Abstract
The proliferation of computer-generated evidence in court proceedings during the last fifteen years has given rise to the new science of digital forensics and a new breed of law enforcement officials, “computer forensic examiners,” who apply the rules of evidence, investigative methods and sophisticated technical skills to analyze digital data for use in court proceedings. This paper explores the technical challenges facing the law enforcement community and discusses the application of data mining and knowledge management techniques to cope with the increasingly massive data sets involved in digital forensic investigations.
Chapter PDF
Similar content being viewed by others
References
N. Beebe and J. Clark, A hierarchical, objectives-based framework for the digital investigation process, Proceedings of the Digital Forensics Research Workshop, 2004.
M. Berry and G. Linoff, Data Mining Techniques for Marketing, Sales and Customer Support, John Wiley, New York, 1997.
B. Carrier, An event-based digital forensic investigation framework, presented at the Digital Forensics Research Workshop, 2004.
B. Crowley, Tacit knowledge and quality assurance: Bridging the theory-practice divide, in Knowledge Management for the Information Professional, K. Srikantaiah, M. Koenig and T. Srikantaiah (Eds.), Information Today, Medford, New Jersey, 2000.
T. Davenport and L. Prusak, Working Knowledge: How Organizations Manage What They Know, Harvard Business School Press, Boston, Massachusetts, 1998.
A. DiClemente, Digital forensics: Current status and future directions, presented at the First IFIP WG 11.9 International Conference on Digital Forensics, 2005.
Farlex, Inc., The Free Dictionary (www.thefreedictionary.com).
G. Hama and M. Pollitt, Data reduction — Refining the sieve, presented at the Second International Conference on Computer Evidence (www.digitalevidencepro.com/Resources/Sieve1.pdf), 1996.
P. Lyman and H. Varian, How Much Information 2003? (www.sims.berkeley.edu/how-much-info-2003), 2003.
M. Pollitt, A framework for digital forensic science, presented at the Digital Forensics Research Workshop, 2004.
The Provider’s Edge, LLC., Knowledge Management Basics (www.providersedge.com/kma/km_overview_km_basics.htm), 2003.
A. Sammes and B. Jenkinson, Forensic Computing: A Practitioner’s Guide, Springer-Verlag, New York, 2000.
P. Stephenson, Modeling of post-incident root cause analysis, International Journal of Digital Evidence, vol. 2(2), 2003.
J. Thorp, The Information Paradox: Realizing the Business Benefits of Information Technology, McGraw-Hill, Toronto, Canada, 1999.
U.S. Government, Federal Rules of Evidence (judiciary.house.gov /media/pdfs/printers/108th/evid2004.pdf), 2004.
R. Williams, Data Powers of Ten (www.davedoyle.com/help/data.html), 2005.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 IFIP Internatonal Federation for Information Processing
About this paper
Cite this paper
Pollitt, M., Whitledge, A. (2006). Exploring Big Haystacks. In: Olivier, M.S., Shenoi, S. (eds) Advances in Digital Forensics II. DigitalForensics 2006. IFIP Advances in Information and Communication, vol 222. Springer, Boston, MA. https://doi.org/10.1007/0-387-36891-4_6
Download citation
DOI: https://doi.org/10.1007/0-387-36891-4_6
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-36890-0
Online ISBN: 978-0-387-36891-7
eBook Packages: Computer ScienceComputer Science (R0)