With the rapid advancements in information and communication technology in the world, crimes committed are becoming technically intensive. When crimes committed use digital devices, forensic examiners have to adopt practical frameworks and methods to recover data for analysis which can pose as evidence. Data Generation, Data Warehousing and Data Mining, are the three essential features involved in the investigation process. This paper proposes a unique way of generating, storing and analyzing data, retrieved from digital devices which pose as evidence in forensic analysis. A statistical approach is used in validating the reliability of the pre-processed data. This work proposes a practical framework for digital forensics on flash drives.

Download PDF

References

1. Robert Rowlingson, “A Ten Step Approach for Forensic Readiness,” International Journal of Digital Evidence, vol. 2, issue 3, 2004.
2. Gary Palmer, “A Road Map for Digital Forensic Research,” DFRWS Technical Report, Available:http://www.dfrws.org/2001/dfrwsrmfinal. pdf, 2001.
3. Kara Nance, Brian Hay and Matt Bishop, “Digital Forensics: Defining a Research Agenda,” Proceedings of the Forty Second Hawaii International Conference on System Sciences, pp. 1-6, 2009.
4. M. Pollitt, “Computer Forensics: An Approach to Evidence in Cyberspace”,Proceedings of the National Information Systems Security Conference, Baltimore, pp. 487-491, 1995.
5. M. Reith, C. Carr and G. Gunsch, “An Examination of Digital Forensic Models,” International Journal Digital Evidence, vol. 1, no. 3, 2002.
6. M. Kohn, J. Eloff, and M. Oliver, “Framework for a Digital Forensic Investigation,” Proceedings of Information Security South Africa from Insight to Foresight Conference, South Afrika, 2006.
7. F. C. Freiling, and B. Schwittay, “A Common Process Model for Incident Response and Computer Forensics,” Proceedings of Conference on IT Incident Management and IT Forensics, Germany, 2007.
8. Mohd Taufik Abdullah, Ramlan Mahmod, Abdul A. A. Ghani, Mohd A Zain and Abu Bakar Md S, “Advances in Computer Forensics,” International Journal Of Computer Science and Network Security, vol. 8, no. 2, February 2008.
9. Wayne Jansen and Rick Ayers, “Forensic Software Tools for Cell Phone Subscriber Identity Modules,” Conference on Digital Forensics, Security and Law, 2006.
10. Christopher V. Marsico and Marcus K. Rogers, “iPod Forensics,” International Journal Of Digital Evidence, vol. 4, issue 2, Fall 2005.
11. Nitin Khanna, K. Aravind, Mikkilineni, Antony F. Martone, Gazi N. Ali, et al, “A Survey ofForensic Characterization Methods for Physical Devices,” Digital Forensic Research Workshop, 2006.
12. Brian Carrier and Eugene H. Spafford, “Getting Physical with Digital Investigation Process,” International Journal of Digital Evidence, vol. 3, issue 2, Fall 2003.
13. Siti Rahayu Selamat, Robiah Yusof and Shahrin Sahib, “Mapping Process of Digital Forensic Investigation Framework,” International Journal of Computer Science and Network Security, vol. 8, no. 10, October 2008.
14. B. D. Carrier, “A Hypothesis-Based Approach to Digital Forensic Investigations,” CERIAS Tech Report 2005-06, Purdue University, Center for Education and Research in Information Assurance and Security, West Lafayette, 2006.
15. Mark Rogers, J. Goldman, R. Mislan, T. Wedge, and S. Debrota, “Computer Forensics FieldTriage Process Model,” Proc. Of Conference on Digital Forensics, Security and Law, pp. 27-40, 2006.

Back