Dream Science

DS Journal of Cyber Security (DS-CYS)

Research Article | Open Access | Download Full Text

Volume 2 | Issue 4 | Year 2024 | Article Id: CYS-V2I4P104 DOI: https://doi.org/10.59232/CYS-V2I4P104

Triage Tool For Live Digital Forensics

K. Sabitha, M.L. Aashik Harishwar, K. Jeeva, M. Nivash, R. Prasannaraj, M. Sam Britto

ReceivedRevisedAcceptedPublished
06 Oct 202411 Nov 202430 Nov 202424 Dec 2024

Citation

K. Sabitha, M.L. Aashik Harishwar, K. Jeeva, M. Nivash, R. Prasannaraj, M. Sam Britto. “Triage Tool For Live Digital Forensics.” DS Journal of Cyber Security, vol. 2, no. 4, pp. 29-37, 2024.

Abstract

Modernizing digital devices has posed considerable limitations on traditional Digital Forensics techniques in terms of scalability and efficiency. In response to this challenge, digital forensics triage has emerged, enabling rapid evidence extraction at the site of incidents, which can significantly play a role in investigations. This proactive strategy mobilizes critical resources in forensic laboratories to prioritize examination processes for deeper, more involved analyses, directly addressing backlog concerns. Recent developments in digital forensics triage have moved increasingly toward automation and Machine Learning, enhancing device classification processes and efficiency. This machine learning-based approach is distinct in that it recognizes the ability to categorize devices in a relevant and accurate manner by identifying crime-specific features. Moreover, for digital forensics triage to proliferate in use, it has to be highly accurate and integrative with workflows associated with investigations.

Keywords

Victim-sourced data, Automated evidence collection, Digital forensics triage, Victim-sourced evidence, Report generation, Natural language processing, BERT model, Evidence prioritization, Machine Learning in forensics, Automated report generation, Forensic data analysis, Data classification, Feature extraction, Forensic automation, Incident reporting, Victim-centric data collection.

References

[1] Leopoldo Sebastian M. Gomez, “Triage in-Lab: Case Backlog Reduction with Forensic Digital Profiling,” Proceedings of the Argentine Conference on Informatics and Argentine Symposium on Computing and Law, 2012.

[Google Scholar]

[2] Fabio Marturana et al., “A Quantitative Approach to Triaging in Mobile Forensics,” 2011 IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications, Changsha, China, pp. 582-588, 2011.

[CrossRef] [Google Scholar] [Publisher Link]

[3] Fabio Marturana, and Simone Tacconi, “A Machine Learning-based Triage Methodology for Automated Categorization of Digital Media,” Digital Investigation, vol. 10, no. 2, pp. 193-204, 2013.

[CrossRef] [Google Scholar] [Publisher Link]

[4] Simson L. Garfinkel, “An Automated Solution to the Multiuser Carved Data Ascription Problem,” IEEE Transactions on Information Forensics and Security, vol. 5, no. 4, pp. 868-882, 2010.

[CrossRef] [Google Scholar] [Publisher Link]

[5] Simson Garfinkel et al., “Bringing Science to Digital Forensics with Standardized Forensic Corpora,” Digital Investigation, vol. 6, pp. S2-S11, 2009.

[CrossRef] [Google Scholar] [Publisher Link]

[6] Marcus K. Rogers, “Computer Forensics Field Triage Process Model,” Journal of Digital Forensics, Security and Law, vol. 1, 2006.

[CrossRef] [Google Scholar] [Publisher Link]

[7] Fabio Marturana et al., “Mobile Forensics “Triaging”: New Directions for Methodology,” Proceedings of VIII Conference of the Italian Chapter of the Association for Information Systems (ITAIS), 2011.

[Publisher Link]

[8] W.A.J.J. Wiegerinck et al., “Approximate Inference for Medical Diagnosis,” Pattern Recognition Letters, vol. 20, no. 11-13, pp. 1231-1239, 1999.

[CrossRef] [Google Scholar] [Publisher Link]

[9] Sadeghi Sarmad, Afsaneh Barzi, and Neda Zarrin-Khameh, “Automated Medical Decision Making Utilizing Bayesian Network Knowledge Domain Modeling,” Google Patents, 2004.

[Google Scholar]

[10] Antonio Grillo et al., “Fast User Classifying to Establish Forensic Analysis Priorities,” 2009 Fifth International Conference on IT Security Incident Management and IT Forensics, Stuttgart, Germany, pp. 69-77, 2009.

[CrossRef] [Google Scholar] [Publisher Link]

[11] Jingnian Chen et al., “Feature Selection for Text Classification with Naïve Bayes,” Expert Systems with Applications, vol. 36, no. 3, part 1, pp. 5432-5435, 2009.

[CrossRef] [Google Scholar] [Publisher Link]

[12] C.H. Lee, F. Gutierrez, and D. Dou, “Calculating Feature Weights in Naive Bayes with Kullback-Leibler Measure,” 2011 IEEE 11th International Conference on Data Mining, Vancouver, BC, Canada, pp. 1146-1151, 2011.

[CrossRef] [Google Scholar] [Publisher Link]

[13] Usama M. Fayyad, and Keki B. Irani, “Multi-Interval Discretization of Continuous-Valued Attributes for Classification Learning,” International Joint Conference on Artificial Intelligence, vol. 93, no. 2, 1993.

[Google Scholar] [Publisher Link]

[14] XRFF, Weka. [Online]. Available: http://weka.wikispaces.com/XRFF

[15] Ian H. Witten, Eibe Frank, and Mark A. Hall, Data Mining: Practical Machine Learning Tools and Techniques: Practical Machine Learning Tools and Techniques, The Morgan Kaufmann Series in Data Management Systems, 2011.

[Google Scholar] [Publisher Link]

[16] M.V. Zelkowitz, and D.R. Wallace, “Experimental Models for Validating Technology,” Computer, vol. 31, no. 5, pp. 23-31, 1998.

[CrossRef] [Google Scholar] [Publisher Link]

[17]Robert Kennedy, Reigning in Fully Autonomous 'Killer Robots', 2013. [Online]. Available: https://www.aljazeera.com/indepth/features/2013/04/201344132214594527.html

[18] Gary Cantrell et al., “Research toward a Partially-Automated, and Crime Specific Digital Triage Process Model,” Computer & Information Science, vol. 5, no. 2, pp. 29-38, 2012.

[CrossRef] [Google Scholar] [Publisher Link]

[19] Karen Kent et al., “Guide to Integrating Forensic Techniques into Incident Response,” Nation al Institute of Standards and Technology, 2006.

[Google Scholar] [Publisher Link]


Triage Tool For Live Digital Forensics