Abstract
Contrary to traditional crimes for which there exists deep-rooted standards, procedures and models upon which courts of law can rely, there are no formal standards, procedures nor models for digital forensics to which courts can refer. Although there are already a number of various digital investigation process models, these tend to be ad-hoc procedures. In order for the case to prevail in the court of law, the processes followed to acquire digital evidence and terminology utilised must be thorough and generally accepted in the digital forensic community. The proposed novel process model is aimed at addressing both the practical requirements of digital forensic practitioners and the needs of courts for a formal computer investigation process model which can be used to process the digital evidence in a forensically sound manner. Moreover, unlike the existing models which focus on one aspect of process, the proposed model describes the entire lifecycle of a digital forensic investigation.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Adams, R., Hobbs, V., Mann, G.: The advanced data acquisition model (ADAM): a process model for digital forensic practice. J. Digit. Forensics Secur. Law 8(4), 25–48 (2014)
Bulbul, H., Yavuzcan, H., Ozel, M.: Digital forensics: an analytical crime scene procedure model (ACSPM). Forensic Sci. Int. 233(1), 244–256 (2013)
Agarwal, A., Gupta, M., Gupta, S., Gupta, C.: Systematic digital forensic investigation model. Int. J. Comput. Sci. Secur. 5(1), 118–130 (2011)
Ieong, R.S.C.: FORZA–digital forensics investigation framework that incorporate legal issues. Digit. Investig. 3, 29–36 (2006)
Grobler, C.P., Louwrens, C.P., Sebastiaan, von Solms, H.: A multi-component view of digital forensics. In: ARES 2010 International Conference on Availability, Reliability, and Security. IEEE (2010)
Ademu, I., Imafidon, C., Preston, D.: A new approach of digital forensic model for digital forensic investigation. Int. J. Adv. Comput. Sci. Appl. 2(12), 175–178 (2011)
Cohen, F.: Putting the science in digital forensics. J. Digit. Forensics Secur. Law 6(1), 7–14 (2011)
Cohen, F.: Update on the State of the Science of Digital Evidence Examination. In: Proceedings of the Conference on Digital Forensics, Security & Law, pp. 7–18 (2012)
Kohn, M., Eloff, M., Eloff, J.: Integrated digital forensic process model. Comput. Secur. 38, 103–115 (2013)
Zainudin, N., Merabti, M., Liwellyn-Jones, D.: Online social networks as supporting evidence: a digital forensic investigation model and its application design. In: International conference on Research and Innovation in Information Systems (ICRIIS), Kuala Lumpur, 23–24 November, pp. 1–6. IEEE (2011)
Garfinkel, S., Farrell, P., Roussev, V., Dinolt, G.: Bringing science to digital forensics with standardized forensic corpora. Digit. Investig. 6, S2–S11 (2009)
Carlton, H., Worthley, R.: An evaluation of agreement and conflict among computer forensic experts. In: 42nd Hawaii International Conference on System Sciences (HICSS), Hawaii, 5–8 January. IEEE, Hawaii (2009)
Pollitt, M.: Applying traditional forensic taxonomy to digital forensics. In: Ray, I., Shenoi, S. (eds.) Advances in Digital Forensics IV, vol. 285, pp. 17–26. Springer, New York (2008)
Leigland, L., Krings, A.: A formalization of digital forensics. Int. J. Digit. Evid. 3(2), 1–32 (2004)
Carrier, B.: Defining digital forensic examination and analysis tools using abstraction layers. Int. J. Evid. 1(4), 1–12 (2003)
Stanfield, A.: Computer Forensics, Electronic Discovery and Electronic Evidence. LexisNexis Butterworths, Chatswood (2009)
Smith, R., Grabosky, P., Urbas, G.: Cyber Criminals on Trial. Cambridge University Press, Cambridge (2009)
Mason, S.: Electronic Evidence: Disclosure, Discovery & Admissibility. LexisNexis Butterworths, London (2007)
Kessler, C.: Judges’ awareness, understanding, and application of digital evidence. Ph.D. thesis. Nova Southeastern University (2010)
Casey, E.: Digital Evidence and Computer Crime Forensic Science, Computers and the Internet, 3rd edn. Elsevier, San Diego (2011)
