Validation is the scientifically accepted methodology for demonstrating the accuracy and reliability of a process. Currently, digital forensics discipline does not conduct the sort of validation testing needed to develop statistical confidence in tool performance, or to generate the empirical data needed to bring objectivity to examiner conclusions. Recently recommended standards provide more reliable results, and tool testing programs provide a better understanding of tools' limitations. However, these efforts do not constitute testing over the full range of expected target device conditions, product functionality, and target device configurations which are needed for validation testing. Several major impediments to validation testing include a lack of validation methods, a lack of reference data, and a lack of the definitional precision and low‐level specificity needed to establish a system of measurement in digital forensics. This study attempts to identify the remaining needs that prevent comprehensive validation in digital forensics and identify potential solutions to address those needs.
This article is characterized under:
Digital and Multimedia Science > Cyber Threat Intelligence
Jurisprudence and Regulatory Oversight > Interdisciplinary Collaboration