Applying Machine Trust Models to Forensic Investigations

  • Marika Wojcik
  • Hein Venter
  • Jan Eloff
  • Martin Olivier
Part of the IFIP Advances in Information and Communication book series (IFIPAICT, volume 222)


Digital forensics involves the identification, preservation, analysis and presentation of electronic evidence for use in legal proceedings. In the presence of contradictory evidence, forensic investigators need a means to determine which evidence can be trusted. This is particularly true in a trust model environment where computerised agents may make trust-based decisions that influence interactions within the system. This paper focuses on the analysis of evidence in trust-based environments and the determination of the degree to which evidence can be trusted. The trust model proposed in this work may be implemented in a tool for conducting trust-based forensic investigations. The model takes into account the trust environment and parameters that influence interactions in a computer network being investigated. Also, it allows for crimes to be reenacted to create more substantial evidentiary proof.


Trust models forensic investigations digital evidence 


  1. [1]
    V. Baryamureeba and F. Tushabe, The enhanced digital investigation process model, presented at the Digital Forensics Research Workshop, 2004.Google Scholar
  2. [2]
    S. Bui, M. Enyeart and J. Luong, Issues in computer forensics ( tigation.pdf), 2003.Google Scholar
  3. [3]
    M. Carbone, M. Nielsen and V. Sassone, Gigascope: A formal model for trust in dynamic networks, Proceedings of the First International Conference on Software Engineering and Formal Methods, pp. 54–61, 2003.Google Scholar
  4. [4]
    M. Coetzee and J. Eloff, Towards web services access control, Computers & Security, vol 23(7), pp. 559–570, 2004.CrossRefGoogle Scholar
  5. [5]
    B. Esfandiari and S. Chandrasekharan, On how agents make friends: Mechanisms for trust acquisition, Proceedings of the Fourth Workshop on Deception, Fraud and Trust in Agent Societies, pp. 27–34, 2001.Google Scholar
  6. [6]
    C. Jonker and J. Treur, Formal analysis of models for the dynamics of trust based on experiences, Proceedings of the Ninth European Workshop on Modeling Autonomous Agents in a Multi-Agent World (Lecture Notes in Computer Science, Volume 1647), pp. 221–232, Springer, Berlin, Germany, 1999.Google Scholar
  7. [7]
    A. Josang, Prospectives for modeling trust in information security, Proceedings of the Australasian Conference on Information Security and Privacy (Lecture Notes in Computer Science, Volume 1270), pp. 2–13, Springer, Berlin, Germany, 1997.CrossRefGoogle Scholar
  8. [8]
    L. Kagal, T. Finin and A. Joshi, Trust-based security in pervasive computing environments, IEEE Computer, vol. 34(12), pp. 154–157, 2001.CrossRefGoogle Scholar
  9. [9]
    M. Marx and J. Treur, Trust dynamics formalized in temporal logic, Proceedings of the Third International Conference on Cognitive Science, pp. 359–363, 2001.Google Scholar
  10. [10]
    R. McKemmish, What is forensic computing? Trends and Issues in Crime and Criminal Justice, no. 118, Australian Institute of Criminology, 1999.Google Scholar
  11. [11]
    B. Nooteboom, Trust: Forms, Foundations, Functions, Failures and Figures, Edward Elgar Publishing, Cheltenham, United Kingdom, 2002.CrossRefGoogle Scholar
  12. [12]
    M. Patton and A. Josang, Technologies for trust in electronic commerce, Electronic Commerce Research, vol. 4, pp. 9–21, 2004.CrossRefGoogle Scholar
  13. [13]
    S. Peron and M. Legary, Digital anti-forensics: Emerging trends in data transformation techniques, presented at the E-Crime and Computer Evidence Conference, 2005.Google Scholar
  14. [14]
    K. Ryder, Computer forensics: We’ve had an incident, who do we get to investigate? (, 2002.Google Scholar
  15. [15]
    A. Svensson, Computer Forensics Applied to Windows NTFS Computers, Master’s Thesis, Stockhohn University/Royal Institute of Technology, Stockholm, Sweden, 2005.Google Scholar
  16. [16]
    L. Xiong and L. Liu, A reputation-based trust model for peer-to-peer e-commerce communities, Proceedings of the Fourth A CM Conference on E-Commerce, pp. 228–229, 2003.Google Scholar

Copyright information

© IFIP Internatonal Federation for Information Processing 2006

Authors and Affiliations

  • Marika Wojcik
    • 1
  • Hein Venter
    • 1
  • Jan Eloff
    • 1
  • Martin Olivier
    • 1
  1. 1.University of PretoriaPretoriaSouth Africa

Personalised recommendations