Impacts of increasing volume of digital forensic data: A survey and future research challenges

Abraham, 2006, Event sequence mining to develop profiles for computer forensic investigation purposes, 145

ACC, 2013

AccessDataCorporation, 2010

ACPO, 2006

Adelstein, 2006, Live forensics: diagnosing your system without killing it first, Commun ACM, 49, 63, 10.1145/1113034.1113070

Al-Zaidy, 2012, Mining criminal networks from unstructured text documents, Digit Investig, 8, 147, 10.1016/j.diin.2011.12.001

Alink, 2006, XIRAF – XML-based indexing and querying for digital forensics, Digit Investig, 3, 50, 10.1016/j.diin.2006.06.016

Alzaabi, 2013, An ontology-based forensic analysis tool, J Digit Forensics, Secur Law, 121

Ayers, 2009, A second generation computer forensic analysis system, Digit Investig, 6, S34, 10.1016/j.diin.2009.06.013

Beebe, 2009, 17

Beebe, 2005, Dealing with terabyte data sets in digital investigations, Adv Digit Forensics, 3

Bell, 2013, Seagate launches 4TB hard disk engineered for video content, The Inquirer

Bhoedjang, 2012, Engineering an online computer forensic service, Digit Investig, 9, 96, 10.1016/j.diin.2012.10.001

Biggs, 2009, Cloud computing: the impact on digital forensic investigations, 1

Boyd, 2004, Time and date issues in forensic computing – a case study, Digit Investig, 1, 18, 10.1016/j.diin.2004.01.002

Breitinger, 2014, On the database lookup problem of approximate matching, Digit Investig, 11, S1, 10.1016/j.diin.2014.03.001

Breitinger, 2014, Automated evaluation of approximate matching algorithms on real data, Digit Investig, 11, S10, 10.1016/j.diin.2014.03.002

Brezinski, 2002

Brown, 2005, Design of a digital forensics image mining system, Knowl-Based Intell Inf Eng Syst, 395

Buchholz, 2007, A brief study of time, Digit Investig, 4, 31, 10.1016/j.diin.2007.06.004

Carvey, 2011

Case, 2008, Automated digital evidence discovery and correlation, Digit Investig, 5, S65, 10.1016/j.diin.2008.05.008

Casey, 2009, “Dawn raids” bring a new form in incident response, Digit Investig, 5, 73, 10.1016/j.diin.2009.01.002

Casey, 2010, Digital dust: evidence in every nook and cranny, Digit Investig, 6, 93, 10.1016/j.diin.2010.02.002

Casey, 2014, Growing societal impact of digital forensics and incident response, Digit Investig, 11, 1, 10.1016/j.diin.2014.03.015

Casey, 2009, Investigation delayed is justice denied: proposals for expediting forensic examinations of digital evidence, J Forensic Sci, 54, 1353, 10.1111/j.1556-4029.2009.01150.x

Casey, 2013, Honing digital forensic processes, Digit Investig, 10, 138, 10.1016/j.diin.2013.07.002

Cios, 2005, Trends in data mining and knowledge discovery, Adv Tech Knowl Discov Data Min, 1, 10.1007/1-84628-183-0_1

Coughlin, 2001, High density hard disk drive trends in the USA, J Magn Soc Jpn, 25, 111

Craiger, 2005, Law enforcement and digital evidence, vol. 2, 739

Culley, 2003, Computer forensics: past, present and future, Inf Secur Tech Rep, 8, 32, 10.1016/S1363-4127(03)00204-8

DFI_News, 2011

Fayyad, 1996, From data mining to knowledge discovery in databases, AI Mag, 17, 37

Fayyad, 1996, The KDD process for extracting useful knowledge from volumes of data, Commun ACM, 39, 27, 10.1145/240455.240464

FBI_RCFL, 2003

Ferraro, 2004, Current issues confronting well-established computer-assisted child exploitation and computer crime task forces, Digit Investig, 1, 7, 10.1016/j.diin.2004.01.004

Garfinkel, 2006, Forensic feature extraction and cross-drive analysis, Digit Investig, 3, 71, 10.1016/j.diin.2006.06.007

Garfinkel, 2010, Digital forensics research: the next 10 years, Digit Investig, 7, S64, 10.1016/j.diin.2010.05.009

Garfinkel, 2012, Digital forensics XML and the DFXML toolset, Digit Investig, 8, 161, 10.1016/j.diin.2011.11.002

