Advancing Digital Forensics

  • Katrin Franke
  • Erik Hjelmås
  • Stephen D. Wolthusen
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 406)


The diversity of computing and communication systems used as well as the sheer volume of data processed in all aspects of personal, government, and commercial activities poses considerable challenges to law enforcement and particularly compliance officers. While commercial tools exist for a number of common problems, this is, however, not always sufficient in many more complex cases. Moreover, investigators only familiar with such tools may not be aware of limits in scope and accuracy, potentially resulting in missing evidence or placing unwarranted confidence in it. Moreover, not only is it critical to have an in-depth understanding of the underlying operating principles of the systems that are analyzed, there will also at times be a need to go beyond capabilities of existing tool sets, the enabling knowledge, concepts, and analytical skills for which we argue is currently not offered in a concise higher education context but rather tends to be acquired in an ad-hoc manner.

We therefore propose elements of a curriculum for the M.Sc. and particularly the Ph.D. level which provide the necessary rigorous theoretical foundations and perspectives in mathematics, computer science, and engineering combined with a background in forensic sciences which enable both a sound appreciation of existing techniques and the development of new forensic evidence collection and analysis methods. We argue that these abilities are crucial in developing a more rigorous discipline of digital forensics which will both be able to address new challenges posed by evolving information systems and also to satisfy the stringency expected from it given its increasing importance in a broad range of application areas.


Digital Forensics Curriculum Development 


  1. 1.
    Nance, K., Hay, B., Bishop, M.: Digital Forensics: Defining a Research Agenda. In: Proceedings of the 42nd Hawaii International Conference on System Sciences (HICSS 2009), pp. 1–6. IEEE Press, Waikoloa (2009); also published as a CISSE reportGoogle Scholar
  2. 2.
    Figg, W., Zhou, Z.: A Computer Forensics Minor Curriculum Proposal. Journal of Computing Sciences in Colleges 22(4), 32–38 (2007)Google Scholar
  3. 3.
    Taylor, C., Endicott-Popovsky, B., Phillips, A.: Forensics Education: Assessment and Measures of Excellence. In: Proceedings of the Second International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE 2007), pp. 155–165. IEEE Press, Seattle (2007)CrossRefGoogle Scholar
  4. 4.
    Yasinsac, A., Erbacher, R.F., Marks, D.G., Pollitt, M.G.: Computer Forensics Education. IEEE Security & Privacy 1(4), 15–23 (2003)CrossRefGoogle Scholar
  5. 5.
    Gottschalk, L., Liu, J., Dathan, B., Fitzgerald, S., Stein, M.: Computer Forensics Programs in Higher Education: A Preliminary Study. In: Proceedings of the 36th SIGCSE Technical Symposium on Computer Science Education, pp. 147–151. ACM Press, St. Louis (2005)CrossRefGoogle Scholar
  6. 6.
    Bem, D., Huebner, E.: Computer Forensics Workshop for Undergraduate Students. In: Proceedings of the Tenth Conference on Australasian Computing Education, pp. 29–33. Australian Computer Society, Wollongong (2008)Google Scholar
  7. 7.
    Cohen, F.B., Johnson, T.A.: A Ph.D. Curriculum for Digital Forensics. In: Proceedings of the 42nd Hawaii International Conference on System Sciences (HICSS 2009), pp. 1–8. IEEE Press, Waikoloa (2009)Google Scholar
  8. 8.
    Franke, K., Srihari, S.N.: Computational Forensics: An Overview. In: Srihari, S.N., Franke, K. (eds.) IWCF 2008. LNCS, vol. 5158, pp. 1–10. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  9. 9.
    Foster, K.R., Huber, P.W.: Judging Science: Scientific Knowledge and the Federal Courts. MIT Press, Cambridge (1997)Google Scholar
  10. 10.
    Aitken, C.G.G., Taroni, F.: Statistics and the Evaluation of Evidence for Forensic Scientists, 2nd edn. John Wiley & Sons, New York (2004)CrossRefzbMATHGoogle Scholar
  11. 11.
    Taroni, F., Aitken, C., Garbolino, P., Biedermann, A.: Bayesian Networks and Probabilistic Inference in Forensic Science. John Wiley & Sons, New York (2006)CrossRefzbMATHGoogle Scholar
  12. 12.
    Pearl, J.: Causality: Models, Reasoning, and Inference, 2nd edn. Cambridge University Press, Cambridge (2009)CrossRefzbMATHGoogle Scholar
  13. 13.
    Deane, W.: System Event Monitoring as a Security Control. Master’s thesis, Royal Holloway, University of London, Egham, Surrey, UK (September 2008)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2013

Authors and Affiliations

  • Katrin Franke
    • 1
  • Erik Hjelmås
    • 1
  • Stephen D. Wolthusen
    • 1
    • 2
  1. 1.Norwegian Information Security Laboratory, Department of Computer ScienceGjøvik University CollegeNorway
  2. 2.Information Security Group, Department of Mathematics, Royal HollowayUniversity of LondonUnited Kingdom

Personalised recommendations