Title :
A Discussion of Visualization Techniques for the Analysis of Digital Evidence
Author :
Schrenk, Gerald ; Poisel, Rainer
Author_Institution :
Inst. of IT Security Res., Univ. of Appl. Sci. St. Poelten, St. Polten, Austria
Abstract :
Digital crimes are increasing, so is the need for improvements in digital forensics. With the growth of storage capacity these digital forensic investigations are getting more difficult. Visualization allows for displaying big amounts of data at once, so a foresic investigator is able to maintain an overlook about the whole case. Through zooming it is possible to analyze interesting parts of evidence without losing the general view. This paper gives an overview of data classification, data sources and a classification of available techniques. Different state of the art tools for visualization of frequency, timelines, e-mails and logging data are discussed. Further details on how these tools support the digital forensics progress through visualization are given. Finally a comparison between conventional approaches and visualization techniques is presented. The benefit for the reader is to get a quick overview of the state-of-the-art of visualization techniques for processing digital evidence.
Keywords :
computer crime; computer forensics; data visualisation; electronic mail; data classification; data source; digital crimes; digital evidence; digital forensics; e-mail; logging data; storage capacity; visualization; Data visualization; Digital forensics; Electronic mail; Media; Security; Three dimensional displays; digital forensics; timeline; timestamp; visualization;
Conference_Titel :
Availability, Reliability and Security (ARES), 2011 Sixth International Conference on
Conference_Location :
Vienna
Print_ISBN :
978-1-4577-0979-1
Electronic_ISBN :
978-0-7695-4485-4
DOI :
10.1109/ARES.2011.119