The Law Reform: The Admissibility of Expert Evidence in Criminal Proceedings in England and Wales (2009). http://lawcommission.justice.gov.uk/docs/cp190_Expert_Evidence_Consultation.pdf. Accessed 20 Jan. 2015
Wiles, J. (ed.): The Best Damn Cybercrime and Digital Investigations Book Period: Syngress Publishing Palmer, Gary (2001). A road map for digital forensic research. First Digital Forensic Research Workshop, Utica, New York (2007)
Turnbull, B.: The adaptability of electronic evidence acquisition guides for new technologies. In: Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information and Multimedia and Workshop
Calhoun, C.: Scientific Evidence in Court: Daubert or Frye, 15 Years Later, vol. 23(37). Legal Backgrounder, Washington, DC (2008)
Peisert, S., Bishop, M., Marzullo, K.: Computer Forensics. In: Forensis’, Third International Workshop on Systematic Approaches to Digital Forensic Engineering, Oakland, California, USA (2008)
Meyers, M., Rogers, M.: Computer forensics: the need for standardization and certification. Int. J. Digit. Evid. 3(2), 1–11 (2004)
Carrier, B.: Open source digital forensic tools: the legal argument’ (2002). http://www.digital-evidence.org/papers/opensrc_legal.pdf. Accessed 6 Jan 2014
US-CERT: Computer Forensics (2012). http://www.us-cert.gov/reading_room/forensics.pdf
Yussoff, Y., Roslan, I., Zainuddin, H.: Common phases of computer forensics investigation models. Int. J. Comput. Sci. Inf. Technol. 3(3), 17–31 (2011)
Trcek, D., Abie, H., Skomedal, A., Starc, I.: Advanced framework for digital forensic technologies and procedures. J. Forensic Sci. 55(6), 1471–1479 (2010)
Beebe, N., Clark, J.: A hierarchical, objectives-based framework for the digital investigations process. Digit. Investig. 2(2), 147–167 (2005)
Ciardhuáin, O.: An extended model of cybercrime investigations. Int. J. Digit. Evid. 3(1), 1–22 (2004)
Reith, M., Carr, C., Gunsch, G.: An examination of digital forensic models. Int. J. Digit. Evid. 1(3), 1–12 (2002)
Karyda, M., Mitrou, L.: Internet forensics: legal and technical issues. In: 2nd International Workshop on Digital Forensics and Incident Analysis, Samos (Greece), pp. 3–12 (2007)
Baryamureeba, V., Florence, T.: The enhanced digital investigation process model. In: Proceedings of the Fourth Digital Forensic Research Workshop (2004)
Armstrong, C., Armstrong, H.: Modeling forensic evidence systems using design science. In: IFIP WG 8.2/8.6 International Working Conference, Perth, Western Australia (2010)
Hevner, A., Chatterjee, S.: Design Research in Information Systems. Springer, New York (2010)
Peffers, K., Tuunanen, T., Gengler, C., Rossi, M., Hui, W., Virtanen, V., Bragge, J.: The design science research process: a model for producing and presenting information systems research. In: Design Science Research in Information Systems and Technology (DESRIST 2006), 24–25 February, Claremont, CA (2006)
Rogers, M., Goldman, J., Mislan, R., Debrota, S., Wedge, T.: Computer forensics field triage process model. In: Conference on Digital Forensics, Security and Law (2006)
Nair, B.S.: Digital Electronics and Logic Design, 6th edn. Prentice Hall, New Delhi (2006)
Rowlingson, R.: A ten step process for forensic readiness. Int. J. Digit. Evid. 2(4), 1–28 (2004)
Tan, J.: Forensic Readiness (2001). http://isis.poly.edu/kulesh/forensics/forensic_readiness.pdf. Accessed 20 Jan 2015
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Montasari, R., Peltola, P., Evans, D. (2015). Integrated Computer Forensics Investigation Process Model (ICFIPM) for Computer Crime Investigations. In: Jahankhani, H., Carlile, A., Akhgar, B., Taal, A., Hessami, A., Hosseinian-Far, A. (eds) Global Security, Safety and Sustainability: Tomorrow's Challenges of Cyber Security. ICGS3 2015. Communications in Computer and Information Science, vol 534. Springer, Cham. https://doi.org/10.1007/978-3-319-23276-8_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-23276-8_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-23275-1
Online ISBN: 978-3-319-23276-8
eBook Packages: Computer ScienceComputer Science (R0)