Home // COGNITIVE 2012, The Fourth International Conference on Advanced Cognitive Technologies and Applications // View article

Cyber Forensics: Representing and (Im)Proving the Chain of Custody Using the Semantic Web

Authors:
Tamer Gayed
Hakim Lounis
Moncef Bari

Keywords: Knowledge Representation; Chain of Custody; Provenance Vocabularies; Semantic Web; Resource Description Framework.

Abstract:
Computer/Digital forensic is still in its infancy, but it is a very growing field. It involves extracting evidences from digital device in order to analyze and present them in a court of law to prosecute it. Digital evidences can be easily altered if proper precautions are not taken. A chain of custody (CoC) document is used to demonstrate the road map of how evidences have been copied, transported, and stored throughout the investigation process. With the advent of the digital age, the tangible CoC document needs to undergone a radical transformation from paper to electronic data (e-CoC), readable and consumed by machines, and applications. Semantic web is a flexible solution to represent different information, because it provides semantic markup languages for knowledge representation, supported by different vocabularies for provenance information. These features can be exploited to represent the tangible COC document to ensure its trustworthiness and its integrity. Moreover, querying mechanisms can be also incorporated over this represented knowledge to answer different forensic and provenance questions asked by juries concerning the case in hand. Thus, this paper proposes the construction of a framework solution based on the semantic web to represent and consume the forensic and provenance knowledge related to the tangible COC document.

Pages: 19 to 23

Copyright: Copyright (c) IARIA, 2012

Publication date: July 22, 2012

Published in: conference

ISSN: 2308-4197

ISBN: 978-1-61208-218-9

Location: Nice, France

Dates: from July 22, 2012 to July 27, 2012