The Standardised Digital Forensic Investigation Process Model (SDFIPM)

Amin Hosseinian-Far, Reza Montasari, Richard Hill, Victoria Carpenter

Research output: Contribution to Book/Report typesChapter

Abstract

The field of digital forensics still lacks formal process models that courts can employ to determine the reliability of the process followed in a digital investigation. The existing models have often been developed by digital forensic practitioners, based on their own personal experience and on an ad-hoc basis, without attention to the establishment of standardisation within the field. This has prevented the institution of the formal processes that are urgently required. Moreover, as digital forensic investigators often operate within different fields of law enforcement, commerce and incident response, the existing models have often tended to focus on one particular field and have failed to consider all the environments. This has hindered the development of a generic model that can be applied in all the three stated fields of digital forensics. To address these shortcomings, this paper makes a novel contribution by proposing the Advanced Investigative Process Model (the SDFIPM) for Conducting Digital Forensic Investigations, encompassing the ‘middle part’ of the digital investigative process, which is formal in that it synthesizes, harmonises and extends the existing models, and which is generic in that it can be applied in the three fields of law enforcement, commerce and incident response.
Original languageEnglish
Title of host publicationBlockchain and Clinical Trial
Subtitle of host publicationSecuring Patient Data
EditorsHamid Jahankhani, Stefan Kendzierskyj, Arshad Jamal, Gregory Epiphaniou, Haidar Al-Khateeb
PublisherSpringer
Chapter8
Pages169-209
Number of pages41
ISBN (Electronic)978-3-030-11289-9
ISBN (Print)978-3-030-11288-2
DOIs
Publication statusPublished - 6 May 2019

Publication series

NameAdvanced Sciences and Technologies for Security Application
PublisherSpringer
ISSN (Electronic)1613-5113

Fingerprint

law enforcement
commerce
incident
lack
experience

Cite this

Hosseinian-Far, A., Montasari, R., Hill, R., & Carpenter, V. (2019). The Standardised Digital Forensic Investigation Process Model (SDFIPM). In H. Jahankhani, S. Kendzierskyj, A. Jamal, G. Epiphaniou, & H. Al-Khateeb (Eds.), Blockchain and Clinical Trial: Securing Patient Data (pp. 169-209). (Advanced Sciences and Technologies for Security Application). Springer. https://doi.org/10.1007/978-3-030-11289-9
Hosseinian-Far, Amin ; Montasari, Reza ; Hill, Richard ; Carpenter, Victoria. / The Standardised Digital Forensic Investigation Process Model (SDFIPM). Blockchain and Clinical Trial: Securing Patient Data. editor / Hamid Jahankhani ; Stefan Kendzierskyj ; Arshad Jamal ; Gregory Epiphaniou ; Haidar Al-Khateeb. Springer, 2019. pp. 169-209 (Advanced Sciences and Technologies for Security Application).
@inbook{ac42e93520f04d8f900a9ca2b02dd17c,
title = "The Standardised Digital Forensic Investigation Process Model (SDFIPM)",
abstract = "The field of digital forensics still lacks formal process models that courts can employ to determine the reliability of the process followed in a digital investigation. The existing models have often been developed by digital forensic practitioners, based on their own personal experience and on an ad-hoc basis, without attention to the establishment of standardisation within the field. This has prevented the institution of the formal processes that are urgently required. Moreover, as digital forensic investigators often operate within different fields of law enforcement, commerce and incident response, the existing models have often tended to focus on one particular field and have failed to consider all the environments. This has hindered the development of a generic model that can be applied in all the three stated fields of digital forensics. To address these shortcomings, this paper makes a novel contribution by proposing the Advanced Investigative Process Model (the SDFIPM) for Conducting Digital Forensic Investigations, encompassing the ‘middle part’ of the digital investigative process, which is formal in that it synthesizes, harmonises and extends the existing models, and which is generic in that it can be applied in the three fields of law enforcement, commerce and incident response.",
author = "Amin Hosseinian-Far and Reza Montasari and Richard Hill and Victoria Carpenter",
year = "2019",
month = "5",
day = "6",
doi = "10.1007/978-3-030-11289-9",
language = "English",
isbn = "978-3-030-11288-2",
series = "Advanced Sciences and Technologies for Security Application",
publisher = "Springer",
pages = "169--209",
editor = "Hamid Jahankhani and Stefan Kendzierskyj and Arshad Jamal and Gregory Epiphaniou and Haidar Al-Khateeb",
booktitle = "Blockchain and Clinical Trial",

