Defining a Standard for Reporting Digital Evidence Items in Computer Forensic Tools

Document Type

Conference Proceeding

Source of Publication

Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST

Publication Date

12-1-2011

Abstract

Due to the lack of standards in reporting digital evidence items, investigators are facing difficulties in efficiently presenting their findings. This paper proposes a standard for digital evidence to be used in reports that are generated using computer forensic software tools. The authors focused on developing a standard digital evidence items by surveying various digital forensic tools while keeping in mind the legal integrity of digital evidence items. Additionally, an online questionnaire was used to gain the opinion of knowledgeable and experienced stakeholders in the digital forensics domain. Based on the findings, the authors propose a standard for digital evidence items that includes data about the case, the evidence source, evidence item, and the chain of custody. Research results enabled the authors in creating a defined XML schema for digital evidence items. © Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2011.

ISBN

9783642195129

ISSN

1867-8211

Publisher

Springer Berlin Heidelberg

Volume

53

First Page

78

Last Page

95

Disciplines

Education

Keywords

Digital evidence item, Digital forensics, Reports in forensic tools, Standard report

Scopus ID

84885885533

Indexed in Scopus

yes

Open Access

no

Link to Full Text

Share

COinS