As digital evidence becomes increasingly significant to criminal investigations, so does the importance of adopting the most effective approach to examining it. An ineffective exami-nation can result in evidence not being identified. Even if evidence is noted, connections may not be made between the disparate values. This thesis proposes a new classification system to gauge, select and compare digital evidence from a variety of sources. It performs this using a type of model called an ontology. This is used to map the potential location of evidence on digital devices - applying a code to each piece that is identified. The codes are then used for selection of the artefacts that are most appropriate to enquiries based on the investigative Who, What, When, Where, How and Why questions. Any evidence with the same code can be compared. In applying this ontology it is demonstrated how investigations are made more effective, and the reliability of any recovered evidence can be more easily understood.
Exploiting Digital Evidence Artefacts : Finding and joining digital dots
Brady, O. D. (Author). 2018
Student thesis: Doctoral Thesis › Doctor of Philosophy