A Digital Evidence Certainty Descriptors (DECDs) for digital forensics

Graeme Horsman

Research output: Contribution to journalArticlepeer-review

142 Downloads (Pure)

Abstract

Whilst many other traditional forensic science disciplines are encouraged to describe the weight of their evidence in some form of quantifiable measurement/expression, this is rarely done in digital forensics. There are calls to rectify this situation, suggesting that the field should begin to develop more robust, scientific methods for evaluating the digital evidence presented by it’s practitioners. Whilst such a recommendation carries a number of potential benefits, caution must be exercised as at present there are no available satisfactory methods for achieving this. This work suggests that attaining such methods may not actually be possible due to the intricacies of digital data and the difficulties involved with the fine-grained interpretation of events. As a result it is argued that attempts to quantify any uncertainty should be abandoned in favour of methods which reliably describe when uncertainty exists and in what capacity. Here, the Digital Evidence Certainty Descriptors (DECDs) framework is offered as a method for conveying when uncertainty exists in a set of digital findings. The DECDs framework is discussed and applied to working examples to demonstrate the difficulties involved with determining the authenticity of a given hypothesis regarding digital evidence.
Original languageEnglish
JournalForensic Science International: Digital Investigation
Publication statusAccepted/In press - 17 Nov 2019

Fingerprint

Dive into the research topics of 'A Digital Evidence Certainty Descriptors (DECDs) for digital forensics'. Together they form a unique fingerprint.

Cite this