Abstract
The conceptual representation of the “Electronic Evidence” domain presented in this chapter aims at building a common language to identifying, connecting and aligning all relevant concepts for the systematic and uniform application of new technologies in the collection, use and exchange of evidence. For setting the domain boundaries, a literature review is presented along with the current standards used to define and handle Electronic Evidence. These sources of information allowed to identify a first set of terms and definitions used in the top-down extraction of relevant concepts to be considered the basis for the development of the full categorization exercise. In parallel, the gathered documentation was used to apply a bottom-up strategy that foresees a semi-automatic extraction of lemmas and syntagms, using a natural language processing technique. The results of this activity allowed the identification of further terms and concepts to enrich the top-down extraction. The research team identified eight classes to represent the Electronic Evidence domain: Crime, Source of Evidence, Process, Electronic Evidence, Requirement, Stakeholder, Rule, and Digital Forensics. These main classes have been hierarchically structured in sub-classes that may be easily updated and maintained. A SKOS structure, Simple Knowledge Organization System, was chosen to represent the domain. Finally considering that one of the main focuses of the EVIDENCE Project concerns the development of a framework for data exchange between judicial actors and LEAs, the study has taken into account the exchange of both digital-born evidence and of not digital-born one.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
See Council of Europe (2013), p. 6.
- 2.
Credits: illustrations by Gaia Soldatini. www.gaiasoldatini.com
- 3.
Convention on Cybercrime, Budapest 23 Nov 2011, see http://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/185.
- 4.
Explanatory Report to the Convention on Cybercrime, https://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/185.
- 5.
Council Act of 29 May 2000, establishing in accordance with Article 34 of the Treaty on European Union the Convention on Mutual Assistance in Criminal Matters between the Member States of the European Union.
- 6.
Council Framework Decision 2008/978/of 18 December 2008 on the European evidence warrant for obtaining objects, documents and data for use in proceedings in criminal matters.
- 7.
Directive 2013/40/EU of the European Parliament and of the Council of 12 August 2013 on attacks against information systems and replacing Council Framework Decision 2005/222/JH.
- 8.
Directive 2014/41/EU of the European Parliament and of the Council of 3 April 2014 regarding the European Investigation Order in criminal matters.
- 9.
The International Organization of Computer Evidence is no longer active. The definition was adopted by IOCE in 2000 as a working definition.
- 10.
See the deliverable D2.1—EVIDENCE Semantic Structure at http://s.evidenceproject.eu/p/e/v/evidence-ga-608185-d2-1-410.pdf.
References
Alzaabi M, Martin T, Taha K, Jones (2015) The use of ontologies in forensic analysis of smartphone content. J Digit Forensic Secur Law 10(4). https://doi.org/10.15394/jdfsl.2015.1215
Association of Chief Police Officers (UK) (2012) Good practice guide for computer-based electronic evidence. http://library.college.police.uk/docs/acpo/digital-evidence-2012.pdf
Brinson A, Robinson A, Rogers M (2006) A cyber forensics ontology: creating a new approach to studying cyber forensics. Digit Investig J 3S:S37–S43
Carrier B (2006) Hypothesis-based approach to digital forensic investigations. Center for Education and Research in Information Assurance and Security, Purdue University
Casey E (2011) Digital evidence and computer crime. forensic science, computers, and the internet, 3rd edn. Elsevier, Amsterdam
Ciurea A (2010) Legal implications of accessing and using information technology. Legislation in Romania and in the EU. In: ICCOMP’10 Proceedings of the 14th WSEAS lmputers: part of the 14th WSEAS CSCC multiconference, vol I, p 258
