Research Essay
Table of Contents
Introduction
The purpose of the essay is to find and present quality research with regards to the following trending issues in the computer forensics world.
Deductive, inductive and abductive reasoning in the context of cyber forensics analysis.
Processes that assist in developing a case hypothesis and alternative hypothesis.
Validation processes that check and test the correctness of the digital evidence exhibits and their relationships with corroborating evidence relied on in legal cases.
Processes that would enhance the communication of and presentation of case analysis to the legal practitioner and courts.
Deductive, inductive and abductive reasoning in the context of cyber forensics analysis.
Deductive Reasoning
Hurley mentioned (2000, p. 33), deductive reasoning is “an argument in which the premises are claimed to support the conclusion in such a way that it is impossible for the premises to be true and the conclusion false”. This equates to say that if all the premises are firm and accurate, the conclusion is most definitely firm and correct (Walton, 2005).
Conclusion drawn from deductive reasoning is derived from the given premises. The reasoning moves from general principles to a specific conclusion when utilized by the criminal justice profession (Turvey, 2001).
One of the most well-known deductive reasoning is the Locard exchange principle; Kirk (1953) defined this principle as
"Wherever he steps, whatever he touches, whatever he leaves, even unconsciously, will serve as a silent witness against him. Not only his fingerprints or his footprints, but his hair, the fibers from his clothes, the glass he breaks, the tool mark he leaves, the paint he scratches, the blood or semen he deposits or collects. All of these and more, bear mute witness against him. This is evidence that does not forget. It is not confused by the excitement of the moment. It is not absent because human witnesses are. It is factual
Introduction
The purpose of the essay is to find and present quality research with regards to the following trending issues in the computer forensics world.
Deductive, inductive and abductive reasoning in the context of cyber forensics analysis.
Processes that assist in developing a case hypothesis and alternative hypothesis.
Validation processes that check and test the correctness of the digital evidence exhibits and their relationships with corroborating evidence relied on in legal cases.
Processes that would enhance the communication of and presentation of case analysis to the legal practitioner and courts.
Deductive, inductive and abductive reasoning in the context of cyber forensics analysis.
Deductive Reasoning
Hurley mentioned (2000, p. 33), deductive reasoning is “an argument in which the premises are claimed to support the conclusion in such a way that it is impossible for the premises to be true and the conclusion false”. This equates to say that if all the premises are firm and accurate, the conclusion is most definitely firm and correct (Walton, 2005).
Conclusion drawn from deductive reasoning is derived from the given premises. The reasoning moves from general principles to a specific conclusion when utilized by the criminal justice profession (Turvey, 2001).
One of the most well-known deductive reasoning is the Locard exchange principle; Kirk (1953) defined this principle as
"Wherever he steps, whatever he touches, whatever he leaves, even unconsciously, will serve as a silent witness against him. Not only his fingerprints or his footprints, but his hair, the fibers from his clothes, the glass he breaks, the tool mark he leaves, the paint he scratches, the blood or semen he deposits or collects. All of these and more, bear mute witness against him. This is evidence that does not forget. It is not confused by the excitement of the moment. It is not absent because human witnesses are. It is factual
References: Craiger, P., Swauger, J., Marberry, C., & Hendricks, C. (2006). “Validation of Digital Forensics Tools” Retrieved 15th July 2014 from www.irma-international.org/viewtitle/8351/ Carrier, B., & Spafford, E Carrier, B., & Spafford, E. (2004). “An Event-Based Digital Forensic Investigation Framework” Retrieved 11th July 2014 from www.digital-evidence.org/papers/dfrws_event.pdf Castiglione, A., Cattaneo, G., Maio, G., & Santis, A Ciardhuáin, Ó. (2004). “An Extended Model of Cybercrime Investigations” Retrieved 11th July 2014 from https://utica.edu/academic/institutes/ecii/publications/articles/A0B70121-FD6C-3DBA-0EA5C3E93CC575FA.pdf Dardick, G Daubert v. Merrell Dow Pharmaceuticals, Inc. (92-102), 509 U.S. 579 (1993). Retrieved 13th July 2014 from http://www.law.cornell.edu/supct/html/92-102.ZO.html Eoghan, C Jindani, A., Poovathingal, A., & Rawat, A. (2011). ”Abductive Reasoning”. Retreieved 10th July 2014 from http://www.cse.iitb.ac.in/~cs621-2011/2011-seminars/abduction-slide.ppt Kerr, D., Gammack, J., & Bryant, K Kirk, P.L. (1953). “Crime investigation: physical evidence and the police laboratory”. Interscience Publishers, Inc. McKemmish, R New South Wales Consolidated Regulations. (2005). “UNIFORM CIVIL PROCEDURE RULES 2005 - SCHEDULE 7” Retrieved 13th July 2014 from http://www.austlii.edu.au/au/legis/nsw/consol_reg/ucpr2005305/sch7.html Peirce, Charles, S Saad, S., & Traore, I. (2010, August). Method ontology for intelligent network forensics analysis. In Privacy Security and Trust (PST), 2010 Eighth Annual International Conference on (pp. 7-14). IEEE. Sagepub. (n.d.). ”Chapter 8: Introduction to Hypothesis Testing” Retrieved 11th July 2014 from www.sagepub.com/upm-data/40007_Chapter8.pdf Sherman, S.(2006) Stephenson, P. (2000). “Investigating computer-related crime”. Boca Raton, Florida: CRC Press Thagard, P Tecuci, G., Schum, D., Boicu, M., Marcu, D., & Russell, K. (2001). “Toward a Computational Theory of Evidence-based Reasoning”. Retrieved 10th July 2014 from http://lac.gmu.edu/publications/2011/tecuci_et_al_ebr-2011.pdf Trochim, W Turvey, B. (2001). Criminal profiling. San Diego, CA: Elsevier Academic Press Walton, D Willassen, S. (2008). “Hypothesis-based investigation of digital timestamps.” Retrieved 11th July 2014 from www.willassen.no/svein/pub/ifip08.pdf