Syed Naqvi, Digital Investigations and Forensic Analysis - Practices and Technologies, Sixth International Conference on Digital Society (ICDS 2012), January 30 - February 4, 2012 - Valencia, Spain, accepted.
Digital forensics analysis is usually seen as a specialised domain of information and communication technologies (ICT) that is employed when a serious crime involving ICT is committed. It is by and large seen as a responsibility of the computer crime units of law enforcement agencies to conduct examinations of the ICT resources used in a crime. Likewise, until a few decades ago, computer and network security had a perception of defence utility for military establishments. But now computer and network security has become a commodity of every corporate system and home PC. Today’s businesses are feeling the need of efficient monitoring mechanisms to protect them from emerging commercial threats such as competitor analysis and steganalysis. The staff members of an enterprise ICT teams are therefore required to acquire the digital forensics analysis skills and the corresponding investigation tools. This trend is experiencing a significant shift in the recent years as the commercial interests of corporate sector increasingly require the post-incident analysis capabilities to ensure business continuity.
This tutorial will provide an insight into the technical, legal and societal aspects of digital investigations and forensic analysis. The tutorial will provide a set of best practices for carrying out forensics analysis of different kinds of devices and systems. The tutorial will highlight the role of digital forensics in enterprise information architecture. It will present a framework for embedding digital forensics analysis techniques at various stages of corporate ICT lifecycle. The tutorial will provide pragmatic analysis of the perception of privacy in the cyber realm especially related to personal data and its analysis by third parties. The tutorial will also provide an overview of the emerging challenges in this field mainly due to the virtualisation and decentralisation of computing and networking infrastructures across geopolitical borders.