TY - CHAP
T1 - The Standardised Digital Forensic Investigation Process Model (SDFIPM)
AU - Montasari, Reza
AU - Hill, Richard
AU - Carpenter, Victoria
AU - Hosseinian-Far, Amin
PY - 2019/4/18
Y1 - 2019/4/18
N2 - The field of digital forensics still lacks formal process models that courts can employ to determine the reliability of the process followed in a digital investigation. The existing models have often been developed by digital forensic practitioners, based on their own personal experience and on an ad-hoc basis, without attention to the establishment of standardisation within the field. This has prevented the institution of the formal processes that are urgently required. Moreover, as digital forensic investigators often operate within different fields of law enforcement, commerce and incident response, the existing models have often tended to focus on one particular field and have failed to consider all the environments. This has hindered the development of a generic model that can be applied in all the three stated fields of digital forensics. To address these shortcomings, this chapter makes a novel contribution by proposing the Advanced Investigative Process Model (the SDFIPM) for Conducting Digital Forensic Investigations, encompassing the ‘middle part’ of the digital investigative process, which is formal in that it synthesizes, harmonises and extends the existing models, and which is generic in that it can be applied in the three fields of law enforcement, commerce and incident response.
AB - The field of digital forensics still lacks formal process models that courts can employ to determine the reliability of the process followed in a digital investigation. The existing models have often been developed by digital forensic practitioners, based on their own personal experience and on an ad-hoc basis, without attention to the establishment of standardisation within the field. This has prevented the institution of the formal processes that are urgently required. Moreover, as digital forensic investigators often operate within different fields of law enforcement, commerce and incident response, the existing models have often tended to focus on one particular field and have failed to consider all the environments. This has hindered the development of a generic model that can be applied in all the three stated fields of digital forensics. To address these shortcomings, this chapter makes a novel contribution by proposing the Advanced Investigative Process Model (the SDFIPM) for Conducting Digital Forensic Investigations, encompassing the ‘middle part’ of the digital investigative process, which is formal in that it synthesizes, harmonises and extends the existing models, and which is generic in that it can be applied in the three fields of law enforcement, commerce and incident response.
KW - Digital forensics
KW - Standardised digital forensic investigation process model
KW - Survey digital crime scene phase
KW - Digital forensics investigation
KW - DFI
KW - DFA
KW - Event reconstruction process
KW - UML
KW - Unified modelling language
KW - Chain of custody
KW - Information flow
KW - Case management
UR - http://www.scopus.com/inward/record.url?scp=85070499585&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-11289-9_8
DO - 10.1007/978-3-030-11289-9_8
M3 - Chapter
SN - 9783030112882
SN - 3030112888
T3 - Advanced Sciences and Technologies for Security Applications
SP - 169
EP - 209
BT - Blockchain and Clinical Trial
A2 - Jahankhani, Hamid
A2 - Kendzierskyj, Stefan
A2 - Jamal, Arshad
A2 - Epiphaniou, Gregory
A2 - Al-Khateeb, Haider
PB - Springer, Cham
CY - Cham
ER -