Sciweavers

HICSS
2007
IEEE

Support for Computer Forensics Examination Planning with Domain Modeling: A Report of One Experiment Trial

14 years 5 months ago
Support for Computer Forensics Examination Planning with Domain Modeling: A Report of One Experiment Trial
In any forensic investigation, planning and analysis activities are required in order to determine what digital media will be seized, what types of information will be sought in the examination, and how the examination will be conducted. Existing literature and suggested practices indicate that such planning should occur, but few tools provide support for such activities. Planning an examination may be an essential activity when investigators and technicians are faced with unfamiliar case types or unusually complex, large-scale cases. This paper presents the results of an empirical study that evaluates two planning methods for computer forensics examination: a methodology that includes domain modeling and a more typical, ad hoc planning approach. This paper briefly describes the case domain modeling and planning methodology, describes the empirical study, and presents preliminary results of and conclusions drawn from the empirical study.
Alfred C. Bogen, David A. Dampier, Jeffrey C. Carv
Added 02 Jun 2010
Updated 02 Jun 2010
Type Conference
Year 2007
Where HICSS
Authors Alfred C. Bogen, David A. Dampier, Jeffrey C. Carver
Comments (0)