Skip to main content

On a Scientific Theory of Digital Forensics

Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT,volume 484)


A suitable theory to serve as scientific grounds for a digital forensic science is still elusive. Such a theory needs to satisfy the demands imposed by science and justify the facts derived as evidence using the theory. A number of grounding theories have been proposed. This chapter revisits three prominent theories, those of Gladyshev, Carrier and Cohen, and: (i) determines the requirements they suggest for a digital forensics theory; (ii) analyzes their primary differences; and (iii) assesses them using the norms that exist for science. This enables us to sketch the outlines of a new theory that better reflects the scientific requirements and the intended application of forensic science in a digital context.


  • Forensic science
  • Digital evidence
  • Digital forensic science
  • Theory


  1. Bunge, M.: Philosophy of Science: From Problem to Theory, vol. 1. Transaction Publishers, New Brunswick (1998)

    Google Scholar 

  2. Canter, D., Youngs, D.: Investigative Psychology: Offender Profiling and the Analysis of Criminal Action. John Wiley and Sons, Chichester (2009)

    Google Scholar 

  3. Carrier, B.: A Hypothesis-Based Approach to Digital Forensic Investigations, CERIAS Technical Report 2006–06, Center for Education and Research in Information Assurance and Security, Purdue University, West Lafayette, Indiana (2006)

    Google Scholar 

  4. Cohen, F.: Digital Forensic Evidence Examination. Fred Cohen and Associates, Livermore (2013)

    Google Scholar 

  5. Foucault, M.: Discipline and Punish – The Birth of the Prison. Penguin, London (1991)

    Google Scholar 

  6. French, S.: Science: Key Concepts in Philosophy. Continuum, London (2007)

    Google Scholar 

  7. GE Healthcare Life Science: DNAscan Rapid DNA Analysis System, Data File 29–0327-18 AB. Pittsburgh, Pennsylvania (2014)

    Google Scholar 

  8. Gladyshev, P.: Formalizing Event Reconstruction in Digital Investigations, Doctoral Dissertation, Department of Computer Science, University College Dublin, Dublin, Ireland (2004)

    Google Scholar 

  9. Gratzer, W.: The Undergrowth of Science – Delusion, Self-Deception and Human Frailty. Oxford University Press, Oxford (2000)

    Google Scholar 

  10. Harding, S.: Whose Science? Whose Knowledge? Thinking from Women’s Lives. Cornell University Press, Ithaca (1991)

    Google Scholar 

  11. Inman, K., Rudin, N.: Principles and Practice of Criminalistics: The Profession of Forensice Science. CRC Press, Boca Raton (2001)

    Google Scholar 

  12. Kuhn, T.: The Structure of Scientific Revolutions. University of Chicago Press, Chicago (1996)

    CrossRef  Google Scholar 

  13. National Research Council, Strengthening Forensic Science in the United States: A Path Forward. National Academies Press, Washington, DC (2009)

    Google Scholar 

  14. Oberdan, T.: Moritz schlick. In: Zalta, E. (ed.) The Stanford Encyclopedia of Philosophy. The Metaphysics Lab, Center for the Study of Language and Information, Stanford University, Stanford, California (2013).

  15. Olivier, M.: On metadata context in database forensics. Digital Investigation 5(3–4), 115–123 (2009)

    CrossRef  Google Scholar 

  16. Olivier, M.: On complex crimes and digital forensics. In: Kayem, A., Meinel, C. (eds.) Information Security in Diverse Computing Environments. IGI Global, Hershey, pp. 230–244 (2014)

    Google Scholar 

  17. Olivier, M.: Towards a digital forensic science. In: Venter, H., Loock, M., Coetzee, M., Eloff, M., Flowerday, S. (eds.) Information Security for South Africa. IEEE Press, Danvers (2015)

    Google Scholar 

  18. Oyelami, O., Olivier, M.: Using yin’s approach to case studies as a paradigm for conducting examinations. In: Peterson, G., Shenoi, S. (eds.) DigitalForensics 2015. IAICT, vol. 462, pp. 45–59. Springer, Heidelberg (2015). doi:10.1007/978-3-319-24123-4_3

    CrossRef  Google Scholar 

  19. Scientific Working Group on Digital Evidence, Digital and Multimedia Evidence (Digital Forensics) as a Forensic Science Discipline, Version 2.0 (2014)

    Google Scholar 

  20. Tal, E.: Measurement in science. In: Zalta, E. (ed.) The Stanford Encyclopedia of Philosophy. The Metaphysics Lab, Center for the Study of Language and Information, Stanford University, Stanford, California (2015).

  21. Tewelde, S., Gruner, S., Olivier, M.: Notions of hypothesis in digital forensics. In: Peterson, G., Shenoi, S. (eds.) DigitalForensics 2015. IAICT, vol. 462, pp. 29–43. Springer, Heidelberg (2015). doi:10.1007/978-3-319-24123-4_2

    CrossRef  Google Scholar 

  22. Turvey, B.: Forensic Fraud: Evaluating Law Enforcement and Forensic Science Cultures in the Context of Examiner Misconduct. Academic Press, Waltham (2013)

    Google Scholar 

  23. Wittgenstein, L.: Tractatus Logico-Philosophicus. Routledge, Abingdon (2001)

    MATH  Google Scholar 

Download references

Author information

Authors and Affiliations


Corresponding author

Correspondence to Martin Olivier .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2016 IFIP International Federation for Information Processing

About this paper

Cite this paper

Olivier, M. (2016). On a Scientific Theory of Digital Forensics. In: Peterson, G., Shenoi, S. (eds) Advances in Digital Forensics XII. DigitalForensics 2016. IFIP Advances in Information and Communication Technology, vol 484. Springer, Cham.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-46278-3

  • Online ISBN: 978-3-319-46279-0

  • eBook Packages: Computer ScienceComputer Science (R0)