Dear all, 

 

We have submitted the paper „Digital Evidence Object Model for Retrieval of Relevant Information in Digital Forensics Investigation“

 

Abstract: The aim of a forensic investigation is to identify and preserve evidence, extract information, document every investigation step, and analyze extracted information in terms of a set of five variables: Why, When, Where, What, and Who (5W). Digital forensic investigation is the process of collecting, examining and analyzing digital data from various places, such as digital devices, networks, big data in the cloud etc. Here we propose a novel Digital Evidence Object (DEO) model for forensics data reduction in digital forensic investigation and describe its application. The proposed DEO model is based on the category theory, and is used for integrating five categories of digital investigation analysis techniques for digital evidence acquisition. We present a real-world case study to demonstrate its applicability for assisting computer forensics expert in the digital evidence investigation process. Our results show that the application of the DEO model can significantly reduce the number of false positive evidence objects precented to a forensics exper, thus reducing his/her workload.

 

This paper is still under evaluation. 

If it gets accepted, we will acknowledge SPARTA.

 

Best,

 

 

Algimantas Venčkauskas

Kauno technologijos universitetas