1 / 6

In-Time Forensics: Challenges and Adaptability in Real-Time Digital Investigations

This panel discussion from DFRWS 2004 in Linthicum, MD, features experts Mr. Phil Turner, Mr. James Collins, Dr. Frank Adelstein, and Mr. John Ward discussing the challenges of forensic evidence admissibility in real-time environments. Key topics include the adaptability of "after-the-fact" methods for high availability operations and the technical challenges of applying digital forensics in real-time. Panelists address performance, accuracy, integrity, and the need for evolving collection methods to support decision-making in urgent scenarios.

min
Télécharger la présentation

In-Time Forensics: Challenges and Adaptability in Real-Time Digital Investigations

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Day 2 - Panel Discussion DFRWS 2004 Linthicum, MD

  2. Day 2 - Panelists • Mr. Phil Turner, Technical Manager, Digital Investigation Services, QinetiQ, UK • Mr. James Collins, AFIWC, Defensive Counter Information Division • Dr. Frank Adelstein, Senior Principal Scientist, ATC-NYCorp • Mr. John Ward, Senior S/W Engineer, IDEAL Technology Corp.

  3. Day 2 - Intro • Each question will be posed to all four panelists. Some questions are multi-part • Each panelist will have 4-5 minutes to respond • Each round will be followed by a 10 minute Q&A plenary session • A transcript will be recorded

  4. Day 2 – “In-Time” Forensics • Forensic analysis identifies facts or high confidence metrics uncovered by the application of known, proven, and accepted methods. These facts may be used to persuade or influence decisions across investigative domains. • Question 1: • What do you see as the greatest challenge to the use and/or admissibility of forensic evidence collected in near-real-time or in-time environments? • Question 1a: • Does the greatest risk to investigative credibility come from what you do or do not include in your real-time analysis?

  5. Day 2 – “In-Time” Forensics • Question 2: • In your view, are methods used in ‘after-the-fact” digital forensic analysis adaptable for use in mission critical or high availability operations? • If possible, generally state which ones may be and why. • Question 2: • What’s the greatest technical challenge in applying forensic methods and capabilities from digital media forensics to real-time operational environments? • Performance – Integrity – Accuracy – Confidentiality, Repeatability of Results, etc.

  6. Day 2 – Topics of Consideration • Accuracy • Timeliness • Adaptability • Function • Admissibility • Integrity • Focus (particular attributes) • Performance barriers • Collection must change • Decision Support vs. Prosecution

More Related