Title: A standardised data acquisition process model for digital forensic investigations

Authors: Reza Montasari

Addresses: Department of Computing and Mathematics, University of Derby, Kedleston Road, Derby, DE22 1GB, UK

Abstract: Similar to traditional evidence, courts of law do not assume that digital evidence is reliable if there is no evidence of some empirical testing regarding the theories and techniques pertaining to its production. Courts take a careful notice of the way in which digital evidence has been acquired and stored. In contrast with traditional crimes for which there are well-established standards and procedures upon which courts can rely, there are no formal procedures or models for digital data acquisition to which courts of law can refer. A standardised data acquisition process model is needed to enable digital forensic investigators to follow a uniform approach, and to assist courts of law in determining the reliability of digital evidence presented to them. This paper proposes a model that is standardised in that it can enable digital forensic investigators in following a uniform approach, and that is generic in that it can be applied in both law enforcement and corporate investigations. To carry out the research presented in the paper, the design science research process (DSRP) methodology proposed by Peffers et al. (2006) has been followed.

Keywords: digital forensics; data acquisition; process model; standardised model; digital investigations; computer forensics; formal process.

DOI: 10.1504/IJICS.2017.085139

International Journal of Information and Computer Security, 2017 Vol.9 No.3, pp.229 - 249

Received: 15 Mar 2016
Accepted: 31 May 2016
Published online: 13 Jul 2017 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article