Challenges to digital forensics: A survey of researchers & practitioners attitudes and opinions

2013 Information Security for South Africa Pub Date : 2013-10-21 DOI:10.1109/ISSA.2013.6641058

M. A. Fahdi, N. Clarke, S. Furnell

{"title":"Challenges to digital forensics: A survey of researchers & practitioners attitudes and opinions","authors":"M. A. Fahdi, N. Clarke, S. Furnell","doi":"10.1109/ISSA.2013.6641058","DOIUrl":null,"url":null,"abstract":"Digital forensics have become increasingly important as an approach to investigate cyber- and computer-assisted crime. Whilst many tools exist and much research is being undertaken, many questions exist regarding the future of the domain. Indeed, prior literature has widely published the challenges that exist within the domain, from the increasing volume of data (e.g. SANs, hard drive capacities, databases) to the varying technology platforms and systems that exist (e.g. tablets, mobile phones, embedded systems, cloud computing). However, little effort has focused upon understanding the reality of these challenges. The paper presents research that seeks to identify, quantify and prioritise these challenges so that future efforts can be concentrated on the issues that actually affect the domain. The study undertook a survey of researchers and practitioners (both law enforcement and organisational) to examine the real-challenges from the perceived challenges and to understand what effect the future will have upon the digital forensic domain. A total of 42 participants undertook the study with 55% having 3 or more years of of experience. 45% were academic researchers, 16% law enforcement and 31% had a forensic role within an organisation. Overwhelmingly, 93% of participants felt that the number and complexity of investigations would increase in the future. Apart from the plethora of findings elaborated in the paper, the principal future challenge priorities included cloud computing, anti-forensics and encryption. Respondents also identified, improving communication between researchers and practitioners and the need to develop approaches to identify and extract “significant data” through techniques such as criminal profiling as essential. Interestingly, participants did not feel that the growth in privacy enhancing technologies nor legislation was a significant inhibitor to the future of digital forensics.","PeriodicalId":300864,"journal":{"name":"2013 Information Security for South Africa","volume":"5 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"58","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 Information Security for South Africa","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISSA.2013.6641058","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 58

Abstract

Digital forensics have become increasingly important as an approach to investigate cyber- and computer-assisted crime. Whilst many tools exist and much research is being undertaken, many questions exist regarding the future of the domain. Indeed, prior literature has widely published the challenges that exist within the domain, from the increasing volume of data (e.g. SANs, hard drive capacities, databases) to the varying technology platforms and systems that exist (e.g. tablets, mobile phones, embedded systems, cloud computing). However, little effort has focused upon understanding the reality of these challenges. The paper presents research that seeks to identify, quantify and prioritise these challenges so that future efforts can be concentrated on the issues that actually affect the domain. The study undertook a survey of researchers and practitioners (both law enforcement and organisational) to examine the real-challenges from the perceived challenges and to understand what effect the future will have upon the digital forensic domain. A total of 42 participants undertook the study with 55% having 3 or more years of of experience. 45% were academic researchers, 16% law enforcement and 31% had a forensic role within an organisation. Overwhelmingly, 93% of participants felt that the number and complexity of investigations would increase in the future. Apart from the plethora of findings elaborated in the paper, the principal future challenge priorities included cloud computing, anti-forensics and encryption. Respondents also identified, improving communication between researchers and practitioners and the need to develop approaches to identify and extract “significant data” through techniques such as criminal profiling as essential. Interestingly, participants did not feel that the growth in privacy enhancing technologies nor legislation was a significant inhibitor to the future of digital forensics.

查看原文本刊更多论文

数字取证的挑战:研究人员和从业者的态度和意见的调查

作为一种调查网络和计算机辅助犯罪的方法，数字取证已经变得越来越重要。虽然存在许多工具，并且正在进行许多研究，但关于该领域的未来存在许多问题。事实上，先前的文献已经广泛地发表了该领域内存在的挑战，从不断增加的数据量(例如san，硬盘驱动器容量，数据库)到现有的各种技术平台和系统(例如平板电脑，移动电话，嵌入式系统，云计算)。然而，很少有人致力于理解这些挑战的现实。本文提出了旨在识别、量化和优先考虑这些挑战的研究，以便未来的努力可以集中在实际影响该领域的问题上。该研究对研究人员和从业人员(包括执法部门和组织)进行了调查，以从感知到的挑战中审视实际挑战，并了解未来对数字取证领域的影响。共有42名参与者参与了这项研究，其中55%的人有三年或三年以上的工作经验。45%是学术研究人员，16%是执法人员，31%在组织中扮演法医角色。绝大多数，93%的参与者认为未来调查的数量和复杂性将会增加。除了论文中阐述的大量发现外，未来的主要挑战优先事项包括云计算、反取证和加密。受访者还指出，改善研究人员和从业人员之间的沟通，以及开发通过犯罪侧写等技术识别和提取“重要数据”的方法的必要性至关重要。有趣的是，参与者并不认为隐私增强技术和立法的发展是数字取证未来的重大阻碍。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2013 Information Security for South Africa

自引率

0.00%

发文量