Behavioural Digital Forensics Model: Embedding Behavioural Evidence Analysis into the Investigation of Digital Crimes
AffiliationUniversity of Derby
MetadataShow full item record
AbstractThe state-of-the-art and practice show an increased recognition, but limited adoption, of Behavioural Evidence Analysis (BEA) within the Digital Forensics (DF) investigation process. Yet, there is currently no BEA-driven process model and guidelines for DF investigators to follow in order to take advantage of such an approach. This paper proposes the Behavioural Digital Forensics Model to fill this gap. It takes a multidisciplinary approach which incorporates BEA into in-lab investigation of seized devices related to interpersonal cases (i.e., digital crimes involving human interactions between offender(s) and victim(s)). The model was designed based on the application of traditional BEA phases to 35 real cases, and evaluated using 5 real digital crime cases - all from Dubai Police archive. This paper, however, provides details of only one case from this evaluation pool. Compared to the outcome of these cases using a traditional DF investigation process, the new model showed a number of benefits. It allowed a more effective focusing of the investigation, and provided logical directions for identifying the location of further relevant evidence. It also enabled a better understanding and interpretation of victim/offender behaviours (e.g., probable offenders' motivations and modus operandi), which facilitated a more in depth understanding of the dynamics of the specific crime. Finally, in some cases, it enabled the identification of suspect's collaborators, something which was not identified via the traditional investigative process.
CitationAl Mutawa, N., Bryce, J., Franqueira, V.N., Marrington, A. and Read, J.C., (2018). 'Behavioural Digital Forensics Model: Embedding Behavioural Evidence Analysis into the investigation of digital crimes'. Digital Investigation. 28, pp. 70-82. DOI: 10.1016/j.diin.2018.12.003
Showing items related by title, author, creator and subject.
(Mis)Use of Personal Technology by Employees in Financial Services OrganisationsHicks, David; Henry, Phil; Hodgson, Philip; Collis, Raichel (University of DerbyBusiness, Law and Social Sciences, 2021-09-01)This work presents a single methodology design across three different groups to chart the challenges and potential of digital investigation and to offer an original contribution to researchers seeking purposive samples specific to topical research questions. Open-source online intelligence theorised from an attacker's perspective is underpinned by a novel cyber-orientated framework of routine activity theory (RAT) (Cohen and Felson, 1979) to highlight digital footprint as a vector for targeted social engineering. Seventy-six (N=76) demographically diverse financial services employees from occupations throughout the sector provide empirical data via a mixed methods online survey. Cyber-specific RAT evaluates the ‘average user’ (with no specialist training) as a potential contributor to human assisted cybercrime threatening corporate networks through use of personal technologies and internet-based activities. Robust discussion debates routine digital activity using smartphones, tablets, and consumer Internet of Things (IoT) devices as an unmitigated factor for workplace risk. Personal internet use, devices accessing corporate networks, self-promotion on social media, physical and virtual IoT, executive personnel practicing ‘unsafe’ behaviours and assumed device security as licence for unrestricted online activity are key findings of this study which offers original contributions to critical assessment of insider threat. Despite employee (mis)use of personal technology as a potential vector financial organisations are seemingly unprepared for small-scale and dynamic risk. Results recommend bespoke training at all levels to associate personal use and online behaviour with known cyber risks and capacity for loss or harm. Cyber-RAT as a framework to identify suitable targets and potential for guardianship will contribute value added and assist in a more holistic response to cybercrime where the human element complements technological solutions as a positive enhancement to enterprise security.
Thinking digitally in a digital world.Moore, Nicki; University of Derby (The Career Development Institute, 2018-01)This article sets out the Career Development Institue's Digital Strategy. IT highlights the key competence areas required by those working in the career development sector in the UK.
Education and the digital revolution.Staunton, Tom; University of Derby (Routledge, 2017-08-23)This chapter explores how education could rise to the challenge of the digital world. This will explore the intersection between three different understandings of the digital world and consider the tensions the educator experiences in relation to these. This will highlight how debates around the nature of technology and how it interrelates to society creates debates which need to be engaged within the field of education studies. Technology places learners, educators and institutions at a precarious intersection created by technology where there is a need to navigate complexity more than take a single position.