Digital triage is a pre-digital-forensic phase that sometimes takes place as a way of gathering quick intelligence. Although effort has been undertaken to model the digital forensics process, little has been done to-date to model digital triage. This work discusses the further development of a model that attempts to address digital triage, the Partially-automated Crime Specific Digital Triage Process model. The model itself will be presented along with a description of how its automated functionality was implemented to facilitate model testing.


Cantrell, G., Dampier, D., Dandass, Y., Niu, N., & Bogen, C. (2012). Research toward a partially-automated, and crime specific digital triage process model. Computer and Information Science, 5(2), 29-38.

Carrier, B. (2005). File system analysis. Upper Saddle New Jersey: AddisonWesley Professional. Carvey, H. (2005, September). The windows registry as a forensic resource. Digital Investigation, 2(3), 201-205.

Carvey, H. (2012). The regripper. Retrieved from http://regripper.wordpress.com

Dolan-Gavitt, B. (2008). Forensic analysis of the windows registry in memory. Digital Investigation, 5 (supplement), 26-32.

Erin, K., & Christopher, B. (2005). Risk sensitive digital evidence collection. Digital Investigation, 2(2), 101-119.

Garfinkel, S. (2006, September). Forensic feature extraction and cross-drive analysis. Presented at 6th Digital Forensic Research Workshop.

Garfinkel, S., Farrell, P., Roussev, V., & Dinolt, G. (2009). Bringing science to digital forensics with standardized forensic corpora. Digital Investigation, 6 (supplemental), 2-11.

Grillo, A., Lentini, A., Me, G., & Ottoni, M. (2009, September). Fast user classifying to establish forensic analysis priorities. Presented at Fifth International Conference on IT Security Incident Management and IT Forensics.

Jones, K., & Blani, R. (2010a, November 2). Web browser forensics, part 1. Retrieved from http://www.symantec.com/connect/articles/web-browserforensics-part-1

Jones, K., & Blani, R. (2010b, November 2). Web browser forensics, part 2. Retrieved from http://www.symantec.com/connect/articles/web-browserforensics-part-2

Nance, K., Hay, B., & Bishop, M. (2009, January). Digital forensics: Defining a research agenda. In Proceedings of the 42nd Hawaii International Conference on System Sciences.

Oh, J., Lee, S., & Lee, S. (2011). Advanced evidence collection and analysis of web browser activity. Digital Investigation, 8 (supplemental), 62-70.

Palmer, G. (2001, August). A road map for digital forensic research. Presented at Digital Forensic Research Workshop, Utica, New York.

Rogers, K., Goldman, J., & Wedge, T. (2006). Computer forensic field triage model. Journal of Digital Forensics, Security and Law, 1(2), 19-38.





To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.