Digital Forensics and Cyber Crime. 10th International EAI Conference, ICDF2C 2018, New Orleans, LA, USA, September 10–12, 2018, Proceedings

Research Article

A Digital Forensic Investigation and Verification Model for Industrial Espionage

Download
842 downloads
  • @INPROCEEDINGS{10.1007/978-3-030-05487-8_7,
        author={Jieun Dokko and Michael Shin},
        title={A Digital Forensic Investigation and Verification Model for Industrial Espionage},
        proceedings={Digital Forensics and Cyber Crime. 10th International EAI Conference, ICDF2C 2018, New Orleans, LA, USA, September 10--12, 2018, Proceedings},
        proceedings_a={ICDF2C},
        year={2019},
        month={1},
        keywords={Digital forensic investigation Digital evidence verification Evidence prioritization Behavioral evidence analysis Digital forensics triage Industrial espionage},
        doi={10.1007/978-3-030-05487-8_7}
    }
    
  • Jieun Dokko
    Michael Shin
    Year: 2019
    A Digital Forensic Investigation and Verification Model for Industrial Espionage
    ICDF2C
    Springer
    DOI: 10.1007/978-3-030-05487-8_7
Jieun Dokko,*, Michael Shin1,*
  • 1: Texas Tech University
*Contact email: jieun.dokko@ttu.edu, michael.shin@ttu.edu

Abstract

This paper describes a digital forensic investigation and verification model for industrial espionage (DEIV-IE) focusing on insider data thefts at the company level. This model aims to advance the state-of practice in forensic investigation and to verify evidence sufficiency of industrial espionage cases by incorporating the crime specific features and analysis techniques of digital evidence. The model is structured with six phases: file reduction, file classification, crime feature identification, evidence mapping, evidence sufficiency verification, and documentations. In particular, we focus on characterizing crime features that have multiple aspects of commonalities in crime patterns in industrial espionage; and the evidence sufficiency verification that is a verification procedure for digital evidence sufficiency for court decision using these crime features. This model has been developed based on analysis of five industrial espionage cases and the literature review, being validated with three additional cases in terms of the effectiveness of the model.