Digital forensic approaches and best practices

Exploring Myths in Digital Forensics

International Journal of Interdisciplinary Telecommunications and Networking ◽

10.4018/ijitn.2017100101 ◽

2017 ◽

Vol 9 (4) ◽

pp. 1-9

Author(s):

Gary C. Kessler ◽

Gregory H. Carlton

Keyword(s):

Best Practices ◽

Digital Forensics ◽

Forensic Sciences ◽

Practical Reasons ◽

Digital Forensic ◽

Forensic Practice ◽

Computer Scientists

Digital forensic methodology deviates significantly relative to the methods of other forensic sciences for numerous practical reasons, and it has been largely influenced by factors derived from the inception and evolution of this relatively new and rapidly changing field. Digital forensics methodology was developed more by practitioners in its early days rather than by computer scientists. This led to accepted best practices in the field that may not represent the best or, at least, tested, science. This paper explores some of these differences in the practice and evolution between digital and other forensic sciences, and recommends scientific approaches to apply to many digital forensic practice rituals.

Download Full-text

Digital Forensic Analysis of Cybercrimes

International Journal of Information Security and Privacy ◽

10.4018/ijisp.2017040103 ◽

2017 ◽

Vol 11 (2) ◽

pp. 25-37 ◽

Cited By ~ 2

Author(s):

Regner Sabillon ◽

Jordi Serra-Ruiz ◽

Victor Cavaller ◽

Jeimy J. Cano

Keyword(s):

Best Practices ◽

International Collaboration ◽

Forensic Analysis ◽

Lessons Learned ◽

Digital Ecosystems ◽

Cyber Forensics ◽

Digital Forensic ◽

Chain Of Custody ◽

Technological Ecosystems ◽

Forensic Tools

This paper reviews the existing methodologies and best practices for digital investigations phases like collecting, evaluating and preserving digital forensic evidence and chain of custody of cybercrimes. Cybercriminals are adopting new strategies to launch cyberattacks within modified and ever changing digital ecosystems, this article proposes that digital investigations must continually readapt to tackle cybercrimes and prosecute cybercriminals, working in international collaboration networks, sharing prevention knowledge and lessons learned. The authors also introduce a compact cyber forensics model for diverse technological ecosystems called Cyber Forensics Model in Digital Ecosystems (CFMDE). Transferring the knowledge, international collaboration, best practices and adopting new digital forensic tools, methodologies and techniques will be hereinafter paramount to obtain digital evidence, enforce organizational cybersecurity policies, mitigate security threats, fight anti-forensics practices and indict cybercriminals. The global Digital Forensics community ought to constantly update current practices to deal with cybercriminality and foreseeing how to prepare to new technological environments where change is always constant.

Download Full-text

Mobile Network Forensics

Mobile Network Forensics - Advances in Digital Crime, Forensics, and Cyber Terrorism ◽

10.4018/978-1-5225-5855-2.ch007 ◽

2018 ◽

pp. 250-286

Keyword(s):

Best Practices ◽

Mobile Network ◽

Practical Significance ◽

Network Data ◽

Network Forensics ◽

Digital Forensic ◽

Process Procedures ◽

Investigative Approach ◽

Investigative Process ◽

Tools And Methods

A structured investigative approach is essential for an effective production of credible and admissible mobile network evidence. Chapter 2 discussed the ISO/IEC SC27 digital forensic standardization as an effort that helps in developing a robust investigative process, procedures, and methodologies. This chapter applies the ISO/IEC SC27 family of standards for mobile network forensics investigations. Each of the standards is contextualized with the forensic aspects discussed in Chapter 6 together with examples of investigation scenarios, tools, and methods for forensic processing of the mobile network data. These contexts are of practical significance for investigators, elaborating on the approaches for investigative readiness, the techniques and tools for evidence processing from identification to interpretation, and the best practices in handling mobile network evidence data throughout an investigation.

Download Full-text

- Digital Forensic Approaches and Best Practices

Digital Forensics Explained ◽

10.1201/b13689-7 ◽

2012 ◽

pp. 36-57

Keyword(s):

Best Practices ◽

Digital Forensic

Download Full-text

Disconnects of Specialized Mobile Digital Forensics within the Generalized Field of Digital Forensic Science

Digital Forensics and Forensic Investigations ◽

10.4018/978-1-7998-3025-2.ch022 ◽

2020 ◽

pp. 325-328

Author(s):

Gregory H. Carlton ◽

Gary C. Kessler

Keyword(s):

Best Practices ◽

Forensic Science ◽

Digital Forensics ◽

Legal Framework ◽

Digital Devices ◽

Digital Forensic

The study and practice of forensic science comprises many distinct areas that range from behavioral to biological to physical and to digital matters, and in each area forensic science is utilized to obtain evidence that will be admissible within the legal framework. This article focuses on inconsistencies within the accepted methodology of digital forensics when comparing the current best practices of mobile digital devices and traditional computer devices. Here the authors raise the awareness of this disconnect in methodology, and they posit that some specific tasks within the traditional best practices of digital forensic science are artifacts of ritual rather than based on scientific requirements.

