This paper points out many key aspects of digital forensics, with the goal of ensuring that research seeking to advance the discipline will have the highest possible adoption rate by practitioners.
Many technical mechanisms across computer security for attribution, identification, and classification are neither sufficient nor necessary for forensically valid digital investigations; yet they are often claimed as useful or necessary. Similarly, when forensic research is evaluated using the viewpoints held by computer security venues, the challenges, constraints, and usefulness of the work is often misjudged. The authors of the current paper enumerate general legal and practical constraints placed on forensic investigators that set the field apart. The authors point out the assumptions, often limited or incorrect, made about forensics in past work, and discuss how these assumptions limit the impact of contributions. (Publisher abstract provided)
Downloads
Similar Publications
- Predicting thermal response of gypsum board under various heat flux Configurations: A three-dimensional mathematical model
- Development of baseline survey of random presence of glass and paint for the interpretation of evidence in the US courts
- Development of a matrix-matched standard for the elemental analysis of human hair by LA-ICP-MS