Garfinkel, 2012, Lessons learned writing digital forensics tools and managing a 30TB digital evidence corpus, Digit Investig, 9, S80, 10.1016/j.diin.2012.05.002

Garfinkel, 2009, Bringing science to digital forensics with standardized forensic corpora

Gogolin, 2010, The digital crime tsunami, Digit Investig, 7, 3, 10.1016/j.diin.2010.07.001

Greiner, 2009, Sniper forensics, netWorker, 13, 8

Growchowski, 1998, 11

Hand, 2001

Hearst, 1999, Untangling text data mining, 3

Hoelz, 2009, Artificial intelligence applied to computer forensics, 883

Huang, 2010, Knowledge sharing and reuse in digital forensics, 73

INTERPOL, 2004

Iqbal, 2010, Mining writeprints from anonymous e-mails for forensic investigation, Digit Investig, 7, 56, 10.1016/j.diin.2010.03.003

Iqbal, 2008, A novel approach of mining write-prints for authorship attribution in e-mail forensics, Digit Investig, 5, S42, 10.1016/j.diin.2008.05.001

Jones, 2012, The use of random sampling in investigations involving child abuse material, Digit Investig, 9, S99, 10.1016/j.diin.2012.05.011

Kenneally, 2005, Risk sensitive digital evidence collection, Digit Investig, 2, 101, 10.1016/j.diin.2005.02.001

Khan, 2007, A framework for post-event timeline reconstruction using neural networks, Digit Investig, 4, 146, 10.1016/j.diin.2007.11.001

Kohavi, 2002, Emerging trends in business analytics, Commun ACM, 45, 45, 10.1145/545151.545177

Koopmans, 2013, Automated network triage, Digit Investig, 10, 129, 10.1016/j.diin.2013.03.002

LaVelle, 2007, FriendlyRoboCopy: a GUI to RoboCopy for computer forensic investigators, Digit Investig, 4, 16, 10.1016/j.diin.2007.01.001

Lee, 2008, High-speed search using Tarari content processor in digital forensics, Digit Investig, 5, S91, 10.1016/j.diin.2008.05.006

Lee, 2000

LSI, LSI Tarari Content Processor Family Enhanced with High-Performance, Low-Latency Solution, http://www.lsi.com/about/newsroom/Pages/20100426apr.aspx, viewed 26.01.11.

Marrington, 2011, CAT detect (computer activity timeline detection): a tool for detecting inconsistency in computer activity timelines, Digit Investig, 8, S52, 10.1016/j.diin.2011.05.007

Marturana, 2013, A machine learning-based triage methodology for automated categorization of digital media, Digit Investig, 10, 193, 10.1016/j.diin.2013.01.001

Marziale, 2007, Massive threading: using GPUs to increase the performance of digital forensics tools, Digit Investig, 4, 73, 10.1016/j.diin.2007.06.014

McKemmish, 1999, 1

Mee, 2006, The Windows Registry as a forensic artefact: illustrating evidence collection for internet usage, Digit Investig, 3, 166, 10.1016/j.diin.2006.07.001

Nance, 2009, Digital forensics: defining a research agenda, 1

NIJ, 2004

Noel, 2014, Applicability of latent Dirichlet allocation to multi-disk search, Digit Investig, 11, 43, 10.1016/j.diin.2014.02.001

Nykodym, 2005, Criminal profiling and insider cyber crime, Digit Investig, 2, 261, 10.1016/j.diin.2005.11.004

O'Connor, 2004, Deploying forensic tools via PXE, Digit Investig, 1, 173, 10.1016/j.diin.2004.07.005

Okolica, 2007, Using author topic to detect insider threats from email traffic, Digit Investig, 4, 158, 10.1016/j.diin.2007.10.002

Olsson, 2009, Computer forensic timeline visualization tool, Digit Investig, 6, S78, 10.1016/j.diin.2009.06.008

Overill, 2013, Triage template pipelines in digital forensic investigations, Digit Investig, 10, 168, 10.1016/j.diin.2013.03.001

Palmer, 2001

Palmer, 2002, Forensic analysis in the digital world, Int J Digit Evid, 1, 1

Parsonage

Peisert, 2008, Computer forensics in forensis, SIGOPS Oper Syst Rev, 42, 112, 10.1145/1368506.1368521

Pollitt, 2013, Triage: a practical solution or admission of failure, Digit Investig, 10, 87, 10.1016/j.diin.2013.01.002

Pringle, 2014, Information assurance in a distributed forensic cluster, Digit Investig, 11, S36, 10.1016/j.diin.2014.03.005

