Title :
Unifying computer forensics modeling approaches: a software engineering perspective
Author :
Bogen, A. Chris ; Dampier, David A.
Author_Institution :
US Army Corps of Eng., Vicksburg, MS, USA
Abstract :
As an effort to introduce formalism into computer forensics, researchers have presented various modeling techniques for planning, analysis, and documentation of forensics activities. These modeling techniques provide representations of various forensics subjects such as investigative processes, chain of events, and evidence tests. From a software engineering perspective, it seems that several of these computer forensics modeling approaches may be unified to create a more complete, multi-view modeling methodology for examination planning and analysis. This paper proposes a core set of modeling views for a unified computer forensics modeling methodology: investigative process view, case domain view, and, evidence view. An example email threat case scenario is used as the context for a multi-view modeling example.
Keywords :
security of data; software engineering; computer forensics modeling approach; email threat; multiview modeling methodology; software engineering; Application software; Computer science; Concrete; Context modeling; Documentation; Forensics; Military computing; Software engineering; Testing; Unified modeling language;
Conference_Titel :
Systematic Approaches to Digital Forensic Engineering, 2005. First International Workshop on
Print_ISBN :
0-7695-2478-8
DOI :
10.1109/SADFE.2005.27
