Similar to traditional evidence, courts of law do not assume that digital evidence is reliable if there is no evidence of some empirical testing regarding the theories and techniques pertaining to its production. Courts take a careful notice of the way in which digital evidence has been acquired and stored. In contrast with traditional crimes for which there are well-established standards and procedures upon which courts can rely, there are no formal procedures or models for digital data acquisition to which courts of law can refer. A standardised data acquisition process model is needed to enable digital forensic investigators to follow a uniform approach, and to assist courts of law in determining the reliability of digital evidence presented to them. This paper proposes a model that is standardised in that it can enable digital forensic investigators in following a uniform approach, and that is generic in that it can be applied in both law enforcement and corporate investigations. To carry out the research presented in the paper, the design science research process (DSRP) methodology proposed by Peffers et al. (2006) has been followed.
|Number of pages||21|
|Journal||International Journal of Information and Computer Security|
|Publication status||Published - 27 Jun 2017|