Skip to main content

Digital Forensics as a Big Data Challenge

  • Chapter


Digital Forensics, as a science and part of the forensic sciences, is facing new challenges that may well render established models and practices obsolete. The dimensions of potential digital evidence supports has grown exponentially, be it hard disks in desktop and laptops or solid state memories in mobile devices like smartphones and tablets, even while latency times lag behind. Cloud services are now sources of potential evidence in a vast range of investigations and network traffic also follows a growing trend and in cyber security the necessity of sifting through vast amount of data quickly is now paramount. On a higher level investigations - and intelligence analysis - can profit from sophisticated analysis of such datasets as social network structures, corpora of text to be analysed for authorship and attribution. All of the above highlights the convergence between so-called data science and digital forensics, to tack the fundamental challenge of analyse vast amount of data ("big data") in actionable time while at the same time preserving forensic principles in order for the results to be presented in a court of law. The paper, after introducing digital forensics and data science, explores the challenges above and proceed to propose how techniques and algorithms used in big data analysis can be adapted to the unique context of digital forensics, ranging from the managing of evidence via Map-Reduce to machine learning techniques for triage and analysis of big forensic disk images and network traffic dumps. In the conclusion the paper proposes a model to integrate this new paradigm into established forensic standards and best practices and tries to foresee future trends.


  • Mobile Device
  • Cloud Service
  • Data Science
  • Network Traffic
  • Digital Evidence

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-658-03371-2_17
  • Chapter length: 7 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
USD   59.99
Price excludes VAT (USA)
  • ISBN: 978-3-658-03371-2
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   79.99
Price excludes VAT (USA)


  1. Barreno, M. et al.: “Open Problems in the Security of Learning”. In: D. Balfanz and J. Staddon, eds., AISec, ACM, 2008, p.19-26

    Google Scholar 

  2. FBI: “RCFL Program Annual Report for Fiscal Year 2008”, FBI 2008.

    Google Scholar 

  3. FBI: “RCFL Program Annual Report for Fiscal Year 2010”, FBI 2010.

    Google Scholar 

  4. ISACA: “What Is Big Data and What Does It Have to Do with IT Audit?”, ISACA Journal, 2013, p.23-25

    Google Scholar 

  5. ISO/IEC 27037 International Standard

    Google Scholar 

  6. Khan, M. and Chatwin, C. and Young, R.: “A framework for post-event timeline reconstruction using neural networks” Digital Investigation 4, 2007

    Google Scholar 

  7. Pearson, G.: “A Road Map for Digital Forensic Research”. In: Report from DFRWS 2001, First Digital Forensic Research Workshop, 2001.

    Google Scholar 

  8. Varian, Hal in: The McKinsey Quarterly, Jan 2009

    Google Scholar 

Download references


Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2013 Springer Fachmedien Wiesbaden

About this chapter

Cite this chapter

Guarino, A. (2013). Digital Forensics as a Big Data Challenge. In: Reimer, H., Pohlmann, N., Schneider, W. (eds) ISSE 2013 Securing Electronic Business Processes. Springer Vieweg, Wiesbaden.

Download citation

  • DOI:

  • Publisher Name: Springer Vieweg, Wiesbaden

  • Print ISBN: 978-3-658-03370-5

  • Online ISBN: 978-3-658-03371-2

  • eBook Packages: Computer ScienceComputer Science (R0)