Inproceedings
Evaluation of Digital Forensic Process Models with Respect to Digital Forensics as a Service
Contribution Summary
This paper presents an evaluation of digital forensic process models in the context of Digital Forensics as a Service (DFaaS). The authors discuss the evolution of digital forensic process models, analyzing their characteristics and reviewing the current literature on DFaaS. The study aims to assess the applicability of existing process models to a cloud-based evidence processing paradigm, highlighting the benefits of DFaaS, including increased efficiency, cost savings, and improved resource management. The authors also discuss the advantages of migrating to a DFaaS processing model, including the availability of up-to-date software resources, pooled hardware resources, and flexible location and time. The paper contributes to the development of a standardized framework for digital forensic investigation, addressing the increasing complexity of digital devices and storage formats. The study provides insights into the potential of DFaaS to expedite the investigative process and reduce costs, making it a valuable resource for digital forensic experts and law enforcement personnel.
Keywords: Digital Forensics as a Service; Digital Forensics; Process Models; Cloud Computing; Digital Forensic Investigation; Cloud-based Evidence Processing; Digital Forensic Process Models; Digital Forensic Frameworks
Abstract
Digital forensic science is very much still in its infancy, but is becoming increasingly invaluable to investigators. A popular area for research is seeking a standard methodology to make the digital forensic process accurate, robust, and efficient. The first digital forensic process model proposed contains four steps: Acquisition, Identification, Evaluation and Admission. Since then, numerous process models have been proposed to explain the steps of identifying, acquiring, analysing, storage, and reporting on the evidence obtained from various digital devices. In recent years, an increasing number of more sophisticated process models have been proposed. These models attempt to speed up the entire investigative process or solve various of problems commonly encountered in the forensic investigation. In the last decade, cloud computing has emerged as a disruptive technological concept, and most leading enterprises such as IBM, Amazon, Google, and Microsoft have set up their own cloud-based services. In the field of digital forensic investigation, moving to a cloud-based evidence processing model would be extremely beneficial and preliminary attempts have been made in its implementation. Moving towards a Digital Forensics as a Service model would not only expedite the investigative process, but can also result in significant cost savings - freeing up digital forensic experts and law enforcement personnel to progress their caseload. This paper aims to evaluate the applicability of existing digital forensic process models and analyse how each of these might apply to a cloud-based evidence processing paradigm.
BibTeX
@inproceedings{du2017processmodelsdfaas,
author={Du, Xiaoyu and Le-Khac, Nhien-An and Scanlon, Mark},
title="{Evaluation of Digital Forensic Process Models with Respect to Digital Forensics as a Service}",
booktitle="{Proceedings of the 16th European Conference on Cyber Warfare and Security (ECCWS 2017)}",
year=2017,
month=06,
address={Dublin, Ireland},
publisher={ACPI},
pages="573-581",
abstract="Digital forensic science is very much still in its infancy, but is becoming increasingly invaluable to investigators. A popular area for research is seeking a standard methodology to make the digital forensic process accurate, robust, and efficient. The first digital forensic process model proposed contains four steps: Acquisition, Identification, Evaluation and Admission. Since then, numerous process models have been proposed to explain the steps of identifying, acquiring, analysing, storage, and reporting on the evidence obtained from various digital devices. In recent years, an increasing number of more sophisticated process models have been proposed. These models attempt to speed up the entire investigative process or solve various of problems commonly encountered in the forensic investigation. In the last decade, cloud computing has emerged as a disruptive technological concept, and most leading enterprises such as IBM, Amazon, Google, and Microsoft have set up their own cloud-based services. In the field of digital forensic investigation, moving to a cloud-based evidence processing model would be extremely beneficial and preliminary attempts have been made in its implementation. Moving towards a Digital Forensics as a Service model would not only expedite the investigative process, but can also result in significant cost savings – freeing up digital forensic experts and law enforcement personnel to progress their caseload. This paper aims to evaluate the applicability of existing digital forensic process models and analyse how each of these might apply to a cloud-based evidence processing paradigm."
}