Skip to main content

System Support for Forensic Inference

  • Conference paper
  • 1427 Accesses

Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT,volume 306)

Abstract

Digital evidence is playing an increasingly important role in prosecuting crimes. The reasons are manifold: financially lucrative targets are now connected online, systems are so complex that vulnerabilities abound and strong digital identities are being adopted, making audit trails more useful. If the discoveries of forensic analysts are to hold up to scrutiny in court, they must meet the standard for scientific evidence. Software systems are currently developed without consideration of this fact. This paper argues for the development of a formal framework for constructing “digital artifacts” that can serve as proxies for physical evidence; a system so imbued would facilitate sound digital forensic inference. A case study involving a filesystem augmentation that provides transparent support for forensic inference is described.

Keywords

  • Automated analysis
  • evidence generation
  • intuitionistic logic

References

  1. M. Abadi, On SDSI’s linked local name spaces, Journal of Computer Security, vol. 6(1-2), pp. 3–21, 1998.

    CrossRef  Google Scholar 

  2. V. Bernat, H. Ruess and N. Shankar, First-Order CyberLogic, Technical Report, SRI International, Menlo Park, California (ftp.csl.sri .com/pub/users/shankar/cyberlogic-report.pdf), 2005.

    Google Scholar 

  3. Court of Appeals of the District of Columbia, Frye v. United States, Federal Reporter, vol. 293, pp. 1013–1014, 1924.

    Google Scholar 

  4. GENI Project Office, Global Environment for Network Innovations, BBN Technologies, Cambridge, Massachusetts (www.geni.net).

    Google Scholar 

  5. International Business Machines, Security policy definition, Armonk, New York (www-935.ibm.com/services/us/index.wss/offer ing/gbs/a1002391).

    Google Scholar 

  6. B. Lampson, Protection, ACM Operating Systems Reviews, vol. 8(1), pp. 18–24, 1974.

    CrossRef  Google Scholar 

  7. U. Maurer, Modeling a public key infrastructure, Proceedings of the Fourth European Symposium on Research in Computer Security, pp. 325–350, 1996.

    CrossRef  Google Scholar 

  8. J. Moschovakis, Intuitionistic logic, Stanford Encyclopedia of Philosophy, Metaphysics Research Laboratory, Stanford University, Palo Alto, California (plato.stanford.edu/entries/logic-intuitionistic).

    Google Scholar 

  9. G. Nadathur, A proof procedure for the logic of hereditary Harrop formulas, Journal of Automated Reasoning, vol. 11(1), pp. 115–145, 1993.

    CrossRef  Google Scholar 

  10. W. Quine, The Ways of Paradox, Harvard University Press, Cambridge, Massachusetts, 1962.

    Google Scholar 

  11. M. Reiter and S. Stubblebine, Toward acceptable metrics of authentication, Proceedings of the IEEE Symposium on Security and Privacy, pp. 10–20, 1997.

    Google Scholar 

  12. SourceForge, FUSE: Filesystem in userspace (fuse.sourceforge.net).

    Google Scholar 

  13. Sun Microsystems, Security policy services, Santa Clara, California (www.sun.com/service/security/securitypolicyservices.xml).

    Google Scholar 

  14. Supreme Court of Texas, Merrell Dow Pharmaceuticals, Inc. v. Havner, South Western Reporter, vol. 953(S.W.2d), pp. 706–733, 1998.

    Google Scholar 

  15. Trusted Computing Group, Beaverton, Oregon (www.trustedcomp utinggroup.org).

    Google Scholar 

  16. U.S. Government, Health Insurance Portability and Accountability Act, Public Law 104–191, United States Statutes at Large, vol. 110(3), pp. 1936–2103, 1997.

    Google Scholar 

  17. U.S. Government, Gramm-Leach-Bliley Act, Public Law 106–102, 106th Congress, United States Statutes at Large, vol. 113(2), pp. 1338–1481, 2000.

    Google Scholar 

  18. U.S. Government, Sarbanes-Oxley Act, Public Law 107–204, 107th Congress, United States Statutes at Large, vol. 116(1), pp. 745–810, 2003.

    Google Scholar 

  19. U.S. Supreme Court, Daubert v. Merrell Dow Pharmaceuticals, Inc., United States Reports, vol. 509, pp. 579–601, 1983.

    Google Scholar 

  20. J. van Heijenoort, From Frege to Godel: A Source Book in Mathematical Logic 1879–1931, Harvard University Press, Cambridge, Massachusetts, 1967.

    Google Scholar 

Download references

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2009 IFIP International Federation for Information Processing

About this paper

Cite this paper

Gehani, A., Kirchner, F., Shankar, N. (2009). System Support for Forensic Inference. In: Peterson, G., Shenoi, S. (eds) Advances in Digital Forensics V. DigitalForensics 2009. IFIP Advances in Information and Communication Technology, vol 306. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04155-6_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-04155-6_23

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-04154-9

  • Online ISBN: 978-3-642-04155-6

  • eBook Packages: Computer ScienceComputer Science (R0)