On the Scientific Maturity of Digital Forensics Research

  • Martin Olivier
  • Stefan Gruner
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 410)

Abstract

This paper applies a scientific maturity grade schema from the software engineering domain to research in the field of digital forensics. On the basis of this maturity schema and its grades, the paper classifies the current maturity of digital forensics research. The findings show that much more research conducted at higher levels of “scientificness” is necessary before the new field of digital forensics can be considered to be scientifically mature.

Keywords

Digital forensics scientific maturity software engineering 

References

  1. 1.
    S. Al-Kuwari and S. Wolthusen, Forensic tracking and mobility prediction in vehicular networks, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 91–105, 2010.CrossRefGoogle Scholar
  2. 2.
    N. Beebe and J. Clark, Dealing with terabyte data sets in digital investigations, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 3–16, 2005.Google Scholar
  3. 3.
    M. Bunge, Philosophy of Science (Volume One): From Problem to Theory, Transaction Publishers, New Brunswick, New Jersey, 1998.Google Scholar
  4. 4.
    M. Bunge, Philosophy of Science (Volume Two): From Explanation to Justification, Transaction Publishers, New Brunswick, New Jersey, 1998.Google Scholar
  5. 5.
    Y. Chen, V. Roussev, G. Richard and Y. Gao, Content-based image retrieval for digital forensics, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 271–282, 2005.Google Scholar
  6. 6.
    K. Chow and S. Shenoi, Advances in Digital Forensics VI, Springer, Heidelberg, Germany, 2010.CrossRefGoogle Scholar
  7. 7.
    F. Cohen, Toward a science of digital forensic evidence examination, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 17–35, 2010.CrossRefGoogle Scholar
  8. 8.
    S. Conrad, G. Dorn and P. Craiger, Forensic analysis of a Playstation-3 console, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 65–76, 2010.CrossRefGoogle Scholar
  9. 9.
    P. Craiger, Recovering digital evidence from Linux systems, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 233–244, 2005.Google Scholar
  10. 10.
    M. Davis, G. Manes and S. Shenoi, A network-based architecture for storing digital evidence, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 33–42, 2005.Google Scholar
  11. 11.
    T. Duval, B. Jouga and L. Roger, The Mitnick case: How Bayes could have helped, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 91–104, 2005.Google Scholar
  12. 12.
    B. Fei, J. Eloff, H. Venter and M. Olivier, Exploring forensic data with self-organizing maps, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 113–123, 2005.Google Scholar
  13. 13.
    P. Gershteyn, M. Davis, G. Manes and S. Shenoi, Extracting concealed data from BIOS chips, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 217–230, 2005Google Scholar
  14. 14.
    P. Giannelli, Wrongful Convictions and Forensic Science: The Need to Regulate Crime Labs, Working Paper 08-02, School of Law, Case Western Reserve University, Cleveland, Ohio, 2008.Google Scholar
  15. 15.
    M. Gunestas, M. Mehmet and D. Wijsekera, Detecting Ponzi and pyramid business schemes in choreographed web services, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 133–150, 2010.CrossRefGoogle Scholar
  16. 16.
    Y. Guo and J. Slay, Data recovery function testing for digital forensic tools, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 297–311, 2010.CrossRefGoogle Scholar
  17. 17.
    M. Hoeschele and M. Rogers, Detecting social engineering, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 67–77, 2005.Google Scholar
  18. 18.
    R. Ieong, P. Lai, K. Chow, M. Kwan and F. Law, Identifying first seeders in Foxy peer-to-peer networks, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 151–168, 2010.CrossRefGoogle Scholar
  19. 19.
    P. Kahai, M. Srinivasan, K. Namuduri and R. Pendse, Forensic profiling system, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 153–164, 2005.Google Scholar
  20. 20.
    E. Kim, D. Massey and I. Ray, Global Internet routing forensics, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 165–176, 2005.Google Scholar
  21. 21.
    R. Koppl and M. Ferraro, Digital devices and miscarriages of justice, Daily Caller (dailycaller.com/2012/06/15/digital-devices-and-miscarriages-of-justice), June 15, 2012.
  22. 22.
    M. Kwan, R. Overill, K. Chow, J. Silomon, H. Tse, F. Law and P. Lai, Evaluation of evidence in Internet auction fraud investigations, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 121–132, 2010.CrossRefGoogle Scholar
  23. 23.
    R. Laubscher, D. Rabe, M. Olivier, J. Eloff and H. Venter, Applying forensic principles to computer-based assessment, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 105–112, 2005.Google Scholar
  24. 24.
    F. Law, P. Chan, S. Yiu, B. Tang, P. Lai, K. Chow, R. Ieong, M. Kwan, W. Hon and L. Hui, Identifying volatile data from multiple memory dumps in live forensics, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 185–194, 2010.CrossRefGoogle Scholar
  25. 25.
    F. Li, H. Chan, K. Chow and P. Lai, An analysis of the Green Dam Youth Escort Software, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 49–62, 2010.CrossRefGoogle Scholar
  26. 26.
