A Case Based Reasoning Framework for Improving the Trustworthiness of Digital Forensic Investigations

A novel concept for improving the trustworthiness of results obtained from digital investigations is presented. Case Based Reasoning Forensic Auditor (CBR-FA) is a method by which results from previous digital forensic examinations are stored and reused to audit current digital forensic investigations. CBR-FA provides a method for evaluating digital forensic investigations in order to provide a practitioner with a level of reassurance that evidence that is relevant to their case has not been missed. The structure of CBR-FA is discussed as are the methodologies it incorporates as part of its auditing functionality.

[1]  Andrew Sheldon The future of forensic computing , 2005, Digit. Investig..

[2]  Jeroen Keppens,et al.  Knowledge based crime scenario modelling , 2006, Expert Syst. Appl..

[3]  Y. Dudai How big is human memory, or on being just useful enough. , 1997, Learning & memory.

[4]  Greg Gogolin The Digital Crime Tsunami , 2010, Digit. Investig..

[5]  Patrick J. Hayes,et al.  Knowledge Sharing and Reuse in Digital Forensics , 2010, 2010 Fifth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering.

[6]  Karsten P. Ulland,et al.  Vii. References , 2022 .

[7]  Roy Rada,et al.  Standards: free or sold? , 1995, CACM.

[8]  Chris R. Chatwin,et al.  A framework for post-event timeline reconstruction using neural networks , 2007, Digit. Investig..

[9]  Barry Smyth,et al.  Collaborative Case-Based Reasoning: Applications in Personalised Route Planning , 2001, ICCBR.

[10]  Ian D. Watson,et al.  An Introduction to Case-Based Reasoning , 1995, UK Workshop on Case-Based Reasoning.

[11]  Ruibin Gong,et al.  Case-Relevance Information Investigation: Binding Computer Intelligence to the Current Computer Forensic Framework , 2005, Int. J. Digit. EVid..

[12]  Barry Smyth,et al.  Retrieval, reuse, revision and retention in case-based reasoning , 2005, The Knowledge Engineering Review.

[13]  Jan H. P. Eloff,et al.  Considerations Towards a Cyber Crime Profiling System , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[14]  Mattia Monga,et al.  How to Reuse Knowledge about Forensic Investigations , 2004 .

[15]  Edward R. Gardner Applying ISO 9000 principles when auditing , 1997 .

[16]  P Margot,et al.  Case based reasoning in criminal intelligence using forensic case data. , 2003, Science & justice : journal of the Forensic Science Society.

[17]  Fritz H. Grupe,et al.  A Case-Based Approach to the Evaluation of New Audit Clients , 2007, J. Comput. Inf. Syst..

[18]  Simson L. Garfinkel,et al.  Digital forensics research: The next 10 years , 2010, Digit. Investig..

[19]  Padraig Cunningham,et al.  Hierarchical Case-Based Reasoning Integrating Case-Based and Decompositional Problem-Solving Techniques for Plant-Control Software Design , 2001, IEEE Trans. Knowl. Data Eng..

[20]  Christer Carlsson,et al.  Past, present, and future of decision support technology , 2002, Decis. Support Syst..

[21]  David H. Kaye,et al.  The Report of the Expert Working Group on Human Factors in Latent Print Analysis -- Latent Print Examination and Human Factors: Improving the Practice through a Systems Approach , 2012 .

[22]  Padraig Cunningham,et al.  Déjà Vu: A Hierarchical Case-Based Reasoning System for Software Design , 1992, ECAI.

[23]  Li D. Xu Developing a case-based knowledge system for AIDS prevention , 1994 .

[24]  Danielle R.M. Timmermans,et al.  The impact of task complexity on information use in multi‐attribute decision making , 1993 .

[25]  Agnar Aamodt,et al.  Case-Based Reasoning: Foundational Issues, Methodological Variations, and System Approaches , 1994, AI Commun..

[26]  S. Jamil,et al.  Auditing is key , 2010, IEEE Industry Applications Magazine.

[27]  Ingoo Han,et al.  CRAS‐CBR: Internal control risk assessment system using case‐based reasoning , 2004, Expert Syst. J. Knowl. Eng..

[28]  Patrick Maher,et al.  Bayesian probability , 2009, Synthese.