Abstract
Due to the rapid increase of digital based evidence, the requirement for the timely identification, examination and interpretation of digital evidence is becoming more essential. In certain investigations such as child abductions, pedophiles, missing or exploited persons, time becomes extremely important as in some cases, it is the difference between life and death for the victim. Moreover, the growing number of computer systems being submitted to digital forensic laboratories is creating a backlog of cases that can delay investigations and negatively affect public safety and the criminal justice system. To deal with these problems, there is a need for more effective ‘onsite’ triage methods to enable the investigators to acquire information in a timely manner, and to reduce the number of computer systems that are submitted to DFLs for analysis. This paper presents a Formal Two-Stage Triage Process Model fulfilling the needs of an onsite triage examination process.
Original language | English |
---|---|
Pages (from-to) | 69-87 |
Number of pages | 19 |
Journal | International Journal of Computer Science and Security (IJCSS) |
Volume | 10 |
Issue number | 2 |
Publication status | Published - 1 Jun 2016 |
Externally published | Yes |