Australian Digital Forensics Conference

Document Type

Conference Proceeding

Publisher

SRI Security Research Institute, Edith Cowan University, Perth, Western Australia

Abstract

Digital Triage is the initial, rapid screening of electronic devices as a precursor to full forensic analysis. Triage has numerous benefits including resource prioritisation, greater involvement of criminal investigators and the rapid provision of initial outcomes. In traditional scientific forensics and criminology, certain behavioural attributes and character traits can be identified and used to construct a case profile to focus an investigation and narrow down a list of suspects. This research introduces the Triage Modelling Tool (TMT), that uses a profiling approach to identify how offenders utilise and structure files through the creation of file system models. Results from the TMT have proven to be extremely promising when compared to Encase’s similar in-built functionality, which provides a strong justification for future work within this area.

Comments

This paper was originally presented at The Proceedings of [the] 13th Australian Digital Forensics Conference, held from the 30 November – 2 December, 2015 (pp. 132-140), Edith Cowan University Joondalup Campus, Perth, Western Australia.

Share

 
COinS
 

Link to publisher version (DOI)

10.4225/75/57b3ff9efb892