Towards a Formalization of Digital Forensics

  • Jill Slay
  • Yi-Chi Lin
  • Benjamin Turnbull
  • Jason Beckett
  • Paul Lin
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 306)


While some individuals have referred to digital forensics as an art, the literature of the discipline suggests a trend toward the formalization of digital forensics as a forensic science. Questions about the quality of digital evidence and forensic soundness continue to be raised by researchers and practitioners in order to ensure the trustworthiness of digital evidence and its value to the courts. This paper reviews the development of digital forensic models, procedures and standards to lay a foundation for the discipline. It also points to new work that provides validation models through a complete mapping of the discipline.


Digital forensic models standards validation 


  1. 1.
    J. Bates, Fundamentals of computer forensics, Information Security Technical Report, vol. 3(4), pp. 75–78, 1998.CrossRefGoogle Scholar
  2. 2.
    J. Beckett and J. Slay, Digital forensics: Validation and verification in a dynamic work environment, Proceedings of the Fortieth Annual Hawaii International Conference on System Sciences, p. 266, 2007.Google Scholar
  3. 3.
    B. Carrier and E. Spafford, Getting physical with the digital investigation process, International Journal of Digital Evidence, vol. 2(2), 2003.Google Scholar
  4. 4.
    V. Civie and R. Civie, Future technologies from trends in computer forensic science, Proceedings of the IEEE Information Technology Conference, pp.105–108, 1998.Google Scholar
  5. 5.
    Electronic Evidence Specialist Advisory Group, Electronic Evidence Specialist Advisory Group Workshop, National Institute of Forensic Science, Melbourne, Australia, 2006.Google Scholar
  6. 6.
    D. Forte, Principles of digital evidence collection, Network Security, no. 12, pp. 6–7, 2003.CrossRefGoogle Scholar
  7. 7.
    A. Lin, I. Lin, T. Lan and T. Wu, Establishment of the standard operating procedure for gathering digital evidence, Proceedings of the First International Workshop on Systematic Approaches to Digital Forensic Engineering, pp. 56–65, 2005.Google Scholar
  8. 8.
    I. Lin, T. Lan and J. Wu, A research of information and communication security forensic mechanisms in Taiwan, Proceedings of the Thirty-Seventh International Carnahan Conference on Security Technology, pp. 23–29, 2003.Google Scholar
  9. 9.
    I. Lin, H. Yang, G. Gu and A. Lin, A study of information and communication security forensic technology capability in Taiwan, Proceedings of the Thirty-Seventh International Carnahan Conference on Security Technology, pp. 386–393, 2003.Google Scholar
  10. 10.
    R. McKemmish, What is forensic computing? Trends and Issues in Crime and Criminal Justice, no. 118 ( /tandi/ti118.pdf), 2002.Google Scholar
  11. 11.
    M. Meyers and M. Rogers, Computer forensics: The need for standardization and certification, International Journal of Digital Evidence, vol. 3(2), 2004.Google Scholar
  12. 12.
    G. Mohay, A. Anderson, B. Collie, O. de Vel and R. McKemmish, Computer and Intrusion Forensics, Artech House, Norwood, Massachusetts, 2003.Google Scholar
  13. 13.
    G. Palmer, A road map for digital forensic research, Proceedings of the 2001 Digital Forensic Research Workshop, 2001.Google Scholar
  14. 14.
    L. Pan and L. Batten, Reproducibility of digital evidence in forensic investigations, Proceedings of the 2005 Digital Forensic Research Workshop, 2005.Google Scholar
  15. 15.
    M. Pollitt, Computer forensics: An approach to evidence in cyberspace, Proceedings of the Eighteenth National Information Systems Security Conference, pp. 487–491, 1995.Google Scholar
  16. 16.
    M. Pollitt, Principles, practices and procedures: An approach to standards in computer forensics, Proceedings of the Second International Conference on Computer Evidence, pp. 10–15, 1995.Google Scholar
  17. 17.
    M. Pollitt, Digital orange juice, Journal of Digital Forensic Practice, vol. 2(1), pp. 54–56, 2008.CrossRefGoogle Scholar
  18. 18.
    M. Reith, C. Carr and G. Gunsch, An examination of digital forensic models, International Journal of Digital Evidence, vol. 1(3), 2002.Google Scholar
  19. 19.
    M. Solon and P. Harper, Preparing evidence for court, Digital Investigation, vol. 1(4), pp. 279–283, 2004.CrossRefGoogle Scholar
  20. 20.
    P. Stephenson, Modeling of post-incident root cause analysis, International Journal of Digital Evidence, vol. 2(2), 2003.Google Scholar
  21. 21.
    K. Waggoner (Ed.), Crime scene search, in Handbook of Forensic Services, Federal Bureau of Investigation, Quantico, Virginia, pp. 171–184, 2007.Google Scholar
  22. 22.
    A. Yasinsac, R. Erbacher, D. Marks, M. Pollitt and P. Sommer, Computer forensics education, IEEE Security and Privacy, vol. 1(4), pp. 15–23, 2003.CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2009

Authors and Affiliations

  • Jill Slay
  • Yi-Chi Lin
  • Benjamin Turnbull
  • Jason Beckett
  • Paul Lin

There are no affiliations available

Personalised recommendations