A Study of Guidelines in Digital Forensic Evidence Examination

Main Article Content

Jitchanok Inthama
Wongyos Keardsri

Abstract

Nowadays, digital devices have been widely used in the daily life of humans. Consequently, the number of cybercrimes has been increasing significantly. Moreover, the processes and methods of dealing with forensic evidence examination involving digital devices must have more complexity and credibility. The purpose of this research was to study the guidelines which were used in the digital forensic evidence examination in Thailand. The study, qualitative research, was divided into two sections. The first one was to conduct documentary research related to guidelines of digital forensic evidence examination of four internal and external agencies, namely 1) Electronic Transactions Development Agency (ETDA), 2) National Institute of Standards and Technology (NIST), 3) Scientific Working Group on Digital Evidence (SWGDE), and 4) International Organization for Standardization (ISO). The other part was the in-depth interviews. The interview data was collected from the key informants who currently work in forensic science agencies in Thailand, namely 1) Technology Crime Suppression Division 2) Central Institute of Forensic Science 3) Department of Special Investigation (DSI) and 4) Office of Police Forensic Science. The results collected from the documentary research show that there are nine steps of the digital forensic evidence examination. Also, the results obtained from the interview reveal the problems which occurred during examining the forensic evidence such as lack of understanding the purpose of sending the evidence to the digital forensic laboratory and lack of professional expertise in the area of forensics. This research could be the standard for developing the digital forensic evidence examination in Thailand in the foreseeable future.

Downloads

Download data is not yet available.

Article Details

How to Cite
Inthama, J., & Keardsri, W. (2021). A Study of Guidelines in Digital Forensic Evidence Examination. Journal of Criminology and Forensic Science, 7(1), 134-150. Retrieved from https://so02.tci-thaijo.org/index.php/forensic/article/view/247001
Section
Research Articles

References

British Standard. (2016). Information Technology – Security Technology – Guidelines for Identification, Collection, Acquisition and Preservation of Digital Evidence (ISO/IEC 27037:2012. London: The British Standards Institution.

Chairangsinant, C. (2559). International Standards Accreditation for Forensic science. Journal of Criminology and Forensic Science, 2(1), 60-71. (In Thai).

Casey, E. (2011). Digital evidence and computer crime: forensic science, computers and the internet. 3rd ed. The United States of America: British Library.

Electronic Transactions Development Agency (Public Organization). (2018). Thailand Internet User Profile 2018. Huai Khwang: Electronic Transactions Development Agency (Public Organization).

Grobler, M. (2010). Digital Forensic Standards: International Progress. Proceedings of the South African Information Security Multi-Conference (SAISMC 2010). 261- 271.

Horsman, G. (2019). Formalising investigative decision making in digital forensics: Proposing the Digital Evidence Reporting and Decision Support (DERDS) framework. Digital Investigation, 28, 146-151.

Kent, K., Chevalier, S, Grance, T, and Dang, H. (2006). NIST Special Publication 800-86 Guide to Integrating Forensic Techniques into Incident Response. Gaithersburg: National Institute of Standards and Technology.

Mumba, E. R. and Venter, H. (2014). Testing and Evaluating the Harmonized Digital Forensic Investigation Process in Post Mortem Digital Investigations. ADFSL Conference on Digital Forensics, Security and Law, 83-97.

Nassif, L. N. (2017). Towards a Proof Acceptance by Overcoming Challenges in Collecting Digital Evidence. International Science Index, Law and Political Sciences. 11(1), 240-243.

National Statistical Office. (2018). Survey of the use of information and communication technology in the household 2018 (Q1). Lak Si: National Statistical Office. (In Thