Book chapter 1015 views
Evaluation of the Standardised Digital Forensic Investigation Process Model (SDFIPM)
Cyber Security Practitioner's Guide, Volume: Chapter 9, Pages: 303 - 363
Swansea University Author: Reza Montasari
Full text not available from this repository: check for access using links below.
DOI (Published version): 10.1142/9789811204463_0009
Abstract
The existing digital forensic investigation process models (DFIPMs) have often been developed by digital forensic practitioners (DFPs) based on their own personal experience and on an ad-hoc basis, without attention to the establishment of standardisation within the field. This has prevented the ins...
Published in: | Cyber Security Practitioner's Guide |
---|---|
ISBN: | 9789811204456 9789811204463 |
Published: |
WORLD SCIENTIFIC
2020
|
Online Access: |
http://dx.doi.org/10.1142/9789811204463_0009 |
URI: | https://cronfa.swan.ac.uk/Record/cronfa54954 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Abstract: |
The existing digital forensic investigation process models (DFIPMs) have often been developed by digital forensic practitioners (DFPs) based on their own personal experience and on an ad-hoc basis, without attention to the establishment of standardisation within the field. This has prevented the institution of both scientific and generic processes that are urgently required within the different fields of law enforcement, commerce and incident response. Therefore, a novel model — the Standardised Digital Forensic Investigation Process Model (the SDFIPM) — was developed to address these shortcomings. Following the selected research methodology, Peffers et al.’s Design Science Research Process (DSRP), the SDFIPM was also subjected to both Demonstration and Evaluation activities to determine how well it would support the solution to the stated research problem. Therefore, this paper presents the results of the Demonstration and Evaluation activities applied to the proposed model. Our study makes three significant and novel contributions to the field of Digital Forensics (DF): First, it implements a process model, the design of which is inclusive of all the advantages of the previous models through their synthesis, harmonisation and extension. No such a model previously existed in the literature. Second, the SDFIPM is generic in that it can be applied within the three fields of law enforcement, commerce and incident response. Third, unlike the majority of the previous models, the effectiveness of which is unknown due to the lack of an evaluation process, the SDFIPM’s efficacy is demonstrated in relation to both components of ‘utility’ and ‘usability. |
---|---|
Start Page: |
303 |
End Page: |
363 |