Managing digital forensic knowledge an applied approach

The science of digital forensics is continually changing as technological advances are made and new digital devices are developed. This environment forces analysts to regularly extend their skills with training and frequent research to develop new and admissible techniques. Unfortunately, the same and similar methods are re-discovered by other analysts who are unaware of earlier peer efforts. The situation is aggravated by a nearly universal backlog in qualified digital forensics facilities. This leaves little time for communication between analysts even within a single agency. To address these issues and facilitate an increase in efficiency across all law enforcement agencies, we apply the lessons of knowledge management to digital forensics and extend them with special characteristics required by the law enforcement profession. The result is the development of the National Repository of Digital Forensic Intelligence. This system has been implemented in the largest accredited digital forensics lab in the world and is currently being extended to many other local, state, and federal agencies to increase effectiveness and efficiency among analysts.

[1]  Mark Weiser,et al.  Development of a National Repository of Digital Forensic Intelligence , 2006, J. Digit. Forensics Secur. Law.

[2]  Aurora Vizcaíno,et al.  A Multi-agent Model to Develop Knowledge Management Systems , 2007, 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07).

[3]  Warren Harrison,et al.  A Lessons Learned Repository for Computer Forensics , 2002, Int. J. Digit. EVid..

[4]  Bruce T. Lamont,et al.  Knowledge management systems and developing sustainable competitive advantage , 2003, J. Knowl. Manag..

[5]  Suliman Al-Hawamdeh,et al.  Knowledge management in the public sector: principles and practices in police work , 2001, J. Inf. Sci..

[6]  Clayton Lewis,et al.  Making usable, useful, productivity-enhancing computer applications , 1991, CACM.

[7]  Ann Majchrzak,et al.  Developing Individuals' Transactive Memories of Their Ego-Centric Networks to Mitigate Risks of Knowledge Sharing: The Case of Professionals Protecting CyberSecurity , 2005, ICIS.

[8]  Roslin V. Hauck COPLINK: Exploring Usability of a Multimedia Database Application for Law Enforcement , 1999 .

[9]  Paul Jen-Hwa Hu,et al.  Technology Implementation Management in Law Enforcement , 2003, DG.O.

[10]  Judith Jordan,et al.  Knowledge orientations and team effectiveness , 1998 .

[11]  Samer Faraj,et al.  Why Should I Share? Examining Social Capital and Knowledge Contribution in Electronic Networks of Practice , 2005, MIS Q..

[12]  Hsinchun Chen,et al.  Coplink: a case of intelligent analysis and knowledge management , 1999, ICIS.

[13]  Hsinchun Chen,et al.  COPLINK Center: Information and Knowledge Management for Law Enforcement , 2004, DG.O.

[14]  Morten T. Hansen,et al.  Introducing T-shaped managers. Knowledge management's next generation. , 2001, Harvard business review.

[15]  Paul Jen-Hwa Hu,et al.  User acceptance of Intelligence and Security Informatics technology: A study of COPLINK , 2005, J. Assoc. Inf. Sci. Technol..

[16]  Amrit Tiwana,et al.  The Knowledge Management Toolkit: Practical Techniques for Building a Knowledge Management System with Cdrom , 1999 .

[17]  Wynne W. Chin,et al.  Extending the technology acceptance model: the influence of perceived user resources , 2001, DATB.

[18]  Kieran Mathieson,et al.  Predicting User Intentions: Comparing the Technology Acceptance Model with the Theory of Planned Behavior , 1991, Inf. Syst. Res..

[19]  Michael G. Morris,et al.  User Acceptance of Information Technology: Theories and Models , 1996 .

[20]  Robert W. Zmud,et al.  Behavioral Intention Formation in Knowledge Sharing: Examining the Roles of Extrinsic Motivators, Social-Psychological Factors, and Organizational Climate , 2005, MIS Q..

[21]  Y. Malhotra Why Knowledge Management Systems Fail: Enablers and Constraints of Knowledge Management in Human Enterprises , 2004 .

[22]  Fred D. Davis,et al.  A Theoretical Extension of the Technology Acceptance Model: Four Longitudinal Field Studies , 2000, Management Science.

[23]  Thomas H. Davenport,et al.  Book review:Working knowledge: How organizations manage what they know. Thomas H. Davenport and Laurence Prusak. Harvard Business School Press, 1998. $29.95US. ISBN 0‐87584‐655‐6 , 1998 .