Weaving ontologies to support digital forensic analysis

Numerous challenges currently face digital forensic analysis. Although a variety of techniques and tools exist to assist with the analysis of digital evidence, they inadequately address key problems. We consider the applicability and usefulness of weaving ontologies to address some of these problems. We introduce an ontological approach leading to future development of an automated digital forensic analysis tool.

[1]  Simson L. Garfinkel,et al.  Forensic Corpora: a Challenge for Forensic Research 1 Computer Forensics and Today's Forensic Tools , 2007 .

[2]  George M. Mohay,et al.  Generalising Event Forensics Across Multiple Domains , 2004, Australian Computer, Network & Information Forensics Conference.

[3]  Eugene H. Spafford,et al.  A hypothesis-based approach to digital forensic investigations , 2006 .

[4]  Frédéric Jouault,et al.  Model Transformation and Weaving in the AMMA Platform , 2005 .

[5]  Matthew Meyers,et al.  Computer Forensics: The Need for Standardization and Certification , 2004, Int. J. Digit. EVid..

[6]  Fernando Silva Parreiras,et al.  Report on the Combined Metamodel , 2008 .

[7]  Vassil Roussev,et al.  Digital Forensic Tools: The Next Generation , 2006 .

[8]  Jeffrey C. Carver,et al.  Support for Computer Forensics Examination Planning with Domain Modeling: A Report of One Experiment Trial , 2007, 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07).

[9]  Ricci S. C. Ieong,et al.  FORZA - Digital forensics investigation framework that incorporate legal issues , 2006, Digit. Investig..

[10]  Keith Marzullo,et al.  Principles-driven forensic analysis , 2005, NSPW '05.

[11]  Doris L. Carver,et al.  Towards Combining Ontologies and Model Weaving for the Evolution of Requirements Models , 2007, Monterey Workshop.

[12]  David Chaikin,et al.  Network investigations of cyber attacks: the limits of digital evidence , 2007 .

[13]  Marcus K. Rogers,et al.  Digital Forensics: Meeting the Challenges of Scientific Evidence , 2005, IFIP Int. Conf. Digital Forensics.

[14]  The Common Digital Evidence Storage Format Working Standardizing digital evidence storage , 2006, CACM.

[15]  Esperanza Marcos,et al.  Using weaving models to automate model-driven web engineering proposals , 2010, Int. J. Comput. Appl. Technol..

[16]  Michael W. Andrew Defining a Process Model for Forensic Analysis of Digital Devices and Storage Media , 2007, Second International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'07).

[17]  Henrik Eriksson,et al.  The evolution of Protégé: an environment for knowledge-based systems development , 2003, Int. J. Hum. Comput. Stud..