The Association of Digital Forensics, Security and Law (ADFSL)
Many people do all of their banking online, we and our children communicate with peers through computer systems, and there are many jobs that require near continuous interaction with computer systems. Criminals, however, are also “connected”, and our online interaction provides them a conduit into our information like never before. Our credit card numbers and other fiscal information are at risk, our children's personal information is exposed to the world, and our professional reputations are on the line.
The discipline of Digital Forensics in law enforcement agencies around the nation and world has grown to match the increased risk and potential for cyber crimes. Even crimes that are not themselves computer-based, may be solved or prosecuted based on digital evidence left behind by the perpetrator. However, no widely accepted mechanism to facilitate sharing of ideas and methodologies has emerged. Different agencies re-develop approaches that have been tested in other jurisdictions. Even within a single agency, there is often significant redundant work. There is great potential efficiency gain in sharing information from digital forensic investigations.
This paper describes an on-going design and development project between Oklahoma State University’s Center for Telecommunications and Network Security and the Defense Cyber Crimes Center to develop a Repository of Digital Forensic Knowledge. In its full implementation, the system has potential to provide exceptional gains in efficiency for examiners and investigators. It provides a better conduit to share relevant information between agencies and a structure through which cases can be cross-referenced to have the most impact on a current investigation.
1. Armstrong, J.S. “Combining Forecasts”, in: J.S. Armstrong, Principles of Forecasting, Kluwer Academic Publishers, Norwell, MA., 2002, 418-439.
2. Blakeman, William. "Digital Forensic Intelligence (DFI) Project." Baltimore, MD, 15 February, 2006.
3. Chase, C.W. Jr., “Composite Forecasting: Combining Forecasts for Improved Accuracy,” Journal of Business Forecasting Methods & Systems, 2000,19, 2-22.
4. Cacioppe, R. “Using team – individual reward and recognition strategies to drive organizational success,” Journal of Leadership and Organization Development, 1999, 20 (6), pp. 322-331.
5. Defense Computer Forensics Laboratory (DCFL) website. http://www.dcfl.gov/dcfl/mission.htm. March 27, 2006.
6. Fayyad, U.M., G. Piatetsky-Shapiro and P. Smyth. “From Data Mining to Knowledge Discovery: An Overview,” in Advances in Knowledge Discovery and Data Mining, AAAI/MIT Press, 1996, 1-34.
7. Harrison, et al. “A Lessons Learned Repository for Computer Forensics,” International Journal of Digital Evidence. Fall, 2002, 1 (3).
8. Jarvenpaa, S.L., and Majchrzak, A. “Developing Individuals’ Transactive Memories of Their Ego-Centric networks to Mitigate Risks of Knowledge Sharing: The Case of Professionals Protecting CyberSecurity,” Proceedings of the International Conference on Information Systems, ICIS 2005
9. McKnight, W. “Building Business Intelligence: Text Data Mining in Business Intelligence,” DM Review, 2005, 21-22.
10. Presentation by the Defense Cyber Crime Center, March 2005
11. "SWGDE and SWGIT Glossary of Terms," Scientific Working Groups on Digital Evidence and Imaging Technology. Version: 1.0 , July 25, 2005.
Weiser, Mark; Biros, David P.; and Mosier, Greg
"Development of A National Repository of Digital Forensic Intelligence,"
Journal of Digital Forensics, Security and Law: Vol. 1
, Article 1.
Available at: http://commons.erau.edu/jdfsl/vol1/iss2/1