Date post: | 22-Oct-2014 |
Category: |
Technology |
View: | 488 times |
Download: | 5 times |
Summary report: Survey & Review of Digital Forensic
Aung Thu Rha Hein (g5536871)
1st February 2014
Content
● Papers Info● Paper objectives● Methodology● Challenges● Future Research
Papers1. Digital forensics research: The next 10 years
-Simson L. Garfinkel
- Digital Investigation Journal,2010
2. Challenges to Digital Forensic: A Survey of Researcher & Practitioners Attitudes and Opinions- M. Al Fahdi, N.L. Clarke, S.M. Furnell - Information Security for South Africa Conference,2013
3. Taxonomy of computer forensics methodologies and procedures for digital evidence seizure
- Krishnun Sansurooah
- Australian Digital Forensics Conference,2006
4. The future of computer forensics: a needs analysis survey
-Marcus K Rogers, Kate Seigfried, Computers & Security Journal, 2004
Papers/25. An Ad Hoc Review of Digital Forensic Models
-M.M. Pollitt, Second International Workshop on Systematic Approaches to Digital Forensic
Engineering, 2007
6. Network forensic frameworks: Survey and research challenges
-Emmanuel S. Pilli*, R.C. Joshi, Rajdeep Niyogi
- Digital Investigation Journal,2010
7. A critical review of 7 years of Mobile Device Forensics-Konstantia Barmpatsalou , Dimitrios Damopoulos, Georgios Kambourakis,Vasilios Katos,
- Digital InvestigationJournal,2013
Paper Objectives1. Digital forensics research: The next 10 years
- proposes a methodology to improve the digital forensic research
- point out today DF research challenges
- proposes a new research plan
2. Challenges to Digital Forensic- to understand the priority of challenges on Digital Forensic by taking a survey
3. Taxonomy of computer forensics methodologies and procedures for
digital evidence seizure
- compare the forensic methodologies and propose a recommended methodology
4. The future of computer forensics: a needs analysis survey
- makes a study on computer forensics to discover the challenge
Paper Objectives
5. An Ad Hoc Review of Digital Forensic Models- summary of 15 papers which represents about DF data models
6. Network forensic frameworks: Survey and research challenges-overview of network forensic field on tools & frameworks
-also point out Network Forensic research challenge
7. A critical review of 7 years of Mobile Device Forensics- through review of mobile device forensic by mobile platforms
Methodology
Basic Methodology
& Process
Acquire Evidence
Authenticate evidence
Analyze Data
Methodology/2
● 3 methodologies & the detailed process varies ○ Basic Forensic Methodology○ Cyber Tool Online Search For Evidence (CTOSE)○ Data Recovery UK (DRUK)
● the recommended methodology combines the practice from 3 standards● there are more than dozen DF frameworks
Challenges● DF research is trending from 1997-2007● After 2007, Digital forensic meets with many challenges
Characteristics comparison
Era OS File Format Computing Architecture
Storage Architecture
Tools
1997-2007 Windows Dominance
few file formats PC, Centralized standard cable interfaces
commercial tools are working
2007- recent increasing OSs Various file formats
Client/Server, Flash, Cloud Storage
can’t catch up with req
Other introduced issues: Storage Size, pervasive encryption, legal challenges
Challenges/2
Descriptive Analysis Reult(N=60)
2004,The future of computer forensics: a needs analysis survey
Challenges/3
● Evidence-oriented design influences today’s DF research○ find evidence instead of assisting investigation○ not think of cyber-crime, i.e tools are not for hacking cases○ not possible to perform short-time analysis○ not capable of generating data from residual file
● Visibility,Filter,Report Model○ data recover before making analysis○ not possible to do parallel processing
● no standard for reverse engineering● ‘application instead of tools’ concept by vendors● lost academic research
2010,Digital forensics research: The next 10 years
2010,Digital forensics research: The next 10 years
Challenges/4
● 2013 survey takes part in 4 categories: ○ Demographics, Forensic Capabilities, Future Challenge, Legislative Concerns
● more than 50%: 3 years of DF experience ● Current DF tools & Capabilities:
○ Importance: more than 98% ranks as 4 out of 5 ○ Key Limitations: Data Volume, TIme,Tool Capability○ Tool Capability: not clear result
● Technology that least concerns: malware, steganography●
2013, Challenges to Digital Forensic
Future Research
● Challenge: Investigation & Analysis Time
● Mobile and Network Forensic will be trending
● anticipated future challenge: Cloud Computing, Anti-forensic, Encryption,Social Networking
● Should adopt standards for case data, data abstractions and composable models
● more data abstractions should create
● should standardise development diversity
● alternative analysis model: parallel processing, stochastic analysis ...
● doesn’t work in small-scale dataset
● standardized test data