Editorial: What does "forensically sound" really mean?
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Risk sensitive digital evidence collection
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Creating laboratories for undergraduate courses in mobile phone forensics
Proceedings of the 2010 ACM conference on Information technology education
Effective digital forensics research is investigator-centric
HotSec'11 Proceedings of the 6th USENIX conference on Hot topics in security
Forensic triage for mobile phones with DEC0DE
SEC'11 Proceedings of the 20th USENIX conference on Security
| Hi-index | 0.00 |
The increasing number of mobile devices being submitted to Digital Forensic Laboratories (DFLs) is creating a backlog that can hinder investigations and negatively impact public safety and the criminal justice system. In a military context, delays in extracting intelligence from mobile devices can negatively impact troop and civilian safety as well as the overall mission. To address this problem, there is a need for more effective on-scene triage methods and tools to provide investigators with information in a timely manner, and to reduce the number of devices that are submitted to DFLs for analysis. Existing tools that are promoted for on-scene triage actually attempt to fulfill the needs of both on-scene triage and in-lab forensic examination in a single solution. On-scene triage has unique requirements because it is a precursor to and distinct from the forensic examination process, and may be performed by mobile device technicians rather than forensic analysts. This paper formalizes the on-scene triage process, placing it firmly in the overall forensic handling process and providing guidelines for standardization of on-scene triage. In addition, this paper outlines basic requirements for automated triage tools.