Abstract
In this paper, we have proposed the design of an efficient computer forensics investigation framework. The proposed framework improves the investigation efficiency using Data Warehouse (DW) concept, which provides a selective evidence identification, collection and analysis. So, only relevant data is investigated instead of investigating the entire user data. The proposed framework consists of a Data Warehouse Engine (DWE) to selectively identify, collect and analyze digital evidences from multiple digital resources. A Digital Evidence Preservation (DEP) mechanism is also introduced for preservation of the collected digital evidences whose authenticity is ensured using cryptographic techniques. An access control mechanism is implemented to allow only authorized investigator to access the preserved digital evidences. The DEP mechanism provides court of law with a Secure Forensic Audit Trial (SFAT) that helps in tracking happened activities on the collected evidences for ensuring the authenticity and reliability of the presented digital evidence.
Author supplied keywords
Cite
CITATION STYLE
Halboob, W., Mahmod, R., Abulaish, M., Abbas, H., & Saleem, K. (2015). Data Warehousing Based Computer Forensics Investigation Framework. In Proceedings - 12th International Conference on Information Technology: New Generations, ITNG 2015 (pp. 163–168). Institute of Electrical and Electronics Engineers Inc. https://doi.org/10.1109/ITNG.2015.31
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
