A case based reasoning framework for improving the trustworthiness of digital forensic investigations

Graeme Horsman; Christopher Laing; Paul Vickers

doi:10.1109/TrustCom.2012.18

A case based reasoning framework for improving the trustworthiness of digital forensic investigations

Graeme Horsman, Christopher Laing, Paul Vickers

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

5 Citations (Scopus)

Abstract

A novel concept for improving the trustworthiness of results obtained from digital investigations is presented. Case Based Reasoning Forensic Auditor (CBR-FA) is a method by which results from previous digital forensic examinations are stored and reused to audit current digital forensic investigations. CBR-FA provides a method for evaluating digital forensic investigations in order to provide a practitioner with a level of reassurance that evidence that is relevant to their case has not been missed. The structure of CBR-FA is discussed as are the methodologies it incorporates as part of its auditing functionality.

Original language	English
Title of host publication	Proc. of the 11th IEEE Int. Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 - 11th IEEE Int. Conference on Ubiquitous Computing and Communications, IUCC-2012
Pages	682-689
Number of pages	8
DOIs	https://doi.org/10.1109/TrustCom.2012.18
Publication status	Published - 5 Nov 2012
Event	11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications - Liverpool, United Kingdom Duration: 25 Jun 2012 → 27 Jun 2012

Conference

Conference	11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications
Abbreviated title	TrustCom-2012
Country/Territory	United Kingdom
City	Liverpool
Period	25/06/12 → 27/06/12

Access to Document

10.1109/TrustCom.2012.18

Cite this

Horsman, G., Laing, C., & Vickers, P. (2012). A case based reasoning framework for improving the trustworthiness of digital forensic investigations. In Proc. of the 11th IEEE Int. Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 - 11th IEEE Int. Conference on Ubiquitous Computing and Communications, IUCC-2012 (pp. 682-689). Article 6296036 https://doi.org/10.1109/TrustCom.2012.18

Horsman, Graeme ; Laing, Christopher ; Vickers, Paul. / A case based reasoning framework for improving the trustworthiness of digital forensic investigations. Proc. of the 11th IEEE Int. Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 - 11th IEEE Int. Conference on Ubiquitous Computing and Communications, IUCC-2012. 2012. pp. 682-689

@inproceedings{e31700351d2a461e8d2cec441f06ae04,

title = "A case based reasoning framework for improving the trustworthiness of digital forensic investigations",

abstract = "A novel concept for improving the trustworthiness of results obtained from digital investigations is presented. Case Based Reasoning Forensic Auditor (CBR-FA) is a method by which results from previous digital forensic examinations are stored and reused to audit current digital forensic investigations. CBR-FA provides a method for evaluating digital forensic investigations in order to provide a practitioner with a level of reassurance that evidence that is relevant to their case has not been missed. The structure of CBR-FA is discussed as are the methodologies it incorporates as part of its auditing functionality.",

author = "Graeme Horsman and Christopher Laing and Paul Vickers",

year = "2012",

month = nov,

day = "5",

doi = "10.1109/TrustCom.2012.18",

language = "English",

isbn = "9780769547459",

pages = "682--689",

booktitle = "Proc. of the 11th IEEE Int. Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 - 11th IEEE Int. Conference on Ubiquitous Computing and Communications, IUCC-2012",

note = "11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 ; Conference date: 25-06-2012 Through 27-06-2012",

}

Horsman, G, Laing, C & Vickers, P 2012, A case based reasoning framework for improving the trustworthiness of digital forensic investigations. in Proc. of the 11th IEEE Int. Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 - 11th IEEE Int. Conference on Ubiquitous Computing and Communications, IUCC-2012., 6296036, pp. 682-689, 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, Liverpool, United Kingdom, 25/06/12. https://doi.org/10.1109/TrustCom.2012.18

A case based reasoning framework for improving the trustworthiness of digital forensic investigations. / Horsman, Graeme; Laing, Christopher; Vickers, Paul.
Proc. of the 11th IEEE Int. Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 - 11th IEEE Int. Conference on Ubiquitous Computing and Communications, IUCC-2012. 2012. p. 682-689 6296036.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - A case based reasoning framework for improving the trustworthiness of digital forensic investigations

AU - Horsman, Graeme

AU - Laing, Christopher

AU - Vickers, Paul

PY - 2012/11/5

Y1 - 2012/11/5

N2 - A novel concept for improving the trustworthiness of results obtained from digital investigations is presented. Case Based Reasoning Forensic Auditor (CBR-FA) is a method by which results from previous digital forensic examinations are stored and reused to audit current digital forensic investigations. CBR-FA provides a method for evaluating digital forensic investigations in order to provide a practitioner with a level of reassurance that evidence that is relevant to their case has not been missed. The structure of CBR-FA is discussed as are the methodologies it incorporates as part of its auditing functionality.

AB - A novel concept for improving the trustworthiness of results obtained from digital investigations is presented. Case Based Reasoning Forensic Auditor (CBR-FA) is a method by which results from previous digital forensic examinations are stored and reused to audit current digital forensic investigations. CBR-FA provides a method for evaluating digital forensic investigations in order to provide a practitioner with a level of reassurance that evidence that is relevant to their case has not been missed. The structure of CBR-FA is discussed as are the methodologies it incorporates as part of its auditing functionality.

UR - https://www.scopus.com/pages/publications/84868098350

U2 - 10.1109/TrustCom.2012.18

DO - 10.1109/TrustCom.2012.18

M3 - Conference contribution

AN - SCOPUS:84868098350

SN - 9780769547459

SP - 682

EP - 689

BT - Proc. of the 11th IEEE Int. Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 - 11th IEEE Int. Conference on Ubiquitous Computing and Communications, IUCC-2012

T2 - 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications

Y2 - 25 June 2012 through 27 June 2012

ER -

Horsman G, Laing C, Vickers P. A case based reasoning framework for improving the trustworthiness of digital forensic investigations. In Proc. of the 11th IEEE Int. Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 - 11th IEEE Int. Conference on Ubiquitous Computing and Communications, IUCC-2012. 2012. p. 682-689. 6296036 doi: 10.1109/TrustCom.2012.18

A case based reasoning framework for improving the trustworthiness of digital forensic investigations

Abstract

Conference

Access to Document

Other files and links

Fingerprint

Cite this