}

Hosseinian-Far, A, Montasari, R, Hill, R & Carpenter, V 2019, The Standardised Digital Forensic Investigation Process Model (SDFIPM). in H Jahankhani, S Kendzierskyj, A Jamal, G Epiphaniou & H Al-Khateeb (eds), Blockchain and Clinical Trial: Securing Patient Data. Advanced Sciences and Technologies for Security Application, Springer, pp. 169-209. https://doi.org/10.1007/978-3-030-11289-9

The Standardised Digital Forensic Investigation Process Model (SDFIPM). / Hosseinian-Far, Amin; Montasari, Reza; Hill, Richard; Carpenter, Victoria.

Blockchain and Clinical Trial: Securing Patient Data. ed. / Hamid Jahankhani; Stefan Kendzierskyj; Arshad Jamal; Gregory Epiphaniou; Haidar Al-Khateeb. Springer, 2019. p. 169-209 (Advanced Sciences and Technologies for Security Application).

Research output: Contribution to Book/Report typesChapter

TY - CHAP

T1 - The Standardised Digital Forensic Investigation Process Model (SDFIPM)

AU - Hosseinian-Far, Amin

AU - Montasari, Reza

AU - Hill, Richard

AU - Carpenter, Victoria

PY - 2019/5/6

Y1 - 2019/5/6

N2 - The field of digital forensics still lacks formal process models that courts can employ to determine the reliability of the process followed in a digital investigation. The existing models have often been developed by digital forensic practitioners, based on their own personal experience and on an ad-hoc basis, without attention to the establishment of standardisation within the field. This has prevented the institution of the formal processes that are urgently required. Moreover, as digital forensic investigators often operate within different fields of law enforcement, commerce and incident response, the existing models have often tended to focus on one particular field and have failed to consider all the environments. This has hindered the development of a generic model that can be applied in all the three stated fields of digital forensics. To address these shortcomings, this paper makes a novel contribution by proposing the Advanced Investigative Process Model (the SDFIPM) for Conducting Digital Forensic Investigations, encompassing the ‘middle part’ of the digital investigative process, which is formal in that it synthesizes, harmonises and extends the existing models, and which is generic in that it can be applied in the three fields of law enforcement, commerce and incident response.

AB - The field of digital forensics still lacks formal process models that courts can employ to determine the reliability of the process followed in a digital investigation. The existing models have often been developed by digital forensic practitioners, based on their own personal experience and on an ad-hoc basis, without attention to the establishment of standardisation within the field. This has prevented the institution of the formal processes that are urgently required. Moreover, as digital forensic investigators often operate within different fields of law enforcement, commerce and incident response, the existing models have often tended to focus on one particular field and have failed to consider all the environments. This has hindered the development of a generic model that can be applied in all the three stated fields of digital forensics. To address these shortcomings, this paper makes a novel contribution by proposing the Advanced Investigative Process Model (the SDFIPM) for Conducting Digital Forensic Investigations, encompassing the ‘middle part’ of the digital investigative process, which is formal in that it synthesizes, harmonises and extends the existing models, and which is generic in that it can be applied in the three fields of law enforcement, commerce and incident response.

UR - http://link.springer.com/10.1007/978-3-030-11289-9

UR - http://www.mendeley.com/research/blockchain-clinical-trialsecuring-patient-data

U2 - 10.1007/978-3-030-11289-9

DO - 10.1007/978-3-030-11289-9

M3 - Chapter

SN - 978-3-030-11288-2

T3 - Advanced Sciences and Technologies for Security Application

SP - 169

EP - 209

BT - Blockchain and Clinical Trial

A2 - Jahankhani, Hamid

A2 - Kendzierskyj, Stefan

A2 - Jamal, Arshad

A2 - Epiphaniou, Gregory

A2 - Al-Khateeb, Haidar

PB - Springer

ER -

Hosseinian-Far A, Montasari R, Hill R, Carpenter V. The Standardised Digital Forensic Investigation Process Model (SDFIPM). In Jahankhani H, Kendzierskyj S, Jamal A, Epiphaniou G, Al-Khateeb H, editors, Blockchain and Clinical Trial: Securing Patient Data. Springer. 2019. p. 169-209. (Advanced Sciences and Technologies for Security Application). https://doi.org/10.1007/978-3-030-11289-9