3. Papers
1. Digital forensics research: The next 10 years
-Simson L. Garfinkel
- Digital Investigation Journal,2010
2. Challenges to Digital Forensic: A Survey of Researcher & Practitioners Attitudes and
Opinions
- M. Al Fahdi, N.L. Clarke, S.M. Furnell
- Information Security for South Africa Conference,2013
3. Taxonomy of computer forensics methodologies and procedures for digital
evidence seizure
- Krishnun Sansurooah
- Australian Digital Forensics Conference,2006
4.
The future of computer forensics: a needs analysis survey
-Marcus K Rogers, Kate Seigfried, Computers & Security Journal, 2004
4. Papers/2
5.
An Ad Hoc Review of Digital Forensic Models
-M.M. Pollitt, Second International Workshop on Systematic Approaches to Digital Forensic
Engineering, 2007
6.
Network forensic frameworks: Survey and research challenges
-Emmanuel S. Pilli*, R.C. Joshi, Rajdeep Niyogi
- Digital Investigation Journal,2010
7.
A critical review of 7 years of Mobile Device Forensics
-Konstantia Barmpatsalou , Dimitrios Damopoulos, Georgios Kambourakis,Vasilios Katos,
- Digital InvestigationJournal,2013
5. Paper Objectives
1.
Digital forensics research: The next 10 years
- proposes a methodology to improve the digital forensic research
- point out today DF research challenges
- proposes a new research plan
2.
Challenges to Digital Forensic
- to understand the priority of challenges on Digital Forensic by taking a survey
3.
Taxonomy of computer forensics methodologies and procedures for
digital evidence seizure
- compare the forensic methodologies and propose a recommended methodology
4.
The future of computer forensics: a needs analysis survey
- makes a study on computer forensics to discover the challenge
6. Paper Objectives
5.
An Ad Hoc Review of Digital Forensic Models
- summary of 15 papers which represents about DF data models
6.
Network forensic frameworks: Survey and research challenges
-overview of network forensic field on tools & frameworks
-also point out Network Forensic research challenge
7.
A critical review of 7 years of Mobile Device Forensics
- through review of mobile device forensic by mobile platforms
8. Methodology/2
●
●
●
3 methodologies & the detailed process varies
○ Basic Forensic Methodology
○ Cyber Tool Online Search For Evidence (CTOSE)
○ Data Recovery UK (DRUK)
the recommended methodology combines the practice from 3 standards
there are more than dozen DF frameworks
9.
10. Challenges
●
●
DF research is trending from 1997-2007
After 2007, Digital forensic meets with many challenges
Characteristics comparison
Era
OS
File Format
Computing
Architecture
Storage
Architecture
Tools
1997-2007
Windows
Dominance
few file formats
PC, Centralized
standard cable
interfaces
commercial
tools are
working
2007- recent
increasing OSs
Various file
formats
Client/Server,
Flash, Cloud
Storage
can’t catch
up with req
Other introduced issues: Storage Size, pervasive encryption, legal challenges
12. Challenges/3
●
●
●
●
●
Evidence-oriented design influences today’s DF research
○ find evidence instead of assisting investigation
○ not think of cyber-crime, i.e tools are not for hacking cases
○ not possible to perform short-time analysis
○ not capable of generating data from residual file
Visibility,Filter,Report Model
○ data recover before making analysis
○ not possible to do parallel processing
no standard for reverse engineering
‘application instead of tools’ concept by vendors
lost academic research
2010,Digital forensics research: The next 10 years
13. Challenges/4
●
●
●
●
●
2013 survey takes part in 4 categories:
○ Demographics, Forensic Capabilities, Future Challenge, Legislative Concerns
more than 50%: 3 years of DF experience
Current DF tools & Capabilities:
○ Importance: more than 98% ranks as 4 out of 5
○ Key Limitations: Data Volume, TIme,Tool Capability
○ Tool Capability: not clear result
Technology that least concerns: malware, steganography
2013, Challenges to Digital Forensic
14. Future Research
●
Challenge: Investigation & Analysis Time
●
Mobile and Network Forensic will be trending
●
anticipated future challenge: Cloud Computing, Anti-forensic, Encryption,Social Networking
●
Should adopt standards for case data, data abstractions and composable models
●
more data abstractions should create
●
should standardise development diversity
●
alternative analysis model: parallel processing, stochastic analysis ...
●
doesn’t work in small-scale dataset
●
standardized test data