Abstract
The Comprehensive Digital Forensic Investigation Process Model (the CDFIPM), presented in Montasari (IJESDF 8(4)285–301, 2016), provides guidelines for carrying out digital investigations in the UK jurisdiction in a forensically sound manner. The CDFIPM is comprehensive in that it covers the entire digital forensic investigative process; it is generic such that it can be applied in the three fields of law enforcement, incident response and commerce. The model is also formal in that it synthesises, harmonises and extends the existing digital forensic investigation process models. The CDFIPM also needs to be subjected to an evaluation process in order to determine ‘whether the model has been built right’ and ‘whether the right model has been built’. To this end, the CDFIPM is applied to a case study in this paper to determine whether the model meets the two components of ‘utility’ and ‘usability’.
The original version of this chapter was revised. An erratum to this chapter can be found at DOI 10.1007/978-3-319-60137-3_18
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
ACPO. (2012). ACPO good practice guide for digital evidence. U.K. Association of Chief Police Officers.
Adams, L., & Courtney, J. (2004). Achieving relevance in IS research via the DAGS framework. 37th Hawaii International Conference on System Sciences (pp. 1–10). Big Island, HI, USA.
Adams, R. (2012). The Advanced Data Acquisition Model (ADAM): A process model for digital forensic practice. PhD thesis. Murdoch University.
Adams, R., Hobbs, V., & Mann, G. (2014). The advanced data acquisition model (ADAM): A process model for digital forensic practice. Journal of Digital Forensics, Security and Law, 8(4), 25–48.
Agarwal, A., Gupta, M., Gupta, S., & Gupta, C. (2011). Systematic digital forensic investigation model. International Journal of Computer Science and Security, 5(1), 118–130.
Archer, L. (1984). Systematic method for designers. London: Wiley.
Armstrong, C., & Armstrong, H. (2010). Modeling forensic evidence systems using design science. IFIP WG International Working Conference (pp. 282–300).
Balci, O. (2004). Quality assessment, verification, and validation of modeling and simulation applications. Proceedings of the 2004 Winter Simulation Conference (pp. 1–8). Washington DC.
Beebe, N., & Clark, J. (2005). A hierarchical, objectives-based framework for the digital investigations process. Digital Investigation, 2(2), 147–167.
Carlton, H., & Worthley, R. (2009). An evaluation of agreement and conflict among computer forensic experts. 42nd Hawaii International Conference on System Sciences (pp. 1–10). Washington DC.
Carrier, B., & Spafford, E. (2003). Getting physical with the digital investigation process. International Journal of Digital Evidence, 2(2), 1–20.
Casey, E. (2011). Digital evidence and computer crime: Forensic science, computers and the internet (3rd ed.). New York: Elsevier Academic Press.
Ciardhuáin, O. (2004). An extended model of cybercrime investigations. International Journal of Digital Evidence, 3(1), 1–22.
Cohen, F. (2011). Putting the science in digital forensics. Journal of Digital Forensics, Security and Law, 6(1), 7–14.
Cohen, F. (2012). Update on the state of the science of digital evidence examination. Proceedings of the Conference on Digital Forensics, Security, and Law (pp. 7–18). Richmond, USA.
Eekels, J., & Roozenburg, N. (1991). A methodological comparison of the structures of scientific research and engineering design: Their similarities and differences. Design Studies, 12(4), 197–203.
Freiling, C., & Schwittay, B. (2007). A common process model for incident response and computer forensics. 3rd International Conference on IT-Incident Management & IT-Forensics (pp. 19–40). Stuttgart, Germany.
Garfinkel, S., Farrell, P., Roussev, V., & Dinolt, G. (2009). Bringing science to digital forensics with standardized forensic corpora. Digital Investigation, 6, 2–11.
Hevner, A., & Chatterjee, S. (2010). Design research in information systems. New York: Springer.
Hevner, A., March, S., Park, J., & Ram, S. (2004). Design science in information systems research. MIS Quarterly, 28(1), 75–105.
International Organisation for Standardization. (2012). ISO/IEC 27037:2012. Information technology–Security techniques–Guidelines for identification, collection, acquisition and preservation of digital evidence. Geneva: International Organization for Standardization.
Kessler, C. (2010). Judges’ awareness, understanding, and application of digital evidence. PhD thesis, Nova Southeastern University.
Kohn, M., Eloff, M., & Eloff, J. (2013). Integrated digital forensic process model. Computers & Security, 38, 103–115.
Kuechler, B., & Vaishnavi, V. (2008). On theory development in design science research: anatomy of a research project. European Journal of Information Systems, 17(5), 489–504.
Leigland, L., & Krings, A. (2004). A formalization of digital forensics. International Journal of Digital Evidence, 3(2), 1–32.
