On the Network Performance of Digital Evidence Acquisition of Small Scale Devices over Public Networks
2015 (English)In: The Journal of Digital Forensics, Security and Law, ISSN 1558-7215, E-ISSN 1558-7223, Vol. 10, no 3, 59-86 p.Article in journal (Refereed) Published
While cybercrime proliferates – becoming more complex and surreptitious on the Internet – the tools and techniques used in performing digital investigations are still largely lagging behind, effectively slowing down law enforcement agencies at large. Real-time remote acquisition of digital evidence over the Internet is still an elusive ideal in the combat against cybercrime. In this paper we briefly describe the architecture of a comprehensive proactive digital investigation system that is termed as the Live Evidence Information Aggregator (LEIA). This system aims at collecting digital evidence from potentially any device in real time over the Internet. Particular focus is made on the importance of the efficiency of the network communication in the evidence acquisition phase, in order to retrieve potentially evidentiary information remotely and with immediacy. Through a proof of concept implementation, we demonstrate the live, remote evidence capturing capabilities of such a system on small scale devices, highlighting the necessity for better throughput and availability envisioned through the use of Peer-to-Peer overlays.
Place, publisher, year, edition, pages
2015. Vol. 10, no 3, 59-86 p.
Digital Forensics, Digital Evidence, Remote acquisition, Proactive forensics, Mobile devices, P2P, Network performance Availability
Research subject Computer and Systems Sciences
IdentifiersURN: urn:nbn:se:su:diva-122847ISI: 000363877200004OAI: oai:DiVA.org:su-122847DiVA: diva2:868517