On the Network Performance of Digital Evidence Acquisition of Small Scale Devices Over Public Networks
2015 (English)In: Proceedings of the Conference on Digital Forensics, Security and Law, Daytona Beach Florida: ASFSL - Association of Digital Forensics, Security, and Law , 2015, 105-122 p.Conference paper (Refereed)
While cybercrime proliferates – becoming more complex and surreptitious on the Internet – the tools and techniques used in performing digital investigations are still largely lagging behind, effectively slowing down law enforcement agencies at large. Real-time remote acquisition of digital evidence over the Internet is still an elusive ideal in the combat against cybercrime. In this paper we briefly describe the architecture of a comprehensive proactive digital investigation system that is termed as the Live Evidence Information Aggregator (LEIA). This system aims at collecting digital evidence from potentially any device in real time over the Internet. Particular focus is made on the importance of the efficiency of the network communication in the evidence acquisition phase, in order to retrieve potentially evidentiary information remotely and with immediacy. Through a proof of concept implementation, we demonstrate the live, remote evidence capturing capabilities of such a system on small scale devices, highlighting the necessity for better throughput envisioned through the use of Peer-to-Peer overlays.
Place, publisher, year, edition, pages
Daytona Beach Florida: ASFSL - Association of Digital Forensics, Security, and Law , 2015. 105-122 p.
, Proceedings of the Conference on Digital Forensics, Security and Law, ISSN 1931-7379
Digital Forensics, Digital Evidence, Remote acquisition, Proactive forensics, Mobile devices, P2P, Network performance
Research subject Information Systems Security
IdentifiersURN: urn:nbn:se:su:diva-128804OAI: oai:DiVA.org:su-128804DiVA: diva2:916808
10th Annual ADFSL Conference on Digital Forensics, Security and Law, Daytona Beach, Florida, May 19-21, 2015