Formal Two Stage Triage Process Model (FTSTPM) for Digital Forensic Practice

Research output: Contribution to journalArticle

Abstract

Due to the rapid increase of digital based evidence, the requirement for the timely identification, examination and interpretation of digital evidence is becoming more essential. In certain investigations such as child abductions, pedophiles, missing or exploited persons, time becomes extremely important as in some cases, it is the difference between life and death for the victim. Moreover, the growing number of computer systems being submitted to digital forensic laboratories is creating a backlog of cases that can delay investigations and negatively affect public safety and the criminal justice system. To deal with these problems, there is a need for more effective ‘onsite’ triage methods to enable the investigators to acquire information in a timely manner, and to reduce the number of computer systems that are submitted to DFLs for analysis.

This paper presents a Formal Two-Stage Triage Process Model fulfilling the needs of an onsite triage examination process.
Original languageEnglish
Pages (from-to)69-87
Number of pages19
JournalInternational Journal of Computer Science and Security (IJCSS)
Volume10
Issue number2
Publication statusPublished - 1 Jun 2016
Externally publishedYes

    Fingerprint

Cite this