Computer Forensics: Computer Crime Scene Investigation
Computer Forensics: Computer Crime Scene Investigation
Computer and Intrusion Forensics
Computer and Intrusion Forensics
Digital Evidence and Computer Crime
Digital Evidence and Computer Crime
Guide to Computer Forensics and Investigations, Second Edition
Guide to Computer Forensics and Investigations, Second Edition
Incident Response & Computer Forensics, 2nd Ed.
Incident Response & Computer Forensics, 2nd Ed.
Palantir: a framework for collaborative incident response and investigation
Proceedings of the 8th Symposium on Identity and Trust on the Internet
Artificial intelligence applied to computer forensics
Proceedings of the 2009 ACM symposium on Applied Computing
Integrated computer forensic investigation model based on Malaysian standards
International Journal of Electronic Security and Digital Forensics
A study on block-based recovery of damaged digital forensic evidence image
Multimedia Tools and Applications
Network forensic frameworks: Survey and research challenges
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Validation and verification of computer forensic software tools-Searching Function
Digital Investigation: The International Journal of Digital Forensics & Incident Response
| Hi-index | 0.00 |
Digital investigations, whether forensic in nature or not, require scientific rigor and are facilitated through the use of standard processes. Such processes can be complex in nature. A more comprehensive, generally accepted digital investigation process framework is therefore sought to enhance scientific rigor and facilitate education, application, and research. Previously proposed frameworks are predominantly single-tier, higher order process models that focus on the abstract, rather than the more concrete principles of the investigation. We contend that these frameworks, although useful in explaining overarching concepts, fail to support the inclusion of additional layers of detail needed by various framework users. We therefore propose a multi-tier, hierarchical framework to guide digital investigations. Our framework includes objectives-based phases and sub-phases that are applicable to various layers of abstraction, and to which additional layers of detail can easily be added as needed. Our framework also includes principles that are applicable in varied ways to all phases. The data analysis function intended to identify and recover digital evidence is used as an example of how the framework might be further populated and used. The framework is then applied using two different case scenarios. At its highest level, the proposed framework provides a simplified view and conceptual understanding of the overall process. At lower levels, the proposed framework provides the granularity needed to achieve practicality and specificity goals set by practitioners and researchers alike.