The Association of Digital Forensics, Security and Law (ADFSL)
Digital triage is a pre-digital-forensic phase that sometimes takes place as a way of gathering quick intelligence. Although effort has been undertaken to model the digital forensics process, little has been done to-date to model digital triage. This work discusses the further development of a model that attempts to address digital triage, the Partially-automated Crime Specific Digital Triage Process model. The model itself will be presented along with a description of how its automated functionality was implemented to facilitate model testing.
Cantrell, G., Dampier, D., Dandass, Y., Niu, N., & Bogen, C. (2012). Research toward a partially-automated, and crime specific digital triage process model. Computer and Information Science, 5(2), 29-38.
Carrier, B. (2005). File system analysis. Upper Saddle New Jersey: AddisonWesley Professional. Carvey, H. (2005, September). The windows registry as a forensic resource. Digital Investigation, 2(3), 201-205.
Carvey, H. (2012). The regripper. Retrieved from http://regripper.wordpress.com
Dolan-Gavitt, B. (2008). Forensic analysis of the windows registry in memory. Digital Investigation, 5 (supplement), 26-32.
Erin, K., & Christopher, B. (2005). Risk sensitive digital evidence collection. Digital Investigation, 2(2), 101-119.
Garfinkel, S. (2006, September). Forensic feature extraction and cross-drive analysis. Presented at 6th Digital Forensic Research Workshop.
Garfinkel, S., Farrell, P., Roussev, V., & Dinolt, G. (2009). Bringing science to digital forensics with standardized forensic corpora. Digital Investigation, 6 (supplemental), 2-11.
Grillo, A., Lentini, A., Me, G., & Ottoni, M. (2009, September). Fast user classifying to establish forensic analysis priorities. Presented at Fifth International Conference on IT Security Incident Management and IT Forensics.
Jones, K., & Blani, R. (2010a, November 2). Web browser forensics, part 1. Retrieved from http://www.symantec.com/connect/articles/web-browserforensics-part-1
Jones, K., & Blani, R. (2010b, November 2). Web browser forensics, part 2. Retrieved from http://www.symantec.com/connect/articles/web-browserforensics-part-2
Nance, K., Hay, B., & Bishop, M. (2009, January). Digital forensics: Defining a research agenda. In Proceedings of the 42nd Hawaii International Conference on System Sciences.
Oh, J., Lee, S., & Lee, S. (2011). Advanced evidence collection and analysis of web browser activity. Digital Investigation, 8 (supplemental), 62-70.
Palmer, G. (2001, August). A road map for digital forensic research. Presented at Digital Forensic Research Workshop, Utica, New York.
Rogers, K., Goldman, J., & Wedge, T. (2006). Computer forensic field triage model. Journal of Digital Forensics, Security and Law, 1(2), 19-38.
Cantrell, Gary and Dampier, David A.
"Implementing the Automated Phases of the Partially-Automated Digital Triage Process Model,"
Journal of Digital Forensics, Security and Law: Vol. 7
, Article 5.
Available at: http://commons.erau.edu/jdfsl/vol7/iss4/5