Abstract
There is an escalating perception in some quarters that the conclusions drawn from digital evidence are the subjective views of individuals and have limited scientific justification. This paper attempts to address this problem by presenting a formal model for reasoning about digital evidence. A Bayesian network is used to quantify the evidential strengths of hypotheses and, thus, enhance the reliability and traceability of the results produced by digital forensic investigations. The validity of the model is tested using a real court case. The test uses objective probability assignments obtained by aggregating the responses of experienced law enforcement agents and analysts. The results confirmed the guilty verdict in the court case with a probability value of 92.7%.
Chapter PDF
Similar content being viewed by others
References
C. Aitken and F. Taroni, Statistics and the Evaluation of Evidence for Forensic Scientists, John Wiley and Sons, New York, 2004.
V. Baryamureeba and F. Tushabe, The enhanced digital investigation process model, Proceedings of the Fourth Digital Forensic Research Workshop, 2004.
S. Ciardhuain, An extended model of cybercrime investigations, International Journal of Digital Evidence, vol. 3(1), 2004.
R. Cook, I. Evett, G. Jackson, P. Jones and J. Lambert, A model for case assessment and interpretation, Science and Justice, vol. 38, pp. 151-156, 1998.
R. Cowell, Introduction to inference for Bayesian networks, Proceedings of the NATO Advanced Study Institute on Learning in Graphical Models, pp. 9-26, 1998.
P. Good, Applying Statistics in the Courtroom: A New Approach for Attorneys and Expert Witnesses, Chapman and Hall/CRC Press, Boca Raton, Florida, 2001.
International Association of Computer Investigative Specialists, Forensic procedures, Fairmont, West Virginia (www.cops.org/forensicprocedures), 2007.
International Organization on Computer Evidence, International principles for computer evidence, Forensic Science Communications, vol. 2(2), 2000.
J. Jones, Y. Xiang and S. Joseph, Bayesian probabilistic reasoning in design, Proceedings of the IEEE Pacific Rim Conference on Communications, Computers and Signal Processing, pp. 501-504, 1993.
K. Kent, S. Chevalier, T. Grance and H. Dang, Guide to Integrat- ing Forensic Techniques into Incident Response, Special Publication 800-86, National Institute of Standards and Technology, Gaithersburg, Maryland, 2006.
J. Keppens and J. Zeleznikow, A model based reasoning approach for generating plausible crime scenarios from evidence, Proceedings of the Ninth International Conference on Artificial Intelligence and Law, pp. 51-59, 2003.
R. Loui, J. Norman, J. Altepeter, D. Pinkard, D. Craven, J. Linsday and M. Foltz, Progress on Room 5: A testbed for public interactive semi-formal legal argumentation, Proceedings of the Sixth Interna- tional Conference on Artificial Intelligence and Law, pp. 207-214, 1997.
Magistrates’ Court at Tuen Mun, Hong Kong Special Administra- tive Region v. Chan Nai Ming, TMCC 1268/2005, Hong Kong, China (www.hklii.hk/hk/jud/en/hksc/2005/TMCC001268A2005.html), 2005.
Microsoft Research, MSBNx: Bayesian Network Editor and Tool Kit, Microsoft Corporation, Redmond, Washington (research.micro soft.com/adapt/MSBNx).
J. Mortera, A. Dawid and S. Lauritzen, Probabilistic expert sys- tems for DNA mixture profiling, Theoretical Population Biology, vol. 63(3), pp. 191-206, 2003.
J. Pearl, Probabilistic Reasoning in Intelligent Systems: Networks of Plausible Inference, Morgan Kaufmann, San Mateo, California, 1988.
S. Peisert, M. Bishop, S. Karin, M. Bishop and K. Marzullo, Principles-driven forensic analysis, Proceedings of the New Security Paradigms Workshop, pp. 85-93, 2005.
D. Poole, Probabilistic Horn abduction and Bayesian networks, Artificial Intelligence, vol. 64(1), pp. 81-129, 1993.
H. Prakken, C. Reed and D. Walton, Argumentation schemes and generalizations in reasoning about evidence, Proceedings of the Ninth International Conference on Artificial Intelligence and Law, pp. 32-41, 2003.
D. Walton, Argumentation and theory of evidence, in New Trends in Criminal Investigation and Evidence - Volume II, C. Breur, M. Kommer, J. Nijboer and J. Reijntjes (Eds.), Intersentia, Antwerp, Belgium, pp. 711-732, 2000.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 IFIP International Federation for Information Processing
About this paper
Cite this paper
Kwan, M., Chow, KP., Law, F., Lai, P. (2008). Reasoning About Evidence Using Bayesian Networks. In: Ray, I., Shenoi, S. (eds) Advances in Digital Forensics IV. DigitalForensics 2008. IFIP — The International Federation for Information Processing, vol 285. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-84927-0_22
Download citation
DOI: https://doi.org/10.1007/978-0-387-84927-0_22
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-84926-3
Online ISBN: 978-0-387-84927-0
eBook Packages: Computer ScienceComputer Science (R0)