No Cover Image

Book chapter 1015 views

Evaluation of the Standardised Digital Forensic Investigation Process Model (SDFIPM)

Reza Montasari Orcid Logo, Richard Hill, Victoria Carpenter, Amin Hosseinian-Far

Cyber Security Practitioner's Guide, Volume: Chapter 9, Pages: 303 - 363

Swansea University Author: Reza Montasari Orcid Logo

Full text not available from this repository: check for access using links below.

DOI (Published version): 10.1142/9789811204463_0009

Abstract

The existing digital forensic investigation process models (DFIPMs) have often been developed by digital forensic practitioners (DFPs) based on their own personal experience and on an ad-hoc basis, without attention to the establishment of standardisation within the field. This has prevented the ins...

Full description

Published in: Cyber Security Practitioner's Guide
ISBN: 9789811204456 9789811204463
Published: WORLD SCIENTIFIC 2020
Online Access: http://dx.doi.org/10.1142/9789811204463_0009
URI: https://cronfa.swan.ac.uk/Record/cronfa54954
Tags: Add Tag
No Tags, Be the first to tag this record!
Abstract: The existing digital forensic investigation process models (DFIPMs) have often been developed by digital forensic practitioners (DFPs) based on their own personal experience and on an ad-hoc basis, without attention to the establishment of standardisation within the field. This has prevented the institution of both scientific and generic processes that are urgently required within the different fields of law enforcement, commerce and incident response. Therefore, a novel model — the Standardised Digital Forensic Investigation Process Model (the SDFIPM) — was developed to address these shortcomings. Following the selected research methodology, Peffers et al.’s Design Science Research Process (DSRP), the SDFIPM was also subjected to both Demonstration and Evaluation activities to determine how well it would support the solution to the stated research problem. Therefore, this paper presents the results of the Demonstration and Evaluation activities applied to the proposed model. Our study makes three significant and novel contributions to the field of Digital Forensics (DF): First, it implements a process model, the design of which is inclusive of all the advantages of the previous models through their synthesis, harmonisation and extension. No such a model previously existed in the literature. Second, the SDFIPM is generic in that it can be applied within the three fields of law enforcement, commerce and incident response. Third, unlike the majority of the previous models, the effectiveness of which is unknown due to the lack of an evaluation process, the SDFIPM’s efficacy is demonstrated in relation to both components of ‘utility’ and ‘usability.
Start Page: 303
End Page: 363