Critics, unimpressed by the rigor of the forensic digital examination pro-cess, have taken the position that forensic digital analysis is, more rightly, simply little more than ad hoc data collection and analysis. The reality is that forensic digital analysis as a whole, in its relative infancy, is the unwilling victim of the rapid advancement of computer technology. Struggling to keep pace with the giant steps taken in recent years by the computing industry, forensic digital analysis is, as are many defensive computing technologies, at the mercy of evermore new and complex computing approaches. Chief among these new paradigms is the need to analyze forensic materials over complex chains of evidence that may range around the globe over a wide variety of heterogeneous computing platforms, environments, and transports. This article discusses a formalized approach to the forensic collection, manage- ment and analysis of digital evidence involved in complex cases occurring over complex networks. Its objective is to begin the processes of instilling the same rigor in the practice of forensic digital analysis that exists in many other branches of forensic science.
展开▼