On a Scientific Theory of Digital Forensics

  • Martin OlivierEmail author
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 484)


A suitable theory to serve as scientific grounds for a digital forensic science is still elusive. Such a theory needs to satisfy the demands imposed by science and justify the facts derived as evidence using the theory. A number of grounding theories have been proposed. This chapter revisits three prominent theories, those of Gladyshev, Carrier and Cohen, and: (i) determines the requirements they suggest for a digital forensics theory; (ii) analyzes their primary differences; and (iii) assesses them using the norms that exist for science. This enables us to sketch the outlines of a new theory that better reflects the scientific requirements and the intended application of forensic science in a digital context.


Forensic science Digital evidence Digital forensic science Theory 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bunge, M.: Philosophy of Science: From Problem to Theory, vol. 1. Transaction Publishers, New Brunswick (1998)Google Scholar
  2. 2.
    Canter, D., Youngs, D.: Investigative Psychology: Offender Profiling and the Analysis of Criminal Action. John Wiley and Sons, Chichester (2009)Google Scholar
  3. 3.
    Carrier, B.: A Hypothesis-Based Approach to Digital Forensic Investigations, CERIAS Technical Report 2006–06, Center for Education and Research in Information Assurance and Security, Purdue University, West Lafayette, Indiana (2006)Google Scholar
  4. 4.
    Cohen, F.: Digital Forensic Evidence Examination. Fred Cohen and Associates, Livermore (2013)Google Scholar
  5. 5.
    Foucault, M.: Discipline and Punish – The Birth of the Prison. Penguin, London (1991)Google Scholar
  6. 6.
    French, S.: Science: Key Concepts in Philosophy. Continuum, London (2007)Google Scholar
  7. 7.
    GE Healthcare Life Science: DNAscan Rapid DNA Analysis System, Data File 29–0327-18 AB. Pittsburgh, Pennsylvania (2014)Google Scholar
  8. 8.
    Gladyshev, P.: Formalizing Event Reconstruction in Digital Investigations, Doctoral Dissertation, Department of Computer Science, University College Dublin, Dublin, Ireland (2004)Google Scholar
  9. 9.
    Gratzer, W.: The Undergrowth of Science – Delusion, Self-Deception and Human Frailty. Oxford University Press, Oxford (2000)Google Scholar
  10. 10.
    Harding, S.: Whose Science? Whose Knowledge? Thinking from Women’s Lives. Cornell University Press, Ithaca (1991)Google Scholar
  11. 11.
    Inman, K., Rudin, N.: Principles and Practice of Criminalistics: The Profession of Forensice Science. CRC Press, Boca Raton (2001)Google Scholar
  12. 12.
    Kuhn, T.: The Structure of Scientific Revolutions. University of Chicago Press, Chicago (1996)CrossRefGoogle Scholar
  13. 13.
    National Research Council, Strengthening Forensic Science in the United States: A Path Forward. National Academies Press, Washington, DC (2009)Google Scholar
  14. 14.
    Oberdan, T.: Moritz schlick. In: Zalta, E. (ed.) The Stanford Encyclopedia of Philosophy. The Metaphysics Lab, Center for the Study of Language and Information, Stanford University, Stanford, California (2013).
  15. 15.
    Olivier, M.: On metadata context in database forensics. Digital Investigation 5(3–4), 115–123 (2009)CrossRefGoogle Scholar
  16. 16.
    Olivier, M.: On complex crimes and digital forensics. In: Kayem, A., Meinel, C. (eds.) Information Security in Diverse Computing Environments. IGI Global, Hershey, pp. 230–244 (2014)Google Scholar
  17. 17.
    Olivier, M.: Towards a digital forensic science. In: Venter, H., Loock, M., Coetzee, M., Eloff, M., Flowerday, S. (eds.) Information Security for South Africa. IEEE Press, Danvers (2015)Google Scholar
  18. 18.
    Oyelami, O., Olivier, M.: Using yin’s approach to case studies as a paradigm for conducting examinations. In: Peterson, G., Shenoi, S. (eds.) DigitalForensics 2015. IAICT, vol. 462, pp. 45–59. Springer, Heidelberg (2015). doi: 10.1007/978-3-319-24123-4_3 CrossRefGoogle Scholar
  19. 19.
    Scientific Working Group on Digital Evidence, Digital and Multimedia Evidence (Digital Forensics) as a Forensic Science Discipline, Version 2.0 (2014)Google Scholar
  20. 20.
    Tal, E.: Measurement in science. In: Zalta, E. (ed.) The Stanford Encyclopedia of Philosophy. The Metaphysics Lab, Center for the Study of Language and Information, Stanford University, Stanford, California (2015).
  21. 21.
    Tewelde, S., Gruner, S., Olivier, M.: Notions of hypothesis in digital forensics. In: Peterson, G., Shenoi, S. (eds.) DigitalForensics 2015. IAICT, vol. 462, pp. 29–43. Springer, Heidelberg (2015). doi: 10.1007/978-3-319-24123-4_2 CrossRefGoogle Scholar
  22. 22.
    Turvey, B.: Forensic Fraud: Evaluating Law Enforcement and Forensic Science Cultures in the Context of Examiner Misconduct. Academic Press, Waltham (2013)Google Scholar
  23. 23.
    Wittgenstein, L.: Tractatus Logico-Philosophicus. Routledge, Abingdon (2001)zbMATHGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2016

Authors and Affiliations

  1. 1.University of PretoriaPretoriaSouth Africa

Personalised recommendations