Advancing Digital Forensics
The diversity of computing and communication systems used as well as the sheer volume of data processed in all aspects of personal, government, and commercial activities poses considerable challenges to law enforcement and particularly compliance officers. While commercial tools exist for a number of common problems, this is, however, not always sufficient in many more complex cases. Moreover, investigators only familiar with such tools may not be aware of limits in scope and accuracy, potentially resulting in missing evidence or placing unwarranted confidence in it. Moreover, not only is it critical to have an in-depth understanding of the underlying operating principles of the systems that are analyzed, there will also at times be a need to go beyond capabilities of existing tool sets, the enabling knowledge, concepts, and analytical skills for which we argue is currently not offered in a concise higher education context but rather tends to be acquired in an ad-hoc manner.
We therefore propose elements of a curriculum for the M.Sc. and particularly the Ph.D. level which provide the necessary rigorous theoretical foundations and perspectives in mathematics, computer science, and engineering combined with a background in forensic sciences which enable both a sound appreciation of existing techniques and the development of new forensic evidence collection and analysis methods. We argue that these abilities are crucial in developing a more rigorous discipline of digital forensics which will both be able to address new challenges posed by evolving information systems and also to satisfy the stringency expected from it given its increasing importance in a broad range of application areas.
KeywordsDigital Forensics Curriculum Development
- 1.Nance, K., Hay, B., Bishop, M.: Digital Forensics: Defining a Research Agenda. In: Proceedings of the 42nd Hawaii International Conference on System Sciences (HICSS 2009), pp. 1–6. IEEE Press, Waikoloa (2009); also published as a CISSE reportGoogle Scholar
- 2.Figg, W., Zhou, Z.: A Computer Forensics Minor Curriculum Proposal. Journal of Computing Sciences in Colleges 22(4), 32–38 (2007)Google Scholar
- 6.Bem, D., Huebner, E.: Computer Forensics Workshop for Undergraduate Students. In: Proceedings of the Tenth Conference on Australasian Computing Education, pp. 29–33. Australian Computer Society, Wollongong (2008)Google Scholar
- 7.Cohen, F.B., Johnson, T.A.: A Ph.D. Curriculum for Digital Forensics. In: Proceedings of the 42nd Hawaii International Conference on System Sciences (HICSS 2009), pp. 1–8. IEEE Press, Waikoloa (2009)Google Scholar
- 9.Foster, K.R., Huber, P.W.: Judging Science: Scientific Knowledge and the Federal Courts. MIT Press, Cambridge (1997)Google Scholar
- 13.Deane, W.: System Event Monitoring as a Security Control. Master’s thesis, Royal Holloway, University of London, Egham, Surrey, UK (September 2008)Google Scholar