Call for Paper - August 2022 Edition
IJCA solicits original research papers for the August 2022 Edition. Last date of manuscript submission is July 20, 2022. Read More

Survey on Digital Investigation Process Model

Print
PDF
IJCA Proceedings on National Conference on Recent Trends in Computing
© 2012 by IJCA Journal
NCRTC - Number 6
Year of Publication: 2012
Authors:
Sulbha V. Patil
Revati A. Parate

Sulbha V Patil and Revati A Parate. Article: Survey on Digital Investigation Process Model. IJCA Proceedings on National Conference on Recent Trends in Computing NCRTC(6):36-41, May 2012. Full text available. BibTeX

@article{key:article,
	author = {Sulbha V. Patil and Revati A. Parate},
	title = {Article: Survey on Digital Investigation Process Model},
	journal = {IJCA Proceedings on National Conference on Recent Trends in Computing},
	year = {2012},
	volume = {NCRTC},
	number = {6},
	pages = {36-41},
	month = {May},
	note = {Full text available}
}

Abstract

In this paper, a process model for digital investigations is defined using the theories and techniques from the physical investigation world. While digital investigations have recently become more common, physical investigations have existed for thousands of years and the experience from them can be applied to the digital world. This paper introduces the notion of a digital crime scene with its own witnesses, evidence, and events that can be investigated using the same model as a physical crime scene. This paper provides a useful review of previous work and then maps the digital investigative process to the physical investigative process. Their product is called the Integrated Digital Investigation Process and defines 17 phases organized into 5 groups: Readiness, Deployment, Physical Crime Scene Investigation, Digital Crime Scene Investigation and Review Phases. The proposed model integrates the physical crime scene investigation with the digital crime scene investigation to identify a person who is responsible for the digital activity and applies to both law enforcement and corporate investigations [2]. The focus of the investigation is on the reconstruction of events using evidence so that hypothesis can be developed and tested. This paper also includes definitions and description of the basic and core concepts that the framework [3].

References

  • Mark Reith; Clint Carr; Gregg Gunsch, "An Examinattion of Digital Forensic Models," International Journal of Digital Evidence, vol. 1, issue 3, Fall 2002.
  • Brian Carrier; Eugene H. Spafford, "An Getting physical with digital evidence process," International Journal of Digital Evidence, vol. 2, issue 2, Fall 2003.
  • Brian Carrier; Eugene H. Spafford, "An Event- Based Digital forensic Investigation Framework. "
  • Ryan Leigland and Axel W. Krings, "A Formalisation of Digital Forensics," International Journal of Digital Evidence, vol. 3, issue 2, Fall 2004
  • Golden G. Richard; Vassil Roussev; Lodovico Marziale, "Forensic Discovery auditing of digital evidence containers," Elsevier Ltd. , 2007.
  • Brian Carrier; "Open Source Digital Forensic Tools," 2003, www. atstake. com/research/reports/acrobat/atstake_opensource_fornsics. pdf.
  • Brian Carrier; "Defining Digital Forensic Examination and Analysis Tools Using Abstraction Layers," International Journal of Digital Evidence, vol. 1, issue 4, 2003.
  • Mark M. Pollitt; "An Ad Hoc Review of Digital Forensic Models," Proceedings of the Second International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'07)