A Method for Reducing the Risk of Errors in Digital Forensic Investigations

Motivated by the concerns expressed by many academics over difficulties facing the digital forensic field, user-contributory case-based reasoning (UCCBR); a method for auditing digital forensic investigations is presented. This auditing methodology is not designed to replace a digital forensic practitioner but to aid their investigation process, acting as a method for reducing the risks of missed or misinterpreted evidence. The structure and functionality of UCCBR is discussed and its potential for implementation within a digital forensic environment.

[1]  Andrew Sheldon The future of forensic computing , 2005, Digit. Investig..

[2]  Graeme Horsman,et al.  A Case Based Reasoning Framework for Improving the Trustworthiness of Digital Forensic Investigations , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[3]  Jeroen Keppens,et al.  Knowledge based crime scenario modelling , 2006, Expert Syst. Appl..

[4]  Marcus K. Rogers,et al.  Computer Forensics Field Triage Process Model , 2006, J. Digit. Forensics Secur. Law.

[5]  Y. Dudai How big is human memory, or on being just useful enough. , 1997, Learning & memory.

[6]  Ewa Huebner,et al.  Computer forensics: past, present and future , 2003, Inf. Secur. Tech. Rep..

[7]  Fritz H. Grupe,et al.  A Case-Based Approach to the Evaluation of New Audit Clients , 2007, J. Comput. Inf. Syst..

[8]  Felix C. Freiling,et al.  A Common Process Model for Incident Response and Computer Forensics , 2007, IMF.

[9]  Robert F. Erbacher Validation for Digital Forensics , 2010, 2010 Seventh International Conference on Information Technology: New Generations.

[10]  Agnar Aamodt,et al.  Case-Based Reasoning: Foundational Issues, Methodological Variations, and System Approaches , 1994, AI Commun..

[11]  S. Jamil,et al.  Auditing is key , 2010, IEEE Industry Applications Magazine.

[12]  Janet L. Kolodner,et al.  An introduction to case-based reasoning , 1992, Artificial Intelligence Review.

[13]  J. Epstein Latent Print Examination and Human Factors: Improving the Practice through a Systems Approach, The Report of the Expert Working Group on Human Factors in Latent Print Analysis , 2012 .

[14]  Stephen Flowerday,et al.  Towards a Standardised Digital Forensic Process: E-mail Forensics , 2010, ISSA.

[15]  Charan Sanrach,et al.  Case-based reasoning system for histopathology diagnosis , 2010, 2010 International Conference on Educational and Information Technology.

[16]  D. Norman Learning and Memory , 1982 .

[17]  Kevin D. Ashley,et al.  Case-based reasoning and law , 2005, The Knowledge Engineering Review.

[18]  Li D. Xu Developing a case-based knowledge system for AIDS prevention , 1994 .

[19]  Daniel Ayers,et al.  A second generation computer forensic analysis system , 2009, Digit. Investig..

[20]  Danielle R.M. Timmermans,et al.  The impact of task complexity on information use in multi‐attribute decision making , 1993 .

[21]  David H. Kaye,et al.  The Report of the Expert Working Group on Human Factors in Latent Print Analysis -- Latent Print Examination and Human Factors: Improving the Practice through a Systems Approach , 2012 .

[22]  Deborah A. Frincke,et al.  Specifying digital forensics: A forensics policy approach , 2007 .

[23]  Golden G. Richard,et al.  Next-generation digital forensics , 2006, CACM.

[24]  Mattia Monga,et al.  How to Reuse Knowledge about Forensic Investigations , 2004 .