Formal Two Stage Triage Process Model (FTSTPM) for Digital Forensic Practice

Research output: Contribution to journalArticle

Abstract

Due to the rapid increase of digital based evidence, the requirement for the timely identification, examination and interpretation of digital evidence is becoming more essential. In certain investigations such as child abductions, pedophiles, missing or exploited persons, time becomes extremely important as in some cases, it is the difference between life and death for the victim. Moreover, the growing number of computer systems being submitted to digital forensic laboratories is creating a backlog of cases that can delay investigations and negatively affect public safety and the criminal justice system. To deal with these problems, there is a need for more effective ‘onsite’ triage methods to enable the investigators to acquire information in a timely manner, and to reduce the number of computer systems that are submitted to DFLs for analysis.

This paper presents a Formal Two-Stage Triage Process Model fulfilling the needs of an onsite triage examination process.
Original languageEnglish
Pages (from-to)69-87
Number of pages19
JournalInternational Journal of Computer Science and Security (IJCSS)
Volume10
Issue number2
Publication statusPublished - 1 Jun 2016
Externally publishedYes

Fingerprint

abduction
examination
evidence
justice
death
interpretation
human being
time

Cite this

@article{b4569b9e610149fb9565d0a198648570,
title = "Formal Two Stage Triage Process Model (FTSTPM) for Digital Forensic Practice",
abstract = "Due to the rapid increase of digital based evidence, the requirement for the timely identification, examination and interpretation of digital evidence is becoming more essential. In certain investigations such as child abductions, pedophiles, missing or exploited persons, time becomes extremely important as in some cases, it is the difference between life and death for the victim. Moreover, the growing number of computer systems being submitted to digital forensic laboratories is creating a backlog of cases that can delay investigations and negatively affect public safety and the criminal justice system. To deal with these problems, there is a need for more effective ‘onsite’ triage methods to enable the investigators to acquire information in a timely manner, and to reduce the number of computer systems that are submitted to DFLs for analysis.This paper presents a Formal Two-Stage Triage Process Model fulfilling the needs of an onsite triage examination process.",
keywords = "digital forensics, onsite triage, digital investigation, process model, on-scene examination, formal model",
author = "Reza Montasari",
year = "2016",
month = "6",
day = "1",
language = "English",
volume = "10",
pages = "69--87",
journal = "International Journal of Computer Science and Security (IJCSS)",
number = "2",

}

TY - JOUR

T1 - Formal Two Stage Triage Process Model (FTSTPM) for Digital Forensic Practice

AU - Montasari, Reza

PY - 2016/6/1

Y1 - 2016/6/1

N2 - Due to the rapid increase of digital based evidence, the requirement for the timely identification, examination and interpretation of digital evidence is becoming more essential. In certain investigations such as child abductions, pedophiles, missing or exploited persons, time becomes extremely important as in some cases, it is the difference between life and death for the victim. Moreover, the growing number of computer systems being submitted to digital forensic laboratories is creating a backlog of cases that can delay investigations and negatively affect public safety and the criminal justice system. To deal with these problems, there is a need for more effective ‘onsite’ triage methods to enable the investigators to acquire information in a timely manner, and to reduce the number of computer systems that are submitted to DFLs for analysis.This paper presents a Formal Two-Stage Triage Process Model fulfilling the needs of an onsite triage examination process.

AB - Due to the rapid increase of digital based evidence, the requirement for the timely identification, examination and interpretation of digital evidence is becoming more essential. In certain investigations such as child abductions, pedophiles, missing or exploited persons, time becomes extremely important as in some cases, it is the difference between life and death for the victim. Moreover, the growing number of computer systems being submitted to digital forensic laboratories is creating a backlog of cases that can delay investigations and negatively affect public safety and the criminal justice system. To deal with these problems, there is a need for more effective ‘onsite’ triage methods to enable the investigators to acquire information in a timely manner, and to reduce the number of computer systems that are submitted to DFLs for analysis.This paper presents a Formal Two-Stage Triage Process Model fulfilling the needs of an onsite triage examination process.

KW - digital forensics

KW - onsite triage

KW - digital investigation

KW - process model

KW - on-scene examination

KW - formal model

M3 - Article

VL - 10

SP - 69

EP - 87

JO - International Journal of Computer Science and Security (IJCSS)

JF - International Journal of Computer Science and Security (IJCSS)

IS - 2

ER -