Clough J (2014) A world of difference: the Budapest convention on cybercrime and the challenges of harmonization. Monash University Law Rev 40(3):698–736
Ćosić J, Ćosić Z (2011) An ontological approach to study and manage digital chain of custody of digital evidence. J Inf Organ Sci 35(1):1–13
Ćosić J, Ćosić Z (2012) The necessity of developing a digital evidence ontology. In: Proceedings of the 23rd central European conference on information and intelligent systems, University of Zagreb, pp 325–230
Council of Europe (2013) Electronic evidence guide. A basic guide for police officers, prosecutors and judges
Daniel L, Daniel L (2011) Digital forensics for legal professionals. Understanding digital evidence from the warrant to the courtroom. Syngress, Boston, p 368
Duranti L (1995) Reliability and authenticity: the concepts and their implications. Archivaria 39:5–10
Duranti L (2009) From digital diplomatics to digital records forensics. Archivaria J Assoc Can Arch
Gatt GG (2002) The misuse of computers in Maltese criminal legislation, University of Malta, p 9
Harril DC, Mislan RP (2007) A small scale digital device forensics ontology. Small Scale Digit Device Forensics J 1(1):1–7
Hoss A, Carver D (2009) Weaving ontologies to support digital forensic analysis. In: Intelligence and security informatics, ISI’09, pp 203–205
Huang J, Yasinsac A, Hayes PJ (2010) Knowledge sharing and reuse in digital forensics. In: Digital investigation, pp 1–6
ISO/IEC 27037 (2012) Guidelines for identification, collection, acquisition, and preservation of digital evidence
Karie NM, Venter HS (2014) Toward a general ontology for digital forensic disciplines. J Forensic Sci 59(5):1231–1241
Koops B-J, Robinson T (2011) Cybercrime: a European perspective. In: Casey E (ed) Digital evidence and computer crime, 3rd edn. Elsevier, Amsterdam, pp 123–183
Kota VK (2012) An ontological approach for digital evidence search. Int J Sci Res Publ 2(12):1–5
Marion NE (2010) The Council of Europe’s cyber crime treaty: an exercise in symbolic legislation. Int J Cyber Criminol 4(1–2):699–712
Murphy CC (2011) The European evidence warrant: mutual recognition. In: Konstadinides E (ed.) Crime within the area of freedom security and justice. A European public order. Cambridge University Press, Cambridge
Park H, Cho S, Kwon HC (2009) Cyber forensics ontology for cyber criminal investigation. In: Forensics in telecommunications, information and multimedia. Springer, Berlin, pp 160–165
Raskin V, Hempelmann CF, Triezenberg KE, Nirenburg S (2001) Ontology in information security: a useful theoretical foundation and methodological tool. In: Proceedings of the 2001 workshop on new security paradigms. ACM, New York, pp 53–59
Schafer B, Mason S (2012) The characteristics of digital evidence. In: Mason S (ed.) Electronic evidence. LexisNexis Butterworths, London, p 25
SWGDE (2000) Digital evidence: standards and principles. Forensic Sci Commun 2(2):2
Talib AM, Alomary FO (2015) Toward a comprehensive ontology based-investigation for digital forensics cybercrime. Int J Commun Antenna Propag 5(5):263–268
Weber AM (2003) The council of Europe’s convention on cybercrime. Berkeley Technol Law J 18(1):425–446
Whitcomb CM (2002) An historical perspective of digital evidence: a forensic scientist’s view. Int J Digital Evid 1(1):1–9
Acknowledgements
We would like to thank Cristiana Crescimbene for her invaluable technical support.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this chapter
Cite this chapter
Avveduto, S., Conti, S., Luzi, D., Pisacane, L. (2018). The Conceptual Representation of the “Electronic Evidence” Domain. In: Biasiotti, M., Mifsud Bonnici, J., Cannataci, J., Turchi, F. (eds) Handling and Exchanging Electronic Evidence Across Europe. Law, Governance and Technology Series, vol 39. Springer, Cham. https://doi.org/10.1007/978-3-319-74872-6_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-74872-6_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-74871-9
Online ISBN: 978-3-319-74872-6
eBook Packages: Law and CriminologyLaw and Criminology (R0)