With a growing reliance on the various forms of forensic science evidence in complex criminal investigations, the measures for ensuring its quality are facing increasing scrutiny. Improvements to quality management systems to ensure both the robust application of scientific principles and the accurate interpretation and reporting of results, have arisen as a consequence of high-profile rebuttals of forensic science evidence combined with process improvements driven by evaluation of current practice. These improvements are crucial to ensure validity of results as well as maintaining the trust of all those involved in the Criminal Justice System. This work first examines the quality management systems utilised for the examination and analysis of fingerprint, body fluid and DNA evidence. It then proceeds to highlight an apparent lack of comparable quality assurance mechanisms within the field of digital forensics, the newest branch of forensic science. Proposals are provided for the improvement of quality assurance for the digital forensics arena, drawing on the experiences of, and more well-established practices within, other forensic disciplines.
The role of triage in digital forensics is disputed, with some practitioners questioning its reliability for identifying evidential data. Although successfully implemented in the field of medicine, triage has not established itself to the same degree in digital forensics. This article presents a novel approach to triage for digital forensics. Case-Based Reasoning Forensic Triager (CBR-FT) is a method for collecting and reusing past digital forensic investigation information in order to highlight likely evidential areas on a suspect operating system, thereby helping an investigator to decide where to search for evidence. The CBR-FT framework is discussed and the results of twenty test triage examinations are presented. CBR-FT has been shown to be a more effective method of triage when compared to a practitioner using a leading commercial application.
The establishment of fact forms the cornerstone of any forensic discipline, with digital analysis being no exception. Practitioners are under an obligation as expert witnesses to provide factual accounts of digital scenarios, which must be underpinned by robust knowledge and evidential findings. To achieve this level of reliability, investigatory research must be suitably planned, implemented and analysed in a way which instills confidence in the accuracy of any findings. This is particularly important as digital forensic organisations are now facing the impending requirement to have acquired ISO/IEC 17025 accreditation. This article proposes the Framework for Reliable Experimental Design (FRED) to support those engaged in the field of digital forensics research to contribute reliable, robust findings. FRED focuses on the underpinning procedures involved within undertaking the reverse engineering of digital data structures and the process of extracting and interpreting digital content in a reliable way. The proposed framework is designed to be a resource for those operating within the digital forensic field, both in industry and academia, to support and develop research best practice within the discipline. Keywords:-Digital forensics; expert evidence; admissibility; research; digital evidence. 'reconstruct' digital data, a requirement for practitioners in all investigation scenarios. To carry out these tasks requires the use of effective research strategies, underpinned by the implementation of a robust research methodologies in order to aid the accurate interpretation and understanding of digital data. Yet currently, there is limited guidance available to practitioners and academics supporting the construction of valid DF research at this level.
Now approximately 30years old, the field of digital forensics is arguably facing some of its greatest challenges to date. Whilst currently supporting law enforcement in numerous criminal cases annually, questions are beginning to emerge regarding whether it can sustain this contribution, with digital crime remaining prevalent. In his first live interview in September 2015, Head of MI5, Andrew Parker indicated that individuals are now engaging in computing acts which are beyond the control of authorities, confirming earlier remarks made by British Prime Minister David Cameron in the wake of the Charlie Hebdo attacks. Such comments cast doubt on the future effectiveness of the digital forensic discipline and its ability to effectively investigate those who implement the latest forms of technology to carry out illicit acts. This article debates the controversial question, could we be facing an era where digital crime can no longer be effectively policed?
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.