Digital Forensics and Cyber Crime. Second International ICST Conference, ICDF2C 2010, Abu Dhabi, United Arab Emirates, October 4-6, 2010, Revised Selected Papers

Research Article

Semantic Modelling of Digital Forensic Evidence

Download
648 downloads
  • @INPROCEEDINGS{10.1007/978-3-642-19513-6_13,
        author={Damir Kahvedžić and Tahar Kechadi},
        title={Semantic Modelling of Digital Forensic Evidence},
        proceedings={Digital Forensics and Cyber Crime. Second International ICST Conference, ICDF2C 2010, Abu Dhabi, United Arab Emirates, October 4-6, 2010, Revised Selected Papers},
        proceedings_a={ICDF2C},
        year={2012},
        month={5},
        keywords={Ontology Investigation Results Modelling Reporting},
        doi={10.1007/978-3-642-19513-6_13}
    }
    
  • Damir Kahvedžić
    Tahar Kechadi
    Year: 2012
    Semantic Modelling of Digital Forensic Evidence
    ICDF2C
    Springer
    DOI: 10.1007/978-3-642-19513-6_13
Damir Kahvedžić1,*, Tahar Kechadi1
  • 1: University College Dublin
*Contact email: damir.kahvedzic@ucd.ie

Abstract

The reporting of digital investigation results are traditionally carried out in prose and in a large investigation may require successive communication of findings between different parties. Popular forensic suites aid in the reporting process by storing provenance and positional data but do not automatically encode why the evidence is considered important. In this paper we introduce an evidence management methodology to encode the semantic information of evidence. A structured vocabulary of terms, ontology, is used to model the results in a logical and predefined manner. The descriptions are application independent and automatically organised. The encoded descriptions aim to help the investigation in the task of report writing and evidence communication and can be used in addition to existing evidence management techniques.