Call For Papers
Contact Us

  Components of Sound Forensically Acquisition of Digital Data  
  Authors : Joyce Chepkemoi Chepkwony; Masese B Nelson
  Cite as:


As the attacks on the cyber space continue to intensify, digital crimes continue to be reported at large. The current techniques used by forensic investigators through the incident response operations include mostly pulling out the power cable of the suspected machines. This method normally causes major interference of the evidence gathering process, hence the need to examine the essential components that makes up forensically sound digital data acquisition process. Descriptive research design was adopted and use of questionnaires in collecting data. 89.4% respondents established that there was need for additional, review and improvement of the tools regularly. The study recommends investigating agencies to channel more resources towards digital evidence acquisition tools to improve effectiveness of digital evidence. The study portrayed that the institutions lacked well-established digital forensic labs with modern equipment and that a small percentage (19.1%) only do validate the tools to operate as intended.


Published In : IJCSN Journal Volume 8, Issue 4

Date of Publication : August 2019

Pages : 363-370

Figures :--

Tables : 03


Joyce Chepkemoi Chepkwony : is currently a PhD student at Kabarak University, Kenya. She holds a Master of Science degree in Information Technology Security & Audit from Kabarak University, Nakuru, Kenya. Her research interests mainly include digital forensics and network security.


Cyber crime, Digital, Evidence, Forensic, Investigation

The study aimed at investigating the essential components of digital forensics evidence in organisations that use digital forensic evidence. That would assist in achieving high digital security level parameters and shortening the analysis time of computer forensic investigations. ICT is dynamic and new issues keep emerging. In lieu of this, digital forensic evidence acquisition and handling tools and components need to be reviewed and improved regularly. Digital forensic technique must be generally flexible, in that it can support any type of incidents and the new technologies.


[1] Adams, Richard (2013). "The emergence of cloud storage and the need for a new digital forensic process model" (PDF). Murdoch University. [2] Casey, E. (2007). What does "forensically sound" really mean? Digital Investigation. [3] Casey, E. (2011). Digital evidence and computer crime: Forensic science, computers, and the internet. Academic press [4] Cosic, J., & Baca, M. (2010). A framework to (im)prove chain of custody in digital investigation process. In Proceedings of the 21st Central European Conference on Information and Intelligent Systems (CECIIS) (pp. 43- 438). [5] Crouch, J. E. (2012). An introduction to computer forensics. NSCI; http://www.nsciva. org/WhitePapers/2010-12-16-Computer% 20Forensics- Crouch-final.pdf. [6] Dykstra, J., & Sherman, A. T. (2012). Acquiring forensic evidence from infrastructure-as-a-service cloud computing: Exploring and evaluating tools, trust, and techniques. Digital Investigation, 9, S90-S98. [7] Eales, N. (2016). Risk assessment. Missing Persons: A Handbook of Research, 160. [8] Etikan, I., Musa, S. A., & Alkassim, R. S. (2016). Comparison of convenience sampling and purposive sampling. American Journal of Theoretical and Applied Statistics, 5(1), 1-4. [9] Fielder, A., Panaousis, E., Malacaria, P., Hankin, C., & Smeraldi, F. (2016). Decision support approaches for cyber security investment. Decision Support Systems, 86, 13-23. [10] G. Giova, (2011)., "Improving Chain of Custody in Forensic Investigation of Electronic Digital Systems," Int. J. Comput. Sci. Netw. Secur., vol. 11, no. 1, pp. 1-9, 2011. [11] Garfinkel, Simson L. (2010). Digital Forensics Research: The Next 10 years. [12] Hannan, T. H., & McDowell, J. M. (2003). The determinants of technology adoption: The case of the banking firm. The RAND Journal of Economics, 328-335. [13] Kaur, R., Saini, K., & Sood, N. C. (2013). Application of video spectral comparator (absorption spectra) for establishing the chronological order of intersecting printed strokes and writing pen strokes. Science & Justice, 53(2), 212-219. [14] Kshetri, N. (2013). Cybercrime and cyber security in the global south. Springer. [15] Lin, C., Hu, P. J., and Chen, H. (2004). Technology implementation management in law enforcement: COPLINK system usability and user acceptance evaluations. Social Science Computer Review, 22(1), 24- 36. [16] Nelson, B., Phillips, A., & Steuart, C. (2014). Guide to computer forensics and investigations. Cengage Learning. [17] Overill, R., & Chow, K. P. (2018). Measuring Evidential Weight in Digital Forensic Investigations. In IFIP International Conference on Digital Forensics (pp. 3-10). Springer, Cham. [18] Pichan, A., Lazarescu, M., & Soh, S. T. (2015). Cloud forensics: Technical challenges, solutions and comparative analysis. Digital Investigation, 13, 38-57. [19] Rafique, M., & Khan, M. N. A. (2013). Exploring static and live digital forensics: Methods, practices and tools. International Journal of Scientific & Engineering Research, 4(10), 1048-1056. [20] Soltani, S., & Seno, S. A. H. (2017). A survey on digital evidence collection and analysis. In Computer and Knowledge Engineering (ICCKE), 2017 7th International Conference on (pp. 247-253). IEEE. [21] Taveras, P. (2013). SCADA live forensics: real time data acquisition process to detect, prevent or evaluate critical situations. European Scientific Journal, ESJ, 9(21). [22] Taveras, P. (2013). SCADA live forensics: real time data acquisition process to detect, prevent or evaluate critical situations. European Scientific Journal, ESJ, 9(21). [23] Taylor, R. W., Fritsch, E. J., & Liederbach, J. (2014). Digital crime and digital terrorism. Prentice Hall Press. [24] Terrizzano, I. G., Schwarz, P. M., Roth, M., & Colino, J. E. (2015, January). Data Wrangling: The Challenging Yourney from the Wild to the Lake. In CIDR. [25] Thomas, J. E. (2018). Using Digital Forensic Techniques to Investigate and Detect Ransomware Infection. [26] Walsh, S. J. (2018). Australasian forensic science summit 2016: the external future context and the case for change. Australian Journal of Forensic Sciences, 50(3), 245-258. [27] Xynos, K., Harries, S., Sutherland, I., Davies, G., & Blyth, A. (2010). Xbox 360: A digital forensic investigation of the hard disk drive. Digital Investigation, 6(3-4), 104-111. [28] Zhang, Y., Wu, J., Zukerman, M., & Yung, E. K. N. (2015). Energy-efficient base-stations sleep-mode techniques in green cellular networks: A survey. IEEE communications surveys & tutorials, 17(2), 803-826.