A Discussion of Visualization Techniques for the Analysis of Digital Evidence

Author

Schrenk, Gerald ; Poisel, Rainer

Author_Institution

Inst. of IT Security Res., Univ. of Appl. Sci. St. Poelten, St. Polten, Austria

fYear

2011

fDate

22-26 Aug. 2011

Firstpage

758

Lastpage

763

Abstract

Digital crimes are increasing, so is the need for improvements in digital forensics. With the growth of storage capacity these digital forensic investigations are getting more difficult. Visualization allows for displaying big amounts of data at once, so a foresic investigator is able to maintain an overlook about the whole case. Through zooming it is possible to analyze interesting parts of evidence without losing the general view. This paper gives an overview of data classification, data sources and a classification of available techniques. Different state of the art tools for visualization of frequency, timelines, e-mails and logging data are discussed. Further details on how these tools support the digital forensics progress through visualization are given. Finally a comparison between conventional approaches and visualization techniques is presented. The benefit for the reader is to get a quick overview of the state-of-the-art of visualization techniques for processing digital evidence.

Keywords

computer crime; computer forensics; data visualisation; electronic mail; data classification; data source; digital crimes; digital evidence; digital forensics; e-mail; logging data; storage capacity; visualization; Data visualization; Digital forensics; Electronic mail; Media; Security; Three dimensional displays; digital forensics; timeline; timestamp; visualization;

fLanguage

English

Publisher

ieee

Conference_Titel

Availability, Reliability and Security (ARES), 2011 Sixth International Conference on

Conference_Location

Vienna

Print_ISBN

978-1-4577-0979-1

Electronic_ISBN

978-0-7695-4485-4

Type

conf

DOI

10.1109/ARES.2011.119

Filename

6046033