| Abstrakt: |
This paper is a fusion of a survey of different existing research related to web forensics, disk forensics, and email forensics and the implementation of the best practices in these areas. During the survey of ongoing state-of-the-art research, we observed that every forensic investigation process goes through five phases: identification of evidence, collection of evidence, examination of evidence, assessment/investigation of evidence, and reporting of evidence. Although phases are the same in all forensics investigations, for every forensics investigation there is a specialized set of forensics tools. This paper also highlights the need for intelligent tool selection and current challenges of web forensics, disk forensics, and email forensics and infers future research trends toward solving these current challenges. Eventually, we performed various case studies of web forensics, disk forensics, and email forensics and added three interesting investigations to this paper. The change in the price of items in the shopping cart on an e-commerce website before checkout is a case study of web forensics. To obtain system files using forensic tool kit (FTK) imager is a case study of disk forensics. Show original of g-mail is a case study of email forensics. |
Full text from SpringerLink