Download Full-text

Disconnects of Specialized Mobile Digital Forensics within the Generalized Field of Digital Forensic Science

Cyber Warfare and Terrorism ◽

10.4018/978-1-7998-2466-4.ch036 ◽

2020 ◽

pp. 593-596

Author(s):

Gregory H. Carlton ◽

Gary C. Kessler

Keyword(s):

Best Practices ◽

Forensic Science ◽

Digital Forensics ◽

Legal Framework ◽

Digital Devices ◽

Digital Forensic

The study and practice of forensic science comprises many distinct areas that range from behavioral to biological to physical and to digital matters, and in each area forensic science is utilized to obtain evidence that will be admissible within the legal framework. This article focuses on inconsistencies within the accepted methodology of digital forensics when comparing the current best practices of mobile digital devices and traditional computer devices. Here the authors raise the awareness of this disconnect in methodology, and they posit that some specific tasks within the traditional best practices of digital forensic science are artifacts of ritual rather than based on scientific requirements.

Download Full-text

Exploring Myths in Digital Forensics

Digital Forensics and Forensic Investigations ◽

10.4018/978-1-7998-3025-2.ch025 ◽

2020 ◽

pp. 355-364

Author(s):

Gary C. Kessler ◽

Gregory H. Carlton

Keyword(s):

Best Practices ◽

Digital Forensics ◽

Forensic Sciences ◽

Practical Reasons ◽

Digital Forensic ◽

Forensic Practice ◽

Computer Scientists

Digital forensic methodology deviates significantly relative to the methods of other forensic sciences for numerous practical reasons, and it has been largely influenced by factors derived from the inception and evolution of this relatively new and rapidly changing field. Digital forensics methodology was developed more by practitioners in its early days rather than by computer scientists. This led to accepted best practices in the field that may not represent the best or, at least, tested, science. This paper explores some of these differences in the practice and evolution between digital and other forensic sciences, and recommends scientific approaches to apply to many digital forensic practice rituals.

Download Full-text

Digital Forensic Analysis of Cybercrimes

Digital Multimedia ◽

10.4018/978-1-5225-3822-6.ch029 ◽

2018 ◽

pp. 588-600

Author(s):

Regner Sabillon ◽

Jordi Serra-Ruiz ◽

Victor Cavaller ◽

Jeimy J. Cano

Keyword(s):

Best Practices ◽

International Collaboration ◽

Forensic Analysis ◽

Lessons Learned ◽

Digital Ecosystems ◽

Cyber Forensics ◽

Digital Forensic ◽

Chain Of Custody ◽

Technological Ecosystems ◽

Forensic Tools

This paper reviews the existing methodologies and best practices for digital investigations phases like collecting, evaluating and preserving digital forensic evidence and chain of custody of cybercrimes. Cybercriminals are adopting new strategies to launch cyberattacks within modified and ever changing digital ecosystems, this article proposes that digital investigations must continually readapt to tackle cybercrimes and prosecute cybercriminals, working in international collaboration networks, sharing prevention knowledge and lessons learned. The authors also introduce a compact cyber forensics model for diverse technological ecosystems called Cyber Forensics Model in Digital Ecosystems (CFMDE). Transferring the knowledge, international collaboration, best practices and adopting new digital forensic tools, methodologies and techniques will be hereinafter paramount to obtain digital evidence, enforce organizational cybersecurity policies, mitigate security threats, fight anti-forensics practices and indict cybercriminals. The global Digital Forensics community ought to constantly update current practices to deal with cybercriminality and foreseeing how to prepare to new technological environments where change is always constant.

Download Full-text

Exploring Myths in Digital Forensics

Cyber Warfare and Terrorism ◽

10.4018/978-1-7998-2466-4.ch076 ◽

2020 ◽

pp. 1299-1308

Author(s):

Gary C. Kessler ◽

Gregory H. Carlton

Keyword(s):

Best Practices ◽

Digital Forensics ◽

Forensic Sciences ◽

Practical Reasons ◽

Digital Forensic ◽

Forensic Practice ◽

Computer Scientists

Digital forensic methodology deviates significantly relative to the methods of other forensic sciences for numerous practical reasons, and it has been largely influenced by factors derived from the inception and evolution of this relatively new and rapidly changing field. Digital forensics methodology was developed more by practitioners in its early days rather than by computer scientists. This led to accepted best practices in the field that may not represent the best or, at least, tested, science. This paper explores some of these differences in the practice and evolution between digital and other forensic sciences, and recommends scientific approaches to apply to many digital forensic practice rituals.

Download Full-text

Disconnects of Specialized Mobile Digital Forensics within the Generalized Field of Digital Forensic Science

International Journal of Interdisciplinary Telecommunications and Networking ◽

10.4018/ijitn.2018070106 ◽

2018 ◽

Vol 10 (3) ◽

pp. 62-65

Author(s):

Gregory H. Carlton ◽

Gary C. Kessler

Keyword(s):

Best Practices ◽

Forensic Science ◽

Digital Forensics ◽

Legal Framework ◽

Digital Devices ◽

Digital Forensic

The study and practice of forensic science comprises many distinct areas that range from behavioral to biological to physical and to digital matters, and in each area forensic science is utilized to obtain evidence that will be admissible within the legal framework. This article focuses on inconsistencies within the accepted methodology of digital forensics when comparing the current best practices of mobile digital devices and traditional computer devices. Here the authors raise the awareness of this disconnect in methodology, and they posit that some specific tasks within the traditional best practices of digital forensic science are artifacts of ritual rather than based on scientific requirements.

Download Full-text