March, S., & Smith, G. (1995). Design and natural science research on information technology. Decision Support Systems, 15(4), 251–266.
March, S., & Storey, V. (2008). Design science in the information systems discipline: An introduction to the special issue on design science research. MIS Quarterly, 32(4), 725–730.
Mason, S. (2007). Electronic evidence: Disclosure, discovery and admissibility. London: LexisNexis Butterworths.
Montasari, R., & Peltola, P. (2015). Computer forensic analysis of private browsing modes. In Proceedings of 10th international conference on global security, safety and sustainability: Tomorrow's challenges of cyber security (pp. 96–109). London: Springer International Publishing.
Montasari, R. (2016). An Ad Hoc detailed review of digital forensic investigation process models. International Journal of Electronic Security and Digital Forensics, 8(3), 203–223.
Montasari, R. (2016). A comprehensive digital forensic investigation process model. International Journal of Electronic Security and Digital Forensics (IJESDF), 8(4), 285–301.
Nunamaker, J., Chen, M., & Purdin, T. (1990). Systems development in information systems research. Journal of Management Information Systems, 7(3), 89–106.
Peffers, K., Tuunanen, T., Gengler, C., Rossi, M., Hui, W., Virtanen, V. & Bragge, J. (2006). The design science research process: A model for producing and presenting information systems research. 1st International Conference on Design Science Research in Information Systems and Technology (pp. 83–106). USA.
Pollitt, M. (2009). The good, the bad, the unaddressed. Journal of Digital Forensic Practice, 2(4), 172–174.
Reith, M., Carr, C., & Gunsch, G. (2002). An examination of digital forensic models. International Journal of Digital Evidence, 1(3), 1–12.
Rogers, M., Goldman, J., Mislan, R., Wedge, T. & Debrota, S. (2006). Computer forensics field triage process model. Conference on Digital Forensics, Security and Law (pp. 27–40). Las Vegas, USA.
Rossi, M., & Sein, M. (2003). Design research workshop: A proactive research approach. 26th Information Systems Research Seminar in Scandinavia (pp. 9–12). Haikko, Finland.
Rowlingson, R. (2004). A ten step process for forensic readiness. International Journal of Digital Evidence, 2(3), 1–28.
Selamat, S., Yusof, R., & Sahib, S. (2008). Mapping process of digital forensic investigation framework. International Journal of Computer Science and Network Security, 8(10), 163–169.
Sherman, S. (2006). A digital forensic practitioner’s guide to giving evidence in a court of law. Proceedings of the 4th Australian Digital Forensics Conference (pp. 1–7). Perth Western, Australia.
Smith, R., Grabosky, P., & Urbas, G. (2011). Cyber criminals on trial. Cambridge: Cambridge University Press.
Stanfield, A. (2009). Computer forensics, electronic discovery and electronic evidence. Chatswood: LexisNexis Butterworths.
Takeda, H., Veerkamp, P., Tomiyama, T., & Yoshikawa, H. (1990). Modeling design processes. AI Magazine, 11(4), 37–48.
US-CERT. (2012). Computer forensics. U.S. Department of Homeland Security. Available at: https://www.us-cert.gov/security-publications/computer-forensics. Accessed 17 June 2016.
Venter, J. (2006). Process flow for cyber forensics training and operations. Available at: http://researchspace.csir.co.za/dspace/handle/10204/1073. Accessed 17 June 2015.
Valjarevic, A., & Venter, H. (2015). A comprehensive and harmonized digital forensic investigation process model. Journal of Forensic Sciences, 60(6), 1467–1483.
Walls, J., Widmeyer, G., & El Sawy, O. (1992). Building an information system design theory for vigilant EIS. Information Systems Research, 3(1), 36–59.
Watts, S., Shankaranarayanan, G., & Even, A. (2009). Data quality assessment in context: A cognitive perspective. Decision Support Systems, 48(1), 202–211.
Wieringa, R. (2009). Design science as nested problem solving. 4th International Conference on Design Science Research in Information Systems and Technology (pp. 8–19). Philadelphia, USA.
International Organisation for Standardization. (2015). ISO/IEC 27043:2015. Information technology–Security techniques–Incident investigation principles and processes. Geneva: International Organization for Standardization.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this chapter
Cite this chapter
Montasari, R. (2018). Testing the Comprehensive Digital Forensic Investigation Process Model (the CDFIPM). In: Dastbaz, M., Arabnia, H., Akhgar, B. (eds) Technology for Smart Futures. Springer, Cham. https://doi.org/10.1007/978-3-319-60137-3_15
Download citation
DOI: https://doi.org/10.1007/978-3-319-60137-3_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-60136-6
Online ISBN: 978-3-319-60137-3
eBook Packages: EnergyEnergy (R0)