A framework for unified digital evidence management in security convergence
- 391 Downloads
Digital Forensics is being actively researched and performed in various areas against changing IT environment such as mobile phone, e-commerce, cloud service and video surveillance. Moreover, it is necessary to research unified digital evidence management for correlation analysis from diverse sources. Meanwhile, various triage approaches have been developed to cope with the growing amount of digital evidence being encountered in criminal cases, enterprise investigations and military contexts. Despite of debating over whether triage inspection is necessary or not, it will be essential to develop a framework for managing scattered digital evidences. This paper presents a framework with unified digital evidence management for appropriate security convergence, which is based on triage investigation. Moreover, this paper describes a framework in network video surveillance system to shows how it works as an unified evidence management for storing diverse digital evidences, which is a good example of security convergence.
KeywordsDigital Forensics Digital evidence container Triage Investigation
This research was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education, Science and Technology (grant number 2010-0005571).
- 5.Lim, K.-S., Park, J., Lee, C., & Lee, S. (2011). A new proposal for a digital evidence container for triage investigation. In ICCSCE’11. Google Scholar
- 6.Rogers, M. K., Goldman, J., Mislan, R., Wedge, T., & Debrot, S. (2006). Computer forensics field triage process model. In Conference on digital forensics, security and law. Google Scholar
- 8.Lim, K.-s., Lee, S., & Lee, S. (2009). Applying a stepwise forensic approach to incident response and computer usage analysis. In 2nd international conference on computer science and its application (CSA 2009). Google Scholar
- 12.Encase Portable kits. http://www.guidancesoftware.com/encase-portable.htm.
- 13.IP camera definition. http://en.wikipedia.org/wiki/IP_camera.
- 15.CCTV definition. http://en.wikipedia.org/wiki/Closed_circuit_elevision.
- 19.Axis’s video management sofware. http://www.axis.com/products/video/about_networkvideo/platforms.htm.
- 20.PKZip file structure. http://www.absolutestronomy.com/topics/ZIP_(file_format).
- 21.Lim, K.-S., & Lee, C. (2012). Applying forensic approach to live investigation using XeBag. In Computer science and its applications. Google Scholar