    M. Losavio, Non-technical manipulation of digital data, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 51–63, 2005.Google Scholar
  27. 27.
    M. Meyers and M. Rogers, Digital forensics: Meeting the challenges of scientific evidence, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 43–50, 2005.Google Scholar
  28. 28.
    T. Moore, A. Meehan, G. Manes and S. Shenoi, Using signaling information in telecom network forensics, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 177–188, 2005.Google Scholar
  29. 29.
    Y. Motora and B. Irwin, In-kernel cryptographic executable verification, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 303–313, 2005.Google Scholar
  30. 30.
    Y. Nakayama, S. Shibaguchi and K. Okada, A visualization system for analyzing information leakage, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 269–282, 2010.CrossRefGoogle Scholar
  31. 31.
    S. Ngobeni, H. Venter and I. Burke, A forensic readiness model for wireless networks, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 107–117, 2010.CrossRefGoogle Scholar
  32. 32.
    J. Okolica and G. Peterson, A compiled memory analysis tool, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 195–204, 2010.CrossRefGoogle Scholar
  33. 33.
    M. Olivier, Forensics and privacy-enhancing technologies, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 17–31, 2005.Google Scholar
  34. 34.
    L. Peng, T. Wingfield, D. Wijsekera, E. Frye, R. Jackson and J. Michael, Making decisions about legal responses to cyber attacks, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 283–294, 2005.Google Scholar
  35. 35.
    A. Persaud and Y. Guan, A framework for email investigations, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 79–90, 2005.Google Scholar
  36. 36.
    G. Peterson, Forensic analysis of digital image tampering, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 259–270, 2005. Google Scholar
  37. 37.
    S. Piper, M. Davis, G. Manes and S. Shenoi, Detecting hidden data in ext2/ext3 file systems, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 245–256, 2005.Google Scholar
  38. 38.
    M. Pollitt, A history of digital forensics, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 3–15, 2010.CrossRefGoogle Scholar
  39. 39.
    M. Pollitt and S. Shenoi, Advances in Digital Forensics, Springer, Boston, Massachusetts, 2005.Google Scholar
  40. 40.
    S. Redding, Using peer-to-peer technology for network forensics, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 141–152, 2005.Google Scholar
  41. 41.
    V. Roussev, Data fingerprinting with similarity digests, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 207–226, 2010.CrossRefGoogle Scholar
  42. 42.
    A. Savoldi, P. Gubian and I. Echizen, Uncertainty in live forensics, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 171–184, 2010.CrossRefGoogle Scholar
  43. 43.
    B. Schatz and M. Cohen, Redefining evidence containers for provenance and accurate data representation, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 227–242, 2010.CrossRefGoogle Scholar
  44. 44.
    K. Shanmugasundaram, H. Bronnimann and N. Memon, Integrating digital forensics in network infrastructures, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 127–140, 2005.Google Scholar
  45. 45.
    M. Shaw, The coming-of-age of software architecture research, Proceedings of the Twenty-Third International Conference on Software Engineering, pp. 656–664, 2001.Google Scholar
  46. 46.
    J. Slay and K. Jorgensen, Applying filter clusters to reduce search state space, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 295–301, 2005.Google Scholar
  47. 47.
    G. Snelting, Paul Feyerabend und die Softwaretechnologie, Informatik Spektrum, vol. 21(5), pp. 273–276, 1998.CrossRefGoogle Scholar
  48. 48.
    C. Swenson, G. Manes and S. Shenoi, Imaging and analysis of GSM SIM cards, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 205–216, 2005. Google Scholar
  49. 49.
    K. Tadano, M. Kawato, R. Furukawa, F. Machida and Y. Maeno, Digital watermarking of virtual machine images, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 257–268, 2010.CrossRefGoogle Scholar
  50. 50.
    V. Thing, Virtual expansion of rainbow tables, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 243–256, 2010.CrossRefGoogle Scholar
  51. 51.
    K. Wang, Using a local search warrant to acquire evidence stored overseas via the Internet, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 37–48, 2010.CrossRefGoogle Scholar
  52. 52.
    S. Willassen, Forensic analysis of mobile phone internal memory, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 191–204, 2005.Google Scholar
  53. 53.
    Y. Yang, K. Chow, L. Hui, C. Wang, L. Chen, Z. Chen and J. Chen, Forensic analysis of popular Chinese Internet applications, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 285–295, 2010.CrossRefGoogle Scholar
  54. 54.
    Y. Zhu, J. James and P. Gladyshev, A consistency study of the Windows registry, in Advances in Digital Forensics VI, K. Chow and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 77–90, 2010. CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2013

Authors and Affiliations

  • Martin Olivier
    • 1
  • Stefan Gruner
    • 1
  1. 1.University of PretoriaPretoriaSouth Africa

Personalised recommendations