期刊名称:Journal of Digital Forensics, Security and Law
印刷版ISSN:1558-7215
电子版ISSN:1558-7223
出版年度:2014
卷号:9
期号:3
页码:3
出版社:Association of Digital Forensics, Security and Law
摘要:In this work, a survey was conducted to help quantify the relevance of nineteen types of evidence (such as SMS) to seven types of digital investigations associated with mobile devices (MD) (such as child pornography). 97 % of the respondents agreed that every type of digital evidence has a different level of relevance to further or solve a particular investigation. From 55 serious participants, a dataset of 5,772 responses regarding the relevance of nineteen types of digital evidence for all the seven types of digital investigations was obtained. The results showed that (i) SMS belongs to the most relevant type of digital evidence for all the seven types of investigations; (ii) MMS belongs to the most relevant type of digital evidence for all the types of digital investigations except espionage and eavesdropping where it is the second most relevant type of digital evidence; (iii) Phonebook and Contacts is the most relevant type of digital evidence for all types of digital investigations except child pornography; (iv) Audio Calls is the most relevant type of digital evidence for all types of digital investigations except credit card fraud and child pornography; and (v) Standalone Files are the least relevant type of digital evidence for most of the digital investigations. The size of the response dataset was fairly reasonable to analyze and then delineate by generalization, relevance based best practices for mobile device forensics, which can supplement any forensics process model, including digital triage. For the reliability of these best practices, the impact of responses from the participants with more than five years of experience was analyzed by using one hundred and thirty three (133) instances of One-Way ANOVA tests. The results of this research can help investigators concentrate on the relevant types of digital evidence when investigating a specific case, consequently saving time and effort.
关键词:digital forensics; mobile device forensics; digital triage; digital evidence; relevance of digital evidence; best practices for mobile device forensics.
