Document Type

Article

Source of Publication

IEEE Access

Publication Date

1-1-2022

Abstract

Securing digital evidence is a key factor that contributes to evidence admissibility during digital forensic investigations, particularly in establishing the chain of custody of digital evidence. However, not enough is done to ensure that the environment and access to the evidence are secure. Attackers can go to extreme lengths to cover up their tracks, which is a serious concern to digital forensics – particularly digital forensic readiness. If an attacker gains access to the location where evidence is stored, they could easily alter the evidence (if not remove it altogether). Even though integrity checks can be performed to ensure that the evidence is sound, the collected evidence may contain sensitive information that an attacker can easily use for other forms of attack. To this end, this paper proposes a model for securely storing digital evidence captured pre- and post-incident to achieve reactive forensics. Various components were considered, such as integrity checks, environment sandboxing, strong encryption, two-factor authentication, as well as unique random file naming. A proof-of-concept tool was developed to realize this model and to prove its validity. A series of tests were conducted to check for system security, performance, and requirements validation, Overall, the results obtained showed that, with minimal effort, securing forensic artefacts is a relatively inexpensive and reliable feat. This paper aims to standardize evidence storage, practice high security standards, as well as remove the need to create new systems that achieve the same purpose.

ISSN

2169-3536

Publisher

Institute of Electrical and Electronics Engineers (IEEE)

Disciplines

Computer Sciences

Keywords

Cloud computing, Digital Forensic Readiness, Digital Forensic Soundness, Digital forensics, Encryption, Encryption, Integrity Verification, Organizations, Secure Storage, Secure storage, Security, Standards organizations

Scopus ID

85124813440

Creative Commons License

Creative Commons Attribution 4.0 International License
This work is licensed under a Creative Commons Attribution 4.0 International License.

Indexed in Scopus

yes

Open Access

yes

Open Access Type

Gold: This publication is openly available in an open access journal/series

Share

COinS