• DocumentCode
    3233661
  • Title

    Unifying computer forensics modeling approaches: a software engineering perspective

  • Author

    Bogen, A. Chris ; Dampier, David A.

  • Author_Institution
    US Army Corps of Eng., Vicksburg, MS, USA
  • fYear
    2005
  • fDate
    7-9 Nov. 2005
  • Firstpage
    27
  • Lastpage
    39
  • Abstract
    As an effort to introduce formalism into computer forensics, researchers have presented various modeling techniques for planning, analysis, and documentation of forensics activities. These modeling techniques provide representations of various forensics subjects such as investigative processes, chain of events, and evidence tests. From a software engineering perspective, it seems that several of these computer forensics modeling approaches may be unified to create a more complete, multi-view modeling methodology for examination planning and analysis. This paper proposes a core set of modeling views for a unified computer forensics modeling methodology: investigative process view, case domain view, and, evidence view. An example email threat case scenario is used as the context for a multi-view modeling example.
  • Keywords
    security of data; software engineering; computer forensics modeling approach; email threat; multiview modeling methodology; software engineering; Application software; Computer science; Concrete; Context modeling; Documentation; Forensics; Military computing; Software engineering; Testing; Unified modeling language;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Systematic Approaches to Digital Forensic Engineering, 2005. First International Workshop on
  • Print_ISBN
    0-7695-2478-8
  • Type

    conf

  • DOI
    10.1109/SADFE.2005.27
  • Filename
    1592519
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3233661