Pringle, 2008, Is a computational grid a suitable platform for high performance digital forensics?, 175

Quick, 2013, Dropbox analysis: data remnants on user machines, Digit Investig, 10, 3, 10.1016/j.diin.2013.02.003

Quick, 2014, Data reduction and data mining framework for digital forensic evidence: storage, intelligence, review and archive, Trends Issues Crime Crim Justice, 480, 1

Quick, 2014

Raghavan, 2013, Digital forensic research: current state of the art, CSI Trans ICT, 1, 91, 10.1007/s40012-012-0008-7

Raghavan, 2009, FIA: an open forensic integration architecture for composing digital evidence, 83

Ratcliffe, 2007

Reyes, 2007, 219

Ribaux, 2010, Intelligence-led crime scene processing. Part I: forensic intelligence, Forensic Sci Int, 195, 10, 10.1016/j.forsciint.2009.10.027

Ribaux, 2006, The contribution of forensic science to crime analysis and investigation: forensic intelligence, Forensic Sci Int, 156, 171, 10.1016/j.forsciint.2004.12.028

Richard, 2006, Digital forensics tools: the next generation, 75

Richard, 2006, Next-generation digital forensics, Commun ACM, 49, 76, 10.1145/1113034.1113074

Riley, 2008, A comparison of forensic hard drive imagers: a time analysis comparison between the ICS image MASSter-Solo III and the Logicube Talon, J Digit Forensic Pract, 2, 74, 10.1080/15567280802047143

Rogers, 2004, The future of computer forensics: a needs analysis survey, Comput Secur, 23, 12, 10.1016/j.cose.2004.01.003

Rogers, 2006, Computer forensics field triage process model, J Digit Forensics, Secur Law, 1, 19

Roussev, 2012, Content triage with similarity digests: the M57 case study, Digit Investig, 9, S60, 10.1016/j.diin.2012.05.012

Roussev, 2013, Real-time digital forensics and triage, Digit Investig, 10, 158, 10.1016/j.diin.2013.02.001

Roussev, 2004, Breaking the performance wall: the case for distributed digital forensics

Schatz, 2006, An open architecture for digital evidence integration

Schatz, 2006, A correlation method for establishing provenance of timestamps in digital evidence, Digit Investig, 3, 98, 10.1016/j.diin.2006.06.009

Shannon, 2004, Forensic relative strength scoring: ASCII and entropy scoring, Int J Digit Evid, 2, 151

Shaw, 2013, A practical and robust approach to coping with large volumes of data submitted for digital forensic examination, Digit Investig, 10, 116, 10.1016/j.diin.2013.04.003

Shaw, 2006, The role of behavioral research and profiling in malicious cyber insider investigations, Digit Investig, 3, 20, 10.1016/j.diin.2006.01.006

Sheldon, 2005, The future of forensic computing, Digit Investig, 2, 31, 10.1016/j.diin.2005.01.005

Shiaeles, 2013, On-scene triage open source forensic tool chests: are they effective?, Digit Investig, 10, 99, 10.1016/j.diin.2013.04.002

Sommer, 2004, The challenges of large computer evidence cases, Digit Investig, 1, 16, 10.1016/j.diin.2004.01.005

Stevens, 2004, Unification of relative time frames for digital forensics, Digit Investig, 1, 225, 10.1016/j.diin.2004.07.003

Teelink, 2006, Improving the computer forensic analysis process through visualization, Commun ACM, 49, 71, 10.1145/1113034.1113073

Turnbull, 2009, The anatomy of electronic evidence; quantitative analysis of police e-crime data, 143

Turner, 2005, Unification of digital evidence from disparate sources (digital evidence bags), Digit Investig, 2, 223, 10.1016/j.diin.2005.07.001

Turner, 2006, Selective and intelligent imaging using digital evidence bags, Digit Investig, 3, 59, 10.1016/j.diin.2006.06.003

UNODC, 2011

van Baar, 2014, Digital forensics as a service: a game changer, Digit Investig, 11, S54, 10.1016/j.diin.2014.03.007

Vidas, 2014, OpenLV: empowering investigators and first-responders in the digital forensics process, Digit Investig, 11, S45, 10.1016/j.diin.2014.03.006

Walmart

Walter, 2005, Kryder's law, Sci Am, 293, 32, 10.1038/scientificamerican0805-32

Weiser, 2006, 5

Wiles, 2007, Forensic examination in a terabyte world, 129

Wong, 2010, Explosion of data envelops man in the street, The Australian

Zimmerman