Digital Forensic Investigations: A New Frontier for Informing Systems

Chapter

Abstract

Digital forensic investigators experience a need for support in their everyday struggle to overcome boundary problems associated with cyber crime investigations. Traditional methods are socio-culturally and physically localised and dependent on strict and historically prescriptive political management. The new internet-worked cyber-world creates unprecedented difficulties for digital forensic investigations. This is directly linked with the inherently complex uncertainties and ambiguities related to a constant need for framing and re-framing of problem spaces under investigation. As such, in this paper we propose the recruitment of the discipline of Informing Systems in the context of digital discovery. Early findings of such an exercise indicate that informing systems approaches can assist the investigation process by offering means for structuring uncertainty. As it is accepted that uncertainty is an inherent element in a crime scene, not least in a cyber crime scene, we consider the contribution of Informing Systems vital for the effectiveness of digital forensic investigation practices.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Katos V. and Bednar P. M. (2008) A cyber-crime Investigation Framework. Computer Standards and Interfaces, 30(4): 223–228.Google Scholar
  2. 2.
    Unisys (2007). What is HOLMES 2? From: http://www.holmes2.com/holmes2/whatish2/ (September 2008).
  3. 3.
    Valier C. (1998). True Crime Stories: Scientific Methods of Criminal Investigations, Criminology and Historiography. British Journal of Criminology, 38(1), 88–105.Google Scholar
  4. 4.
    Broadhurst R. (2006). Developments in the Global Law Enforcement of Cyber-Crime. Policing: An International Journal of Police Strategies and Management 29(3), 408–433CrossRefGoogle Scholar
  5. 5.
    Karyda M. and Mitrou L. (2007). Internet Forensics: Legal and Technical Issues. Proceedings of the 2nd International Annual Workshop on Digital Forensics and Incident Analysis. Preneel B., Kokolakis S. and Tryfonas T. (eds.), IEEE Computer Society Press, Prague, CzechGoogle Scholar
  6. 6.
    Yar M. (2005). The Novelty of ‘Cybercrime’: An assessment in the Light of Routinge Activity Theory. European Journal of Criminology, 4(2), 407–427.CrossRefGoogle Scholar
  7. 7.
    Mitropoulos S., Patsos D., Douligeris C. (2007). Incident Response Requirements for Distributed Security Informatino Management Systems. Information Management and Computer Security, 15(3), 226–240.CrossRefGoogle Scholar
  8. 8.
    Jahankhani H. (2006). Waking Up to the Threat of Cyber Crime. Information Security, 2006.Google Scholar
  9. 9.
    Bednar P. M. (2000) A Contextual Integration of Individual and Organizational Learning Perspectives as Part of IS Analysis. Informing Science., 3(3): 145–156.Google Scholar
  10. 10.
    Bednar P. M., Katos V. and Hennell C. (2008) Cyber-Crime Investigations: Complex Collaborative Decision Making. Proceedings of the Third International Annual Workshop on Digital Forensics and Incident Analysis. Tryfonas, T. (ed), IEEE Computer Society Press, Prague, Czech.Google Scholar
  11. 11.
    EDRM (2008) EDRM: Electronic Discovery Reference Model. From: http://edrm.net/ (June, 2008).
  12. 12.
    Benko C. and McFarlan W. (2003). Connecting the Dots. Harvard Business School Press, Boston: MA.Google Scholar
  13. 13.
    Peppard J. (2007). The Conundrum of IT Management. European Journal of Information Systems 16: 336–345.CrossRefGoogle Scholar
  14. 14.
    Ciborra C. U. and Willcocks L. (2006). The mind or the heart? Journal of Information Technology 21(3): 129–139.CrossRefGoogle Scholar
  15. 15.
    Stacey R. and Griffin D. (2005). A Complexity Perspective on Researching Organizations. Sage, Thousand Oaks, CAGoogle Scholar
  16. 16.
    Ciborra C. U. (2002). The Labyrinths of Information. Oxford University Press, Oxford.Google Scholar
  17. 17.
    Ciborra C. U. (2004). Encountering information systems as a phenomenon. In C. Avgerou C. Ciborra and F. Land (eds.), The Social Study of Information and Communication Technology. Oxford University Press, Oxford.Google Scholar
  18. 18.
    Heidegger M. (1962). Being in Time. Harper and Row, New York.Google Scholar
  19. 19.
    Brown J. S. and Duguid P. (2002). The Social Life of Information. Harvard Business School Press, Boston, MAGoogle Scholar
  20. 20.
    McDermott R. (1999). Why Information Technology Inspired but Cannot Deliver Knowledge Management. California Management Review. 41(4): 103–117.Google Scholar
  21. 21.
    NPIA, National Policing Improvement Agency. (2008). HOLMES 2 overview. From: http://www.npia.police.uk/en/5962.htm (September 2008).
  22. 22.
    Bednar, P., Katos, V., Hennell, C. 2008. Cyber-Crime Investigations: Complex Collaborative Decision Making. Workshop on Digital Forensics and Incident Analysis, IEEE CS Press, Malaga, Spain, 10 October:3–11.Google Scholar
  23. 23.
    Shafer, G. (1976) A Mathematical Theory of Evidence. Princeton University Press, Princeton.Google Scholar
  24. 24.
    Bednar, P.M., Anderson, D. and Welch, C. (2005). ‘Knowledge Creation and Sharing – Complex Methods of Inquiry and Inconsistent Theory’. ECKM 2005. Proceedings. Limerick, 8-9 September.Google Scholar
  25. 25.
    Bednar P., Welch C., and Katos V. (2006). ‘Four valued logic: supporting complexity in knowledge sharing processes,’ ECKM 2006. Proceedings, Budapest, Hungary, 4-5 Sept.Google Scholar
  26. 26.
    Bednar P., Welch C. and Katos V. (2008). Innovation Management Through the use of Diversity Networks. International Journal of Knowledge and Learning, (in press)Google Scholar
  27. 27.
    Bednar P., Welch C. and Katos V. (2007). ‘Dealing with Complexity in Knowledge Sharing Processes’. ECKM 2007, Proceedings. Barcelona, Spain, 6-7 September.Google Scholar
  28. 28.
    Bednar P., Katos V. and Welch C. (2007). ‘Systems analysis: exploring the spectrum of diversity’, ECIS 2007. Proceedings Information Systems: Rigorous Relevance – Relevant Rigour, St Gallen, Switzerland, 7-9 June 2007.Google Scholar
  29. 29.
    Bednar, P. and Welch, C. (2007). ‘A Double Helix Metaphor for Use and Usefulness in Informing Systems’. Informing Science 10, 273–295.Google Scholar
  30. 30.
    Nissen H-E. (2007). Using Double Helix Relationships to Understand and Change Informing Systems, Monograph of Informing Science, 10, 21–62.Google Scholar

Copyright information

© Physica-Verlag Heidelberg 2009

Authors and Affiliations

  1. 1.Lund UniversityLundSweden
  2. 2.University of PortsmouthPortsmouthUK
  3. 3.Democritus University of ThraceXanthiGreece

Personalised recommendations