Title: The pseudo metadata concept for the chain of custody of digital evidence

Authors: Yudi Prayudi; Ahmad Ashari; Tri Kuntoro Priyambodo

Addresses: Center for Digital Forensics Studies, Universitas Islam Indonesia, Yogyakarta, Indonesia; Department of Computer Science and Electronics, Gadjah Mada University, Yogyakarta, Indonesia ' Department of Computer Science and Electronics, Gadjah Mada University, Yogyakarta, Indonesia ' Department of Computer Science and Electronics, Gadjah Mada University, Yogyakarta, Indonesia

Abstract: The handling of the chain of custody for digital evidence is a complex issue and more difficult than physical evidence. The main problem in the chain of custody of digital evidence is related to how to record and what should be documented the information of evidence in an investigative process. This paper provides a mechanism for recording and documentation of digital evidence as well as mapping information that must exist for a chain of custody of digital evidence. The recording mechanism is performed after the acquisition and disk imaging of electronic evidence while mapping the information is done into two parts, static and dynamic information. This concept is expected to be an alternative solution for digital evidence handling and to provide solutions for information standards for a chain of custody of digital evidence.

Keywords: chain of custody; digital evidence; metadata; digital forensics; acquisition; disk imaging.

DOI: 10.1504/IJESDF.2019.102554

International Journal of Electronic Security and Digital Forensics, 2019 Vol.11 No.4, pp.395 - 419

Received: 05 Feb 2018
Accepted: 01 Aug 2018
Published online: 30 Sep 2019 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article