In today’s era, efficiency of digital forensic investigation process is the biggest challenge in front of Digital forensic community. The rapid increase in storage capacity of devices and decline in per bit cost has significantly outpaced the development of digital forensic investigation tools and techniques. The key challenge for investigator is to reduce the total investigation turnaround time, which heavily depends on the size of storage medium. The problem gains significance from the fact that most people store their personal and/or official data (generated using auxiliary digital devices like cellular phones, digital camera, memory cards, tablets, music players) mainly on their computing device (Laptop or desktop or external storage media). This voluminous data stored on computing devices leads to lengthier investigation time as finding relevant evidence becomes difficult and error prone (increased false positives and negatives). Throughout the literature, very little attention has been given to make digital investigation process fully automated, based on similarity of investigation (past experience) which can lead to faster discovery of potential evidences.
Our research work provides an efficient automated digital forensic framework to overcome the problem of finding potential evidence from large storage space. The idea of this framework builds on the fact that conventional investigator learns, by sharing and reusing the knowledge generated by other investigators. This knowledge sharing and reuse, if incorporated into the framework, we believe that the total investigation time will be reduced dramatically since not only criminal behavior but also the evidences remain similar in most cases. Learning thus will result into list of potential evidence files in order of importance. The main contribution of the framework is to shorten the total turnaround time in extracting forensically sound evidences thus saving the cost and time of investigation along with ensuring the privacy of accused.
Our research work provides an efficient automated digital forensic framework to overcome the problem of finding potential evidence from large storage space. The idea of this framework builds on the fact that conventional investigator learns, by sharing and reusing the knowledge generated by other investigators. This knowledge sharing and reuse, if incorporated into the framework, we believe that the total investigation time will be reduced dramatically since not only criminal behavior but also the evidences remain similar in most cases. Learning thus will result into list of potential evidence files in order of importance. The main contribution of the framework is to shorten the total turnaround time in extracting forensically sound evidences thus saving the cost and time of investigation along with ensuring the privacy of accused.
No comments:
Post a Comment