Abstract
Unlike conventional forensics, digital forensics does not at present generally quantify the results of its investigations. It is suggested that digital forensics should aim to catch-up with other forensic disciplines by using Bayesian and other numerical methodologies to quantify its investigations’ results. Assessing the plausibility of alternative hypotheses (or propositions, or claims) which explain how recovered digital evidence came to exist on a device could assist both the prosecution and the defence sides in criminal proceedings: helping the prosecution to decide whether to proceed to trial and helping defence lawyers to advise a defendant how to plead. This paper reviews some numerical approaches to the goal of quantifying the relative weights of individual items of digital evidence and the plausibility of hypotheses based on that evidence. The potential advantages enabling the construction of cost-effective digital forensic triage schemas are also outlined. Key points The absence of quantified results from digital forensic investigations, unlike those of conventional forensics, is highlighted. A number of approaches towards quantitative evaluation of the results of digital forensic investigations are reviewed. The significant potential benefits accruing from such approaches are discussed.
| Original language | English |
|---|---|
| Pages (from-to) | 13-18 |
| Number of pages | 6 |
| Journal | Forensic Sciences Research |
| Volume | 6 |
| Issue number | 1 |
| DOIs | |
| Publication status | Accepted/In press - 2021 |
Keywords
- Bayesian networks
- complexity theory
- digital forensic metrics
- Forensic sciences
- information theory
- measures of plausibility
- probability theory
- statistical theory