Skip to content

A framework for digital forensics and investigations: the goal-driven approach

Research output: Contribution to journalArticlepeer-review

Digital forensics investigations are an important task for collecting evidence based on the artifacts left in computer systems for computer related crimes. The requirements of such investigations are often a neglected aspect in most of the existing models of digital investigations. Therefore, a formal and systematic approach is needed to provide a framework for modeling and reasoning about the requirements of digital investigations. In addition, anti-forensics situations make the forensic investigation process challenging by contaminating any stage of the investigation process, its requirements, or by destroying the evidence. Therefore, successful forensic investigations require understanding the possible anti-forensic issues during the investigation. In this paper, we present a new method for guiding digital forensics investigations considering the anti-forensics based on goal-driven requirements engineering methodologies, in particular KAOS. Methodologies like KAOS facilitate modeling and reasoning about goals, requirements and obstacles, as well as their operationalization and responsibility assignments. We believe that this new method will lead in the future to better management and organization of the various steps of forensics investigations in cyberspace as well as provide more robust grounds for reasoning about forensic evidence.
Original languageEnglish
Pages (from-to)1-22
Number of pages22
JournalInternational Journal of Digital Crime and Forensics (IJDCF)
Volume5
Issue number2
DOIs
Publication statusPublished - 2013

Related information

Relations Get citation (various referencing formats)

ID: 192617