Methods and Tools of Digital Triage in Forensic Context: Survey and Future Directions
AbstractDigital triage is the first investigative step of the forensic examination. The digital triage comes in two forms, live triage and post-mortem triage. The primary goal of the live triage is a rapid extraction of an intelligence from the potential sources. The live triage raises legitimate concerns. The post-mortem triage is conducted in the laboratory and its main goal is ranking of the seized devices for the possible existence of the relevant evidence. The digital triage has the potential to quickly identify items that are likely to contain the evidential data. Therefore, it is a solution to the problem of case backlogs. However, existing methods and tools of the digital triage have limitations, especially, in the forensic context. Nevertheless, we have no better solution for the time being. In this paper, we critically review published research works and the proposed solutions for digital triage. The review is divided into four sections as follows: live triage, post-mortem triage, mobile device triage, and triage tools. We conclude that many challenges are awaiting for the developers in creating methods and tools of digital triage in order to keep pace with the development of new technologies. View Full-Text
Share & Cite This Article
Jusas, V.; Birvinskas, D.; Gahramanov, E. Methods and Tools of Digital Triage in Forensic Context: Survey and Future Directions. Symmetry 2017, 9, 49.
Jusas V, Birvinskas D, Gahramanov E. Methods and Tools of Digital Triage in Forensic Context: Survey and Future Directions. Symmetry. 2017; 9(4):49.Chicago/Turabian Style
Jusas, Vacius; Birvinskas, Darius; Gahramanov, Elvar. 2017. "Methods and Tools of Digital Triage in Forensic Context: Survey and Future Directions." Symmetry 9, no. 4: 49.
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.