• DocumentCode
    1924847
  • Title

    Enhancing Computer Forensics Investigation through Visualisation and Data Exploitation

  • Author

    Osborne, Grant ; Turnbull, Benjamin

  • Author_Institution
    Defence & Syst. Inst., Univ. of South Australia, Adelaide, SA
  • fYear
    2009
  • fDate
    16-19 March 2009
  • Firstpage
    1012
  • Lastpage
    1017
  • Abstract
    This paper focuses on establishing the need for new architectures on which to build visualisation systems that enhance computer forensic investigation of digital evidence. The issues surrounding processing of large quantities of digital evidence are established. In addition, the current state of visualisation and data analysis techniques for computer forensics are highlighted. This paper suggests need for new visualisation techniques in order to display data in familiar visual forms that facilitate efficient insight gaining into digital evidence. Visualisations techniques also require a source of processed data that contains context relevant information to present to an investigator. To this end this paper introduces the notion of data exploitation as a way to describe techniques that provide opportunistic data analysis across multiple sources of digital evidence. Data exploitation techniques provide normalisation techniques, event correlation, relationship extraction and investigative domain knowledge processing to occur across a set of evidence. This enables a visual representation of digital evidence to highlight relationships and events across many data sources, support an investigator throughout the entire data analysis process and enable an investigator to focus on the context of the current crime.
  • Keywords
    data analysis; data visualisation; security of data; computer forensics; data analysis techniques; data exploitation techniques; data visualisation systems; digital evidence; domain knowledge processing; normalisation techniques; Application software; Australia; Computer architecture; Computer displays; Data analysis; Data mining; Data visualization; Forensics; Humans; Portable computers; Computer Forensics; Data Exploitation; Digital Evidence; Visual Data Analysis; Visualisation;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability and Security, 2009. ARES '09. International Conference on
  • Conference_Location
    Fukuoka
  • Print_ISBN
    978-1-4244-3572-2
  • Electronic_ISBN
    978-0-7695-3564-7
  • Type

    conf

  • DOI
    10.1109/ARES.2009.120
  • Filename
    5066603
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1924847