A heuristic for maximizing investigation effectiveness of digital forensic cases involving multiple investigators. (May 2016)
- Record Type:
- Journal Article
- Title:
- A heuristic for maximizing investigation effectiveness of digital forensic cases involving multiple investigators. (May 2016)
- Main Title:
- A heuristic for maximizing investigation effectiveness of digital forensic cases involving multiple investigators
- Authors:
- Gupta, Jatinder N.D.
Kalaimannan, Ezhil
Yoo, Seong-Moo - Abstract:
- Abstract: Digital forensic investigation refers to the use of science and technology in the process of investigating a crime scene so as to maximize the effectiveness of proving the perpetrator has committed crime in a court of law. Evidences are considered to be the building block of any crime scene investigation (CSI) procedure including those involving cyber crimes. Selecting the right set of evidence and assigning the appropriate investigator for the selected evidence is vital in time critical forensic cases, in which results have to be finalized within a specified time deadline. Not doing this may lead to the scope creep problem, which is a significant issue in digital forensics. Therefore, major challenges with respect to digital forensic investigation are to determine the right set of evidences to be assigned to each of the available multiple investigators and allocate appropriate investigation time for the selected evidences to maximize the effectiveness of the investigation effort. A mixed integer linear programming (MILP) model is developed to analyze and solve the problem of evidence selection and resource allocation in a digital crime scene investigation. In view of the problem being NP-hard, a heuristic algorithm with polynomially bounded computational complexity is proposed to solve the problem. Results of extensive computational experiments to empirically evaluate its effectiveness to find an optimal or near-optimal solution are reported. Finally, this paperAbstract: Digital forensic investigation refers to the use of science and technology in the process of investigating a crime scene so as to maximize the effectiveness of proving the perpetrator has committed crime in a court of law. Evidences are considered to be the building block of any crime scene investigation (CSI) procedure including those involving cyber crimes. Selecting the right set of evidence and assigning the appropriate investigator for the selected evidence is vital in time critical forensic cases, in which results have to be finalized within a specified time deadline. Not doing this may lead to the scope creep problem, which is a significant issue in digital forensics. Therefore, major challenges with respect to digital forensic investigation are to determine the right set of evidences to be assigned to each of the available multiple investigators and allocate appropriate investigation time for the selected evidences to maximize the effectiveness of the investigation effort. A mixed integer linear programming (MILP) model is developed to analyze and solve the problem of evidence selection and resource allocation in a digital crime scene investigation. In view of the problem being NP-hard, a heuristic algorithm with polynomially bounded computational complexity is proposed to solve the problem. Results of extensive computational experiments to empirically evaluate its effectiveness to find an optimal or near-optimal solution are reported. Finally, this paper concludes with a summary of findings and some fruitful directions for future research. Abstract : Highlights: We describe a MILP model to maximize the effectiveness of a digital forensic problem. We describe sequential and parallel scenarios for the time critical forensic cases. We show that a digital forensic investigation problem is strongly NP-hard. We propose an efficient and effective heuristic to solve the digital forensic problem. We discuss extending the proposed model to solve practical digital forensic problems. … (more)
- Is Part Of:
- Computers & operations research. Volume 69(2016)
- Journal:
- Computers & operations research
- Issue:
- Volume 69(2016)
- Issue Display:
- Volume 69, Issue 2016 (2016)
- Year:
- 2016
- Volume:
- 69
- Issue:
- 2016
- Issue Sort Value:
- 2016-0069-2016-0000
- Page Start:
- 1
- Page End:
- 9
- Publication Date:
- 2016-05
- Subjects:
- Digital forensics -- Crime scene investigation -- NP-hardness -- Mixed integer programming -- Heuristic solution -- Computational results
Operations research -- Periodicals
Electronic digital computers -- Periodicals
004.05 - Journal URLs:
- http://www.sciencedirect.com/science/journal/03050548 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cor.2015.11.003 ↗
- Languages:
- English
- ISSNs:
- 0305-0548
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.770000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 2279.xml