Open Access iconOpen Access

ARTICLE

crossmark

Computer Forensics Framework for Efficient and Lawful Privacy-Preserved Investigation

Waleed Halboob1,*, Jalal Almuhtadi1,2

1 Center of Excellence in Information Assurance, King Saud University, Riyadh, 11653, Saudi Arabia
2 College of Computer and Information Sciences, King Saud University, Riyadh, 11451, Saudi Arabia

* Corresponding Author: Waleed Halboob. Email: email

Computer Systems Science and Engineering 2023, 45(2), 2071-2092. https://doi.org/10.32604/csse.2023.024110

Abstract

Privacy preservation (PP) in Digital forensics (DF) is a conflicted and non-trivial issue. Existing solutions use the searchable encryption concept and, as a result, are not efficient and support only a keyword search. Moreover, the collected forensic data cannot be analyzed using existing well-known digital tools. This research paper first investigates the lawful requirements for PP in DF based on the organization for economic co-operation and development OECB) privacy guidelines. To have an efficient investigation process and meet the increased volume of data, the presented framework is designed based on the selective imaging concept and advanced encryption standard (AES). The proposed framework has two main modules, namely Selective Imaging Module (SIM) and Selective Analysis Module (SAM). The SIM and SAM modules are implemented based on advanced forensic format 4 (AFF4) and SleuthKit open source forensics frameworks, respectively, and, accordingly, the proposed framework is evaluated in a forensically sound manner. The evaluation result is compared with other relevant works and, as a result, the proposed solution provides a privacy-preserving, efficient forensic imaging and analysis process while having also sufficient methods. Moreover, the AFF4 forensic image, produced by the SIM module, can be analyzed not only by SAM, but also by other well-known analysis tools available on the market.

Keywords


Cite This Article

W. Halboob and J. Almuhtadi, "Computer forensics framework for efficient and lawful privacy-preserved investigation," Computer Systems Science and Engineering, vol. 45, no.2, pp. 2071–2092, 2023.



cc This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 605

    View

  • 334

    Download

  • 0

    Like

Share Link