Disheveled Digital Forensics: The Impact of Inconsistent Standards, Certifications, and Accreditation

Facebooktwittergoogle_plusredditlinkedinmailFacebooktwittergoogle_plusredditlinkedinmail

Abstract

 

Technology and digital evidence are at the forefront of nearly every criminal, civil, and corporate investigation in the world. For the past thirty years digital evidence such as computers, cellular phones, tablets, servers, GPS devices, gaming consoles, storage devices, and network infrastructure devices have been forensically analyzed and presented in legal proceedings. In many cases digital evidence has been the “smoking gun” leading to successful convictions, lawsuits, employment terminations, and exonerations.

Although digital forensics has been recognized as a legitimate forensic science and has been utilized in the criminal justice system for the same length of time that DNA has, the discipline is anything but disciplined. Within the United States, any law enforcement agency, business, or individual can open a forensic “laboratory” and begin providing services without having to demonstrate even foundational knowledge, skills, or abilities. To further evidence this, within the law enforcement community alone there are only 67 digital forensic laboratories accredited to the ISO 17025:2005 standards for the nearly 18,000 law enforcement agencies in the country.

The lack of requirements for digital forensic practitioners to be certified in their discipline, be accountable to industry best practices and standards, or work out of accredited laboratories places the credibility of this forensic science in jeopardy. This paper will discuss the risks and impacts associated with unskilled practitioners who perform digital forensic analysis. Also included will be an examination of some legal cases that highlight the risks identified within the paper. Research and practical experience will be drawn upon to provide the reader with proposed solutions to improve the quality of the digital forensic discipline. Topics such as forensic analyst training, proficiency testing, certification, best practices, policies and procedures, and laboratory standards and accreditation will be discussed.

The good news is that much of the work has already been done to identify digital forensic best practices and laboratory standards.  This paper will provide a framework for digital forensic practitioners and managers to comply with best practices, standards, guidelines, and analyst certification and training within the discipline as well as minimum requirements that should be met before digital forensic evidence is allowed to be introduced into a legal proceeding.

Keywords: digital forensics, computer forensics, digital evidence, forensic laboratory accreditation, forensic certifications, digital forensic best practices

Download the Entire Thesis Paper Here

To download the forensic policies and procedures manuals referenced in the thesis paper, see below:

To download the forms referenced in the thesis paper, see below:

9 thoughts on “Disheveled Digital Forensics: The Impact of Inconsistent Standards, Certifications, and Accreditation

  1. Very Nice Thesis, Currently running Msc information security interested in Digital forensic @ my thesis too. Please can you kindly advice me on some latest area or materials Cloud storage Forensic any latest journals. Thanks

  2. When I originally commented I clicked the “Notify me when new comments are added” checkbox and now each time a comment is added I get four e-mails with the same comment.

    Is there any way you can remove me from that service?
    Many thanks!

    • Thanks for the comment. I don’t see an original comment from you and I am not sure why you are getting this. I also don’t see you as a user on the website, so I have no idea why you are getting emails from my website. Do you know for sure the emails are coming from my site and not Facebook?

Leave a Reply

Your email address will not be published. Required fields are marked *