In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
» Openaccess proceedings » 4th International Annual Workshop on Digital Forensics & Incident Analysis (WDFIA 2009)
4th International Annual Workshop on Digital Forensics & Incident Analysis (WDFIA 2009)
Title: Processing Algorithms for Components within a Forensic Evidence Management System
Author(s): Kweku Kwakye Arthur, Martin Olivier
Keywords: Forensic evidence, Evidence management, Data integrity, Information flow, Digital evidence
Abstract: It is well established that the integrity and reliability associated with digital evidence is integral to the successful prosecution of digital crimes. Consequently, forensic specialists continue to employ investigative tools and processes that maintain the integrity of digital evidence throughout the investigation cycle. Understandably, such tool-sets and processes are often non-trivial, and can be improved upon.
As a contribution to such improvements, we present an architecture for a forensic evidence management system (FEMS), whose core components are a rule base, a knowledge base, an inference engine, and a data component. Given these system components, we develop a finite state automaton (FSA) to model the FEMS’ general behaviour. In so doing, we demonstrate the interactions amongst these core system components. Ultimately, the purpose of the FEMS is to preserve the integrity of digital evidence, thereby improving the quality of investigative inferences made by forensic specialists.
In this paper we develop processing algorithms for the hypothesis state and the rule state described in our FEMS automaton. This elaboration is achieved through the use of flowcharts; we present the processing steps of these states, we present the input and output parameters of the transitions, and we provide the decision points that influence the probative value of the inferences within the FEMS.
Download count: 1659
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.