA: Course Technology, 2011.
  11. Y. Prayudi, "Problema dan Solusi Digital Chain Of Custody," in Proc Seminar Nasional Aplikasi Teknologi Informasi (Senasti), 2014, no. 2011, pp. 197–204.
  12. N. Kuntze, C. Rudolph, and I. Technology, "Secure Digital Chains of Evidence," in Proc Sixth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering, pp. 1–8, 2011.
  13. B. Schatz, "Digital Evidence: Representation and Assurance," Thesis, Queensland University of Technology, Australia, 2007.
  14. S. L. Garfinkel, "Digital forensics research: The next 10 years," Digital Investigation, vol. 7, pp. S64–S73, Aug. 2010.
  15. P. G. Bradford and D. A. Ray, "Using Digital Chains of Custody on Constrained Devices to Verify Evidence," in Proc IEEE Intelligence and Security Informatics, pp. 8–15, 2007.
  16. J. Rajamäki and J. Knuuttila, "Law Enforcement Authorities ' Legal Digital Evidence Gathering," in Proc European Intelligence and Security Informatics Conference, pp. 198–203, 2013.
  17. J. Cosic and G. Cosic, "Chain of Custody and Life Cycle of Digital Evidence," Computer Technology and Aplications, vol. 3, pp. 126–129, Feb-2012.
  18. J. ?osi? and M. Ba?a, "A framework to (Im)Prove „Chain of Custody" in Digital Investigation Process," Proc. 21st Cent. Eur. Conf. Inf. Intell. Syst. , pp. 435–438, 2010.
  19. M. Cohen and B. Schatz, "Hash based disk imaging using AFF4," Digital Investigation, vol. 7, pp. S121–S128, Aug. 2010.
  20. S. L. Garfinkel, "Providing Cryptographic Security and Evidentiary Chain-of-Custody with the Advanced Forensic Format ," International Journal of Digital Crime Forensics, vol. 1, no. March, pp. 1–28, 2009.
  21. M. Cohen, S. Garfinkel, and B. Schatz, "Extending the advanced forensic format to accommodate multiple data sources, logical evidence, arbitrary information and forensic workflow," Digital Investigation, vol. 6, pp. S57–S68, Sep. 2009.
  22. B. Schatz and M. Cohen, "Refining Evidence Containers for Provenance and Accurate Data Representation," in Proc IFIP Advanced Infornation Communication Technology, vol. 337, pp. 227–242, 2010.
  23. CDESFWG, "Survey of Disk Image Storage Formats," 2006.
  24. K. Lim and D. G. Lee, "A New Proposal for a Digital Evidence Container for Security Convergence," in Proc IEEE International Conference on Control System, Computing and Engineering, pp. 171–175, 2011.
  25. P. Turner, "Unification of Digital Evidence from Disparate Sources ( Digital Evidence Bags )," in Digital Forensic Research Workshop (DFRWS), pp. 1–8,2005.
  26. C. -L. Hsu, B. -C. Liu, and Y. -L. Lin, "A Digital Evidence Protection Method with Hierarchical Access Control Mechanisms," in IEEE Carnahan Conference On Security Technology (ICCST), pp. 1–9, 2011.
  27. W. Zhou, "Access Control Model and Policies for Collaborative Environments," PhD Dissertation, Universitaet Potsdam, Potsdam Germany, 2008.
Index Terms

Computer Science
Information Sciences

Keywords

Digital Evidence Digital Chain Of Custody Digital Evidence Cabinets Digital Evidence Bags.