23 May
2019
23 May
'19
7:20 a.m.
Dear all,
We have submitted the paper „Digital Evidence Object Model for Retrieval of Relevant
Information in Digital Forensics Investigation“
Abstract: The aim of a forensic investigation is to identify and preserve evidence,
extract information, document every investigation step, and analyze extracted information
in terms of a set of five variables: Why, When, Where, What, and Who (5W). Digital
forensic investigation is the process of collecting, examining and analyzing digital data
from various places, such as digital devices, networks, big data in the cloud etc. Here we
propose a novel Digital Evidence Object (DEO) model for forensics data reduction in
digital forensic investigation and describe its application. The proposed DEO model is
based on the category theory, and is used for integrating five categories of digital
investigation analysis techniques for digital evidence acquisition. We present a
real-world case study to demonstrate its applicability for assisting computer forensics
expert in the digital evidence investigation process. Our results show that the
application of the DEO model can significantly reduce the number of false positive
evidence objects precented to a forensics exper, thus reducing his/her workload.
This paper is still under evaluation.
If it gets accepted, we will acknowledge SPARTA.
Best,
Algimantas Venčkauskas
Kauno technologijos universitetas