Implementation of the methodology for forensic analysis of storage unit images
DOI:
https://doi.org/10.62580/ipsc.2023.8.6Keywords:
methodology, forensic, IT, diagramas, expertiseAbstract
The main objective of this article is to present a proposed methodology for conducting computer forensic investigations in a structured and effective manner. The methodology is divided into four main phases: identification, preservation, analysis and presentation of digital evidence. The identification phase focuses on securing the incident scene and organizing the objects found, including physical and logical evidence; during the preservation phase, it ensures that the digital evidence is maintained in its original state using techniques such as bit-by-bit copying and real-time data acquisition to effectively preserve the information; the analysis phase is carried out in a forensic laboratory and uses specific tools to investigate the digital evidence; and finally, the reporting phase is divided into a technical report and an executive report, which describe the methods used, the results obtained and the conclusions. To ensure the effectiveness and accuracy of the proposed methodology, it was evaluated by three Computer Security experts from the University of La Rioja through an expert judgment questionnaire and subsequently implemented in a hypothetical case. Among the conclusions, it highlights the importance of having a solid methodology in a world where digital information is crucial and offers valuable guidance to cybersecurity and IT professionals for the development and implementation of the methodology.
Downloads
References
Casey, E. (2018). Digital Evidence and Computer Crime: Forensic Science, Computers, and the Internet. Academic Press.
Chong, J., & Lee, H. (2020). Real-time digital forensics: A survey. Digital Investigation, 34, 101006.
Debrota, S., & Singh, R. (2014). A study of digital evidence acquisition techniques. International Journal of Computer Science and Mobile Computing, 3(5), 82-88.
Gutiérrez, H. (2022). Evaluación de herramientas de software libre, para el sistema operativo Windows, en la adquisición de evidencias de la memoria RAM. Publicaciones e Investigación, 16(1). https://dialnet.unirioja.es/servlet/articulo?codigo=8660196
Hidalgo, I., Yasaca, S., Hidalgo, B., Oquendo, V., & Salazar, F. (2018). Estudio comparativo de las metodologías de análisis forense informático para la examinación de datos en medios digitales. European Scientific Journal, 14(18). https://doi.org/10.19044/esj.2018.v14n18p40
Kessler, G.C., D’Amico, A., & Higgins, G.E. (2020). Cybercrime and digital criminology. In The Handbook of the Criminology of Terrorism (pp. 355-374). John Wiley & Sons.
Larrea Ronquillo, J. S. (2016). Estudio e Implementación de Metodología de Análisis Forense Digital Aplicables en un Laboratorio de Informática Forense en la Carrera de Ingeniería en Networking y Telecomunicaciones (Doctoral dissertation, Universidad de Guayaquil. Facultad de Ciencias Matemáticas y Físicas. Carrera de Ingeniería en Networking y Telecomunicaciones). https://rraae.cedia.edu.ec/Record/UG_dd34ed82791c8ae408a0248732b54f3e
Lee, S. H., Lee, S., Lee, Y., & Kim, D. (2019). A Study on the Effectiveness of Bitstream Image Acquisition in Digital Forensics. Journal of Digital Forensics, Security and Law, 14(1), 31-46.
Loarte Cajamarca, B. G. & Grijalva Lima, J. S. (2018). Desarrollo de una guía metodológica para el análisis forense en equipos de cómputo con Sistema Operativo Mac OS X. Revista Publicando, 5(14 (1)), 24-67. https://revistapublicando.org/revista/index.php/crv/article/view/1093
Pineda Vaca, A. E. (2016). Diseño de un modelo de análisis forense informático en el Honorable Gobierno Provincial de Tungurahua (Bachelor's thesis, Universidad Técnica de Ambato. Facultad de Ingeniería en Sistemas, Electrónica e Industrial. Carrera de Ingeniería en Sistemas Computacionales e Informáticos). https://repositorio.uta.edu.ec/handle/123456789/23463
Pinto, D. (2014). Metodología de análisis forense orientada a incidentes en dispositivos móviles. Revista MASKANA, Actas del Congreso Ecuatoriano de Tecnologías de la Información y Comunicación – TIC.EC 2014, 5. Universidad de Cuenca.
Quick, D. & Choo, K.K.R. (2018). Forensic investigation of digital devices. John Wiley & Sons.
Reyes, H., Rojas, J., & Carmona, L. (2016). La cadena de custodia como elemento fundamental en la investigación criminal. Revista Ciencias Penales, 23(2), 12-24.
Rosero Paredes, D. S. (2019). Diseño de una metodología de recolección de evidencia digital para análisis forense de unidades de disco duro, basada en la norma ISO/IEC 27037: 2012. Universidad Internacional SEK. https://repositorio.uisek.edu.ec/handle/123456789/3609
Santos, L. & Florez, A. (2012). Metodología para el análisis forense en Linux. Revista Colombiana de Tecnologías de Avanzada (RCTA), 2(20). 90-96. https://revistas.unipamplona.edu.co/ojs_viceinves/index.php/RCTA/article/view/194
Tugnarelli, M. D., Fornaroli, M. F., Santana, S. R., Jacobo, E., & Díaz, F. J. (2017). Análisis de metodologías de recolección de datos digitales. In XIX Workshop de Investigadores en Ciencias de la Computación (WICC 2017, ITBA, Buenos Aires). https://sedici.unlp.edu.ar/handle/10915/62613
Downloads
Published
Issue
Section
License
Copyright (c) 2023 Junior Rojas Rosado, Susana Patiño Rosado, Héctor Sacón Klinger (Autor/a)
This work is licensed under a Creative Commons Attribution 4.0 International License.
