Scribd Logo
Upload

Welcome to Scribd!

  • IJDCFFinal 13

    Uploaded by

    Ishan
    6 views1 page
    The document proposes a goal-driven approach to digital forensics investigations with three levels of abstraction: 1) The top level contains the goals and objectives of the investigation that are refined into sub-goals. 2) The middle level contains obstacles like anti-forensics techniques that can destroy or hide evidence and obstruct the investigation goals. 3) The bottom level contains forensic actions to oppose obstacles in order to achieve the investigation goals.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document proposes a goal-driven approach to digital forensics investigations with three levels of abstraction: 1) The top level contains the goals and objectives of the investigation that are refined into sub-goals. 2) The middle level contains obstacles like anti-forensics techniques that can destroy or hide evidence and obstruct the investigation goals. 3) The bottom level contains forensic actions to oppose obstacles in order to achieve the investigation goals.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    6 views1 page

    IJDCFFinal 13

    Uploaded by

    Ishan
    The document proposes a goal-driven approach to digital forensics investigations with three levels of abstraction: 1) The top level contains the goals and objectives of the investigation that are refined into sub-goals. 2) The middle level contains obstacles like anti-forensics techniques that can destroy or hide evidence and obstruct the investigation goals. 3) The bottom level contains forensic actions to oppose obstacles in order to achieve the investigation goals.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 1

    8 International Journal of Digital Crime and Forensics, 5(2), 1-22, April-June 2013

    such as a forensic computer system, tool or expectations, and constraints for the forensics
    software. Figure 1 shows the conceptual view investigation, which map to the processes in-
    of the proposed approach. Goals are derived volved within the forensics investigation. The
    from the forensic process, tools and evidence, root goal is refined into sub-goals through AND/
    and obstacles are derived from anti-forensic OR refinement links.
    situations, tools and obstruction of the digital In the middle level, obstacles obstruct the
    evidence. goals of a forensic investigation by destroying,
    hiding, manipulating and preventing the creation
    Levels of Abstraction of evidence. Obstacles are the different types of
    anti-forensics, which confront the availability
    The proposed goal-driven digital forensics and usefulness of the evidence for the foren-
    investigation model supports different levels sics investigation. Therefore, for a successful
    of abstraction from goals to obstacles and forensics investigation, we need to address the
    finally to forensics actions. Figure 2 gives an obstacles related to anti-forensics; in particular,
    overview of the different levels of abstraction it is necessary to completely prevent, or if not
    using exemplary questions that symbolize the feasible then reduce the effectiveness of the
    characteristics of the method (Islam, 2011). anti-forensic methods. An identified obstacle
    We divide the levels of abstraction into three is refined by AND/OR refinements through the
    main areas. These levels build the bridge from obstruction of crime evidence or the forensic
    the goals of a forensics investigation to the investigation process.
    obstacles, which obstruct the goals to be satis- In the bottom level, forensic actions support
    fied, and finally to the actions that oppose the goal fulfillment and obstacle opposition. These
    obstacles in order to achieve the goals. On the actions operationalize the requirements for the
    top level, there are the goals, i.e. objectives,
    IGI GLOBAL PROOF
    Figure 1. Conceptual view of digital forensics investigation using the goal-driven approach

    Copyright © 2013, IGI Global. Copying or distributing in print or electronic forms without written permission of IGI Global is prohibited.

    You might also like