Skip to main content
SpringerLink
Log in

A Review and Comparative Study of Digital Forensic Investigation Models

  • Conference paper
Digital Forensics and Cyber Crime (ICDF2C 2012)

Included in the following conference series:

Abstract

In this paper we present a review and comparative study of existing digital forensic investigation models and propose an enhanced model based on Systematic Digital Forensic Investigation Model. One significant drawback in digital forensic investigation is that they often do not place enough emphasis on potential admissibility of gathered evidence. Digital forensic investigation must adhere to the standard of evidence and its admissibility for successful prosecution. Therefore, the techno-legal nature of this proposed model coupled with the incorporation of best practices of existing models makes it unique. The model is not a waterfall model, but iterative in nature helping in successful investigation and prosecution. The result of the study is expected to improve the whole investigation process including possible litigation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Boateng, R., et al.: Cyber Crime and Criminality in Ghana: Its Forms and Implications. In: Proceedings of the 16th Americas Conference on Information Systems (2010)

    Google Scholar 

  2. Smith, R.G., Grabosky, P.N., Urbas, G.: Cybercriminals on trial. Cambridge University Press (2004) ISBN: 9780521840477

    Google Scholar 

  3. Kent, K., Chevalier, S., Grance, T., Dang, H.: NIST SP 800-86 Guide to Integrating Forensic Techniques into Incident Response (2006)

    Google Scholar 

  4. Agarwal, A., et al.: Systematic Digital Forensic Investigation Model (2011), http://www.cscjournals.org/csc/manuscript/journals/IJCSS/Volume5/Issue1/IJCSS-438.pdf

  5. Kruse, W.J., Heiser, G.: Computer Forensics: Incident Response Essentials. Addison-Wesley (2002) ISBN 0-201-70719-5

    Google Scholar 

  6. Palmer, G.: A Road Map for Digital Forensic Research. Technical Report DTR-T001-01, DFRW, Report From the First Digital Forensic Research Workshop, Utica, NY (2001)

    Google Scholar 

  7. Reith, M., Carr, C., Gunsch, G.: An Examination of Digital Forensic Models. International Journal of Digital Evidence 1(3) (2002)

    Google Scholar 

  8. Carrier, B., Spafford, E.H.: Getting Physical with the Investigative Process. International Journal of Digital Evidence 2(2) (Fall 2003)

    Google Scholar 

  9. Lee, H., Palmbach, T., Miller, M.: Henry Lee’s Crime Scene Handbook, Academic Press (2001) ISBN-13: 978-0124408302

    Google Scholar 

  10. Baryamureeba, V., Tushabe, F.: Enhanced Digital Investigation Process Model, Digital Forensic Research Workshop, Baltimore, MD, USA (2004)

    Google Scholar 

  11. Ciardhuáin, S.O.: An Extended Model of Cybercrime Investigations. In:International Journal of Digital Evidence 3(1) (Summer 2004)

    Google Scholar 

  12. Perumal, S.: Digital Forensic Model Based on Malaysian Investigation Process. IJCSNS International Journal of Computer Science and Network Security 9(8) (August 2009)

    Google Scholar 

  13. Ademu, I.O., Imafidon, C.O., Preston, D.S.: A New Approach of Digital Forensic Model for Digital Forensic Investigation. (IJACSA) International Journal of Advanced Computer Science and Applications 2(12) (2011)

    Google Scholar 

  14. Aghatise, E.J.: Computer Crime Research Center Cybercrime Definition (2006)

    Google Scholar 

  15. Carrier, B.: File System Forensic Analysis, Addison-Wesley (2005) ISBN 0-321-26817-2

    Google Scholar 

  16. Bunting, S.: Mastering Windows Network Forensic and Investigation, 1st edn. Sybex (2007) ISBN-13: 978-0470097625

    Google Scholar 

  17. Cressey, D.R.: Other People’s Money: Study in the Social Psychology of Embezzlement. Wadsworth Publishing Company (1972) ISBN-13: 978-0534001421

    Google Scholar 

  18. Cosic, J., Baca, M.: A Framework to (Im)Prove “Chain of Custody” in Digital Investigation Process. In: Proceedings of the CECIIS, Varazdin, Croatia (2010)

    Google Scholar 

  19. Roger, M.K.: A social learning theory and moral disengagement analysis of criminal computer behavior: An exploratory study. University of Manitoba, Winnipeg (2001)

    Google Scholar 

  20. Biros, D.P., et al.: Information Sharing: Hackers vs. law enforcement. In: Proceedings of the 9th Australian Information Warfare and Security Conference, Perth, Australia (2008)

    Google Scholar 

  21. Stephenson, P.: Modeling of Post-Incident Root Cause Analysis. International Journal of Digital Evidence 2(2) (Fall 2003)

    Google Scholar 

  22. Turvey, B.: Criminal Profiling: An Introduction to behavioral evidence analysis, 4th edn. Elsevier (2012) ISBN 978-0-12-385243-4

    Google Scholar 

  23. ACFE Fraud Examiners Manual, Canadian Edition (2012)

    Google Scholar 

  24. Association of Chief Police Officers (ACPO): Good Practice Guide for Computer based Electronic Evidence (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Systems Security Department, Concordia University College of Alberta, Edmonton, T5B 4E4, Canada

    Kwaku Kyei, Pavol Zavarsky, Dale Lindskog & Ron Ruhl

Authors
  1. Kwaku Kyei
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pavol Zavarsky
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dale Lindskog
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ron Ruhl
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Center for Education and Research in Information Assurance and Security, Purdue University, 47906, Lafayette, IN, USA

    Marcus Rogers

  2. The University of Alabama, 35487, Tuscaloosa, AL, USA

    Kathryn C. Seigfried-Spellar

Rights and permissions

Reprints and permissions

Copyright information

© 2013 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Kyei, K., Zavarsky, P., Lindskog, D., Ruhl, R. (2013). A Review and Comparative Study of Digital Forensic Investigation Models. In: Rogers, M., Seigfried-Spellar, K.C. (eds) Digital Forensics and Cyber Crime. ICDF2C 2012. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 114. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-39891-9_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-39891-9_20

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-39890-2

  • Online ISBN: 978-3-642-39891-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation