Proposal / Submission Type
Peer Reviewed Paper
Location
Henderson Welcome Center
Start Date
16-5-2017 3:15 PM
Abstract
The analysis phase of the digital forensic process is the most complex. The analysis phase remains very subjective to the views of the forensic practitioner. There are many tools dedicated to assisting the investigator during the analysis process. However, they do not address the challenges. Digital forensics is in need of a consistent approach to procure the most judicious conclusions from the digital evidence. The objective of this paper is to discuss the ability of graph theory, a study of related mathematical structures, to aid in the analysis phase of the digital forensic process. We develop a graph-based representation of digital evidence and evaluate the relations between pieces of evidence. We determine possible techniques investigators will be able to use to examine digital evidence, as well as, explore how graph theory can be used as a basis for further analysis. Lastly, we demonstrate the potential of the application of graph theory through its implementation in a case study.
Scholarly Commons Citation
Palmer, Imani; Gelfand, Boris; and Campbell, Roy, "Exploring Digital Evidence with Graph Theory" (2017). Annual ADFSL Conference on Digital Forensics, Security and Law. 9.
https://commons.erau.edu/adfsl/2017/papers/9
Full Resolution File
Included in
Computer Law Commons, Computer Sciences Commons, Forensic Science and Technology Commons
Exploring Digital Evidence with Graph Theory
Henderson Welcome Center
The analysis phase of the digital forensic process is the most complex. The analysis phase remains very subjective to the views of the forensic practitioner. There are many tools dedicated to assisting the investigator during the analysis process. However, they do not address the challenges. Digital forensics is in need of a consistent approach to procure the most judicious conclusions from the digital evidence. The objective of this paper is to discuss the ability of graph theory, a study of related mathematical structures, to aid in the analysis phase of the digital forensic process. We develop a graph-based representation of digital evidence and evaluate the relations between pieces of evidence. We determine possible techniques investigators will be able to use to examine digital evidence, as well as, explore how graph theory can be used as a basis for further analysis. Lastly, we demonstrate the potential of the application of graph theory through its implementation in a case study.
Comments
View the agenda session- Afternoon Session 2- Cyber Investigation and Forensics