*** Welcome to piglix ***

Digital forensic process


The digital forensic process is a recognised scientific and forensic process used in digital forensics investigations. Forensics researcher Eoghan Casey defines it as a number of steps from the original incident alert through to reporting of findings. The process is predominantly used in computer and mobile forensic investigations and consists of three steps: acquisition, analysis and reporting.

Digital media seized for investigation is usually referred to as an "exhibit" in legal terminology. Investigators employ the scientific method to recover digital evidence to support or disprove a hypothesis, either for a court of law or in civil proceedings.

The stages of the digital forensics process require differing specialist training and knowledge, there are two rough levels of personnel:

There have been many attempts to develop a process model but so far none have been universally accepted. Part of the reason for this may be due to the fact that many of the process models were designed for a specific environment, such as law enforcement, and they therefore could not be readily applied in other environments such as incident response. This is a list of the main models since 2001 in chronological order:

The Abstract Digital Forensic Model (Reith, et al., 2002)

The Integrated Digital Investigative Process (Carrier & Spafford, 2003)

An Extended Model of Cybercrime Investigations (Ciardhuain, 2004)

The Enhanced Digital Investigation Process Model (Baryamureeba & Tushabe, 2004)

The Digital Crime Scene Analysis Model (Rogers, 2004)

A Hierarchical, Objectives-Based Framework for the Digital Investigations Process (Beebe & Clark, 2004)

Framework for a Digital Investigation (Kohn, et al., 2006)

The Four Step Forensic Process (Kent, et al., 2006)

FORZA - Digital forensics investigation framework (Ieong, 2006)

Process Flows for Cyber Forensics Training and Operations (Venter, 2006)

The Common Process Model (Freiling & Schwittay, (2007)

The Two-Dimensional Evidence Reliability Amplification Process Model (Khatir, et al., 2008)

The Digital Forensic Investigations Framework (Selamat, et al., 2008)

The Systematic Digital Forensic Investigation Model (SRDFIM) (Agarwal, et al., 2011)


...
Wikipedia

...