Skip to main content
SpringerLink
Log in

Integrated Computer Forensics Investigation Process Model (ICFIPM) for Computer Crime Investigations

  • Conference paper
  • First Online:
Book cover Global Security, Safety and Sustainability: Tomorrow's Challenges of Cyber Security (ICGS3 2015)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 534))

Included in the following conference series:

  • International Conference on Global Security, Safety, and Sustainability

Abstract

Contrary to traditional crimes for which there exists deep-rooted standards, procedures and models upon which courts of law can rely, there are no formal standards, procedures nor models for digital forensics to which courts can refer. Although there are already a number of various digital investigation process models, these tend to be ad-hoc procedures. In order for the case to prevail in the court of law, the processes followed to acquire digital evidence and terminology utilised must be thorough and generally accepted in the digital forensic community. The proposed novel process model is aimed at addressing both the practical requirements of digital forensic practitioners and the needs of courts for a formal computer investigation process model which can be used to process the digital evidence in a forensically sound manner. Moreover, unlike the existing models which focus on one aspect of process, the proposed model describes the entire lifecycle of a digital forensic investigation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Adams, R., Hobbs, V., Mann, G.: The advanced data acquisition model (ADAM): a process model for digital forensic practice. J. Digit. Forensics Secur. Law 8(4), 25–48 (2014)

    Google Scholar 

  2. Bulbul, H., Yavuzcan, H., Ozel, M.: Digital forensics: an analytical crime scene procedure model (ACSPM). Forensic Sci. Int. 233(1), 244–256 (2013)

    Article  Google Scholar 

  3. Agarwal, A., Gupta, M., Gupta, S., Gupta, C.: Systematic digital forensic investigation model. Int. J. Comput. Sci. Secur. 5(1), 118–130 (2011)

    MathSciNet  Google Scholar 

  4. Ieong, R.S.C.: FORZA–digital forensics investigation framework that incorporate legal issues. Digit. Investig. 3, 29–36 (2006)

    Article  Google Scholar 

  5. Grobler, C.P., Louwrens, C.P., Sebastiaan, von Solms, H.: A multi-component view of digital forensics. In: ARES 2010 International Conference on Availability, Reliability, and Security. IEEE (2010)

    Google Scholar 

  6. Ademu, I., Imafidon, C., Preston, D.: A new approach of digital forensic model for digital forensic investigation. Int. J. Adv. Comput. Sci. Appl. 2(12), 175–178 (2011)

    Google Scholar 

  7. Cohen, F.: Putting the science in digital forensics. J. Digit. Forensics Secur. Law 6(1), 7–14 (2011)

    Google Scholar 

  8. Cohen, F.: Update on the State of the Science of Digital Evidence Examination. In: Proceedings of the Conference on Digital Forensics, Security & Law, pp. 7–18 (2012)

    Google Scholar 

  9. Kohn, M., Eloff, M., Eloff, J.: Integrated digital forensic process model. Comput. Secur. 38, 103–115 (2013)

    Article  Google Scholar 

  10. Zainudin, N., Merabti, M., Liwellyn-Jones, D.: Online social networks as supporting evidence: a digital forensic investigation model and its application design. In: International conference on Research and Innovation in Information Systems (ICRIIS), Kuala Lumpur, 23–24 November, pp. 1–6. IEEE (2011)

    Google Scholar 

  11. Garfinkel, S., Farrell, P., Roussev, V., Dinolt, G.: Bringing science to digital forensics with standardized forensic corpora. Digit. Investig. 6, S2–S11 (2009)

    Article  Google Scholar 

  12. Carlton, H., Worthley, R.: An evaluation of agreement and conflict among computer forensic experts. In: 42nd Hawaii International Conference on System Sciences (HICSS), Hawaii, 5–8 January. IEEE, Hawaii (2009)

    Google Scholar 

  13. Pollitt, M.: Applying traditional forensic taxonomy to digital forensics. In: Ray, I., Shenoi, S. (eds.) Advances in Digital Forensics IV, vol. 285, pp. 17–26. Springer, New York (2008)

    Chapter  Google Scholar 

  14. Leigland, L., Krings, A.: A formalization of digital forensics. Int. J. Digit. Evid. 3(2), 1–32 (2004)

    Google Scholar 

  15. Carrier, B.: Defining digital forensic examination and analysis tools using abstraction layers. Int. J. Evid. 1(4), 1–12 (2003)

    MathSciNet  Google Scholar 

  16. Stanfield, A.: Computer Forensics, Electronic Discovery and Electronic Evidence. LexisNexis Butterworths, Chatswood (2009)

    Google Scholar 

  17. Smith, R., Grabosky, P., Urbas, G.: Cyber Criminals on Trial. Cambridge University Press, Cambridge (2009)

    Google Scholar 

  18. Mason, S.: Electronic Evidence: Disclosure, Discovery & Admissibility. LexisNexis Butterworths, London (2007)

    Google Scholar 

  19. Kessler, C.: Judges’ awareness, understanding, and application of digital evidence. Ph.D. thesis. Nova Southeastern University (2010)

    Google Scholar 

  20. Casey, E.: Digital Evidence and Computer Crime Forensic Science, Computers and the Internet, 3rd edn. Elsevier, San Diego (2011)

    Google Scholar 

  21. The Law Reform: The Admissibility of Expert Evidence in Criminal Proceedings in England and Wales (2009). http://lawcommission.justice.gov.uk/docs/cp190_Expert_Evidence_Consultation.pdf. Accessed 20 Jan. 2015

