Abstract
In this paper we present a review and comparative study of existing digital forensic investigation models and propose an enhanced model based on Systematic Digital Forensic Investigation Model. One significant drawback in digital forensic investigation is that they often do not place enough emphasis on potential admissibility of gathered evidence. Digital forensic investigation must adhere to the standard of evidence and its admissibility for successful prosecution. Therefore, the techno-legal nature of this proposed model coupled with the incorporation of best practices of existing models makes it unique. The model is not a waterfall model, but iterative in nature helping in successful investigation and prosecution. The result of the study is expected to improve the whole investigation process including possible litigation.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Boateng, R., et al.: Cyber Crime and Criminality in Ghana: Its Forms and Implications. In: Proceedings of the 16th Americas Conference on Information Systems (2010)
Smith, R.G., Grabosky, P.N., Urbas, G.: Cybercriminals on trial. Cambridge University Press (2004) ISBN: 9780521840477
Kent, K., Chevalier, S., Grance, T., Dang, H.: NIST SP 800-86 Guide to Integrating Forensic Techniques into Incident Response (2006)
Agarwal, A., et al.: Systematic Digital Forensic Investigation Model (2011), http://www.cscjournals.org/csc/manuscript/journals/IJCSS/Volume5/Issue1/IJCSS-438.pdf
Kruse, W.J., Heiser, G.: Computer Forensics: Incident Response Essentials. Addison-Wesley (2002) ISBN 0-201-70719-5
Palmer, G.: A Road Map for Digital Forensic Research. Technical Report DTR-T001-01, DFRW, Report From the First Digital Forensic Research Workshop, Utica, NY (2001)
Reith, M., Carr, C., Gunsch, G.: An Examination of Digital Forensic Models. International Journal of Digital Evidence 1(3) (2002)
Carrier, B., Spafford, E.H.: Getting Physical with the Investigative Process. International Journal of Digital Evidence 2(2) (Fall 2003)
Lee, H., Palmbach, T., Miller, M.: Henry Lee’s Crime Scene Handbook, Academic Press (2001) ISBN-13: 978-0124408302
Baryamureeba, V., Tushabe, F.: Enhanced Digital Investigation Process Model, Digital Forensic Research Workshop, Baltimore, MD, USA (2004)
Ciardhuáin, S.O.: An Extended Model of Cybercrime Investigations. In:International Journal of Digital Evidence 3(1) (Summer 2004)
Perumal, S.: Digital Forensic Model Based on Malaysian Investigation Process. IJCSNS International Journal of Computer Science and Network Security 9(8) (August 2009)
Ademu, I.O., Imafidon, C.O., Preston, D.S.: A New Approach of Digital Forensic Model for Digital Forensic Investigation. (IJACSA) International Journal of Advanced Computer Science and Applications 2(12) (2011)
Aghatise, E.J.: Computer Crime Research Center Cybercrime Definition (2006)
Carrier, B.: File System Forensic Analysis, Addison-Wesley (2005) ISBN 0-321-26817-2
Bunting, S.: Mastering Windows Network Forensic and Investigation, 1st edn. Sybex (2007) ISBN-13: 978-0470097625
Cressey, D.R.: Other People’s Money: Study in the Social Psychology of Embezzlement. Wadsworth Publishing Company (1972) ISBN-13: 978-0534001421
Cosic, J., Baca, M.: A Framework to (Im)Prove “Chain of Custody” in Digital Investigation Process. In: Proceedings of the CECIIS, Varazdin, Croatia (2010)
Roger, M.K.: A social learning theory and moral disengagement analysis of criminal computer behavior: An exploratory study. University of Manitoba, Winnipeg (2001)
Biros, D.P., et al.: Information Sharing: Hackers vs. law enforcement. In: Proceedings of the 9th Australian Information Warfare and Security Conference, Perth, Australia (2008)
Stephenson, P.: Modeling of Post-Incident Root Cause Analysis. International Journal of Digital Evidence 2(2) (Fall 2003)
Turvey, B.: Criminal Profiling: An Introduction to behavioral evidence analysis, 4th edn. Elsevier (2012) ISBN 978-0-12-385243-4
ACFE Fraud Examiners Manual, Canadian Edition (2012)
Association of Chief Police Officers (ACPO): Good Practice Guide for Computer based Electronic Evidence (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Kyei, K., Zavarsky, P., Lindskog, D., Ruhl, R. (2013). A Review and Comparative Study of Digital Forensic Investigation Models. In: Rogers, M., Seigfried-Spellar, K.C. (eds) Digital Forensics and Cyber Crime. ICDF2C 2012. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 114. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-39891-9_20
Download citation
DOI: https://doi.org/10.1007/978-3-642-39891-9_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-39890-2
Online ISBN: 978-3-642-39891-9
eBook Packages: Computer ScienceComputer Science (R0)