Computer Science Seminar
Thursday, September 28, 2006
11-12pm, SB111
Analytic Tools for Digital Forensics
David Dampier,
Host: Wai Gen
Yee
Abstract:
In any forensic investigation, planning and analysis activities are required in order to determine what digital media will be seized, what types of information will be sought in the examination, and how the examination will be conducted. Existing literature and suggested practices indicate that such planning should occur, but few tools provide support for such activities. Planning an examination may be an essential activity when investigators and technicians are faced with unfamiliar case types or unusually complex, large-scale cases. In complex, large-scale cases, it is critical that the investigators provide computer forensics technicians with the appropriate amount of case data supplemented with keyword lists; too much case data or too little case data can make the forensics technician’s task very difficult.
This talk will present the concept for a novel application of ontology/domain modeling (known as case domain modeling) as a structured approach for analyzing case facts, identifying the most relevant case concepts, determining the critical relationships between these concepts, and documenting this information. This method may be considered as a foundational analytical technique in computer forensics that may serve as the basis for useful semi-automated tools. An example case domain model will be presented, the method for constructing a case domain model will be described, and applications for case domain modeling will be presented.
About David Dampier:
Dr.
Dave Dampier is an Associate Professor and Undergraduate Coordinator in the
Department of Computer Science and Engineering at