  22. Wiles, J. (ed.): The Best Damn Cybercrime and Digital Investigations Book Period: Syngress Publishing Palmer, Gary (2001). A road map for digital forensic research. First Digital Forensic Research Workshop, Utica, New York (2007)

    Google Scholar 

  23. Turnbull, B.: The adaptability of electronic evidence acquisition guides for new technologies. In: Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information and Multimedia and Workshop

    Google Scholar 

  24. Calhoun, C.: Scientific Evidence in Court: Daubert or Frye, 15 Years Later, vol. 23(37). Legal Backgrounder, Washington, DC (2008)

    Google Scholar 

  25. Peisert, S., Bishop, M., Marzullo, K.: Computer Forensics. In: Forensis’, Third International Workshop on Systematic Approaches to Digital Forensic Engineering, Oakland, California, USA (2008)

    Google Scholar 

  26. Meyers, M., Rogers, M.: Computer forensics: the need for standardization and certification. Int. J. Digit. Evid. 3(2), 1–11 (2004)

    Google Scholar 

  27. Carrier, B.: Open source digital forensic tools: the legal argument’ (2002). http://www.digital-evidence.org/papers/opensrc_legal.pdf. Accessed 6 Jan 2014

  28. US-CERT: Computer Forensics (2012). http://www.us-cert.gov/reading_room/forensics.pdf

  29. Yussoff, Y., Roslan, I., Zainuddin, H.: Common phases of computer forensics investigation models. Int. J. Comput. Sci. Inf. Technol. 3(3), 17–31 (2011)

    Google Scholar 

  30. Trcek, D., Abie, H., Skomedal, A., Starc, I.: Advanced framework for digital forensic technologies and procedures. J. Forensic Sci. 55(6), 1471–1479 (2010)

    Article  Google Scholar 

  31. Beebe, N., Clark, J.: A hierarchical, objectives-based framework for the digital investigations process. Digit. Investig. 2(2), 147–167 (2005)

    Article  Google Scholar 

  32. Ciardhuáin, O.: An extended model of cybercrime investigations. Int. J. Digit. Evid. 3(1), 1–22 (2004)

    Google Scholar 

  33. Reith, M., Carr, C., Gunsch, G.: An examination of digital forensic models. Int. J. Digit. Evid. 1(3), 1–12 (2002)

    Google Scholar 

  34. Karyda, M., Mitrou, L.: Internet forensics: legal and technical issues. In: 2nd International Workshop on Digital Forensics and Incident Analysis, Samos (Greece), pp. 3–12 (2007)

    Google Scholar 

  35. Baryamureeba, V., Florence, T.: The enhanced digital investigation process model. In: Proceedings of the Fourth Digital Forensic Research Workshop (2004)

    Google Scholar 

  36. Armstrong, C., Armstrong, H.: Modeling forensic evidence systems using design science. In: IFIP WG 8.2/8.6 International Working Conference, Perth, Western Australia (2010)

    Google Scholar 

  37. Hevner, A., Chatterjee, S.: Design Research in Information Systems. Springer, New York (2010)

    Book  Google Scholar 

  38. Peffers, K., Tuunanen, T., Gengler, C., Rossi, M., Hui, W., Virtanen, V., Bragge, J.: The design science research process: a model for producing and presenting information systems research. In: Design Science Research in Information Systems and Technology (DESRIST 2006), 24–25 February, Claremont, CA (2006)

    Google Scholar 

  39. Rogers, M., Goldman, J., Mislan, R., Debrota, S., Wedge, T.: Computer forensics field triage process model. In: Conference on Digital Forensics, Security and Law (2006)

    Google Scholar 

  40. Nair, B.S.: Digital Electronics and Logic Design, 6th edn. Prentice Hall, New Delhi (2006)

    Google Scholar 

  41. Rowlingson, R.: A ten step process for forensic readiness. Int. J. Digit. Evid. 2(4), 1–28 (2004)

    Google Scholar 

  42. Tan, J.: Forensic Readiness (2001). http://isis.poly.edu/kulesh/forensics/forensic_readiness.pdf. Accessed 20 Jan 2015

Download references

Author information

Authors and Affiliations

  1. Derby University, Derby, UK

    Reza Montasari & David Evans

  2. Nottingham University, Nottingham, UK

    Pekka Peltola

Authors
  1. Reza Montasari
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pekka Peltola
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. David Evans
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Reza Montasari .

Editor information

Editors and Affiliations

  1. GSM London, London, United Kingdom

    Hamid Jahankhani

  2. SC Strategy Limited, London, United Kingdom

    Alex Carlile

  3. Sheffield Hallam University, Sheffield, United Kingdom

    Babak Akhgar

  4. Deutsche Bank, New York, USA

    Amie Taal

  5. City University, London, United Kingdom

    Ali G. Hessami

  6. Leeds Beckett University, Leeds, United Kingdom

    Amin Hosseinian-Far

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Montasari, R., Peltola, P., Evans, D. (2015). Integrated Computer Forensics Investigation Process Model (ICFIPM) for Computer Crime Investigations. In: Jahankhani, H., Carlile, A., Akhgar, B., Taal, A., Hessami, A., Hosseinian-Far, A. (eds) Global Security, Safety and Sustainability: Tomorrow's Challenges of Cyber Security. ICGS3 2015. Communications in Computer and Information Science, vol 534. Springer, Cham. https://doi.org/10.1007/978-3-319-23276-8_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-23276-8_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-23275-1

  • Online ISBN: 978-3-319-23276-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation