Computer Forensic Timeline Visualization Tool
Gespeichert in:
| Titel: | Computer Forensic Timeline Visualization Tool |
|---|---|
| Autoren: | Olsson, Jens, Boldt, Martin |
| Quelle: | Digital Investigation. The International Journal of Digital Forensics and Incident Response. 6(Supplement 1):78-87 |
| Schlagwörter: | Computer forensic timeline, Event visualization, E-fraud, Timestamp, Chronological evidence, Time Variable, Time determination |
| Beschreibung: | Computer Forensics is mainly about investigating crime where computers have been involved. There are many tools available to aid the investigator with this task. We have created a prototype of a new type of tool called CyberForensic TimeLab where all evidence is indexed by their time variables and plotted on a timeline. We believed that this way of visualizing the evidence allows the investigators to find coherent evidence faster and more intuitively. We have performed a user test where a group of people has evaluated our prototype tool against a modern commercial computer forensic tool and the results of this preliminary test are very promising. The results show that users completed the task in shorter time, with greater accuracy and with less errors using CyberForensic TimeLab. The subjects also experienced that the prototype were more intuitive to use and that it allowed them to easier locate evidence that was coherent in time. |
| Dateibeschreibung: | electronic |
| Zugangs-URL: | https://urn.kb.se/resolve?urn=urn:nbn:se:bth-7928 https://bth.diva-portal.org/smash/get/diva2:835603/FULLTEXT01.pdf |
| Datenbank: | SwePub |
Full Text Finder 
Nájsť tento článok vo Web of Science | Abstract: | Computer Forensics is mainly about investigating crime where computers have been involved. There are many tools available to aid the investigator with this task. We have created a prototype of a new type of tool called CyberForensic TimeLab where all evidence is indexed by their time variables and plotted on a timeline. We believed that this way of visualizing the evidence allows the investigators to find coherent evidence faster and more intuitively. We have performed a user test where a group of people has evaluated our prototype tool against a modern commercial computer forensic tool and the results of this preliminary test are very promising. The results show that users completed the task in shorter time, with greater accuracy and with less errors using CyberForensic TimeLab. The subjects also experienced that the prototype were more intuitive to use and that it allowed them to easier locate evidence that was coherent in time. |
|---|---|
| ISSN: | 17422876 1873202X |
| DOI: | 10.1016/j.diin.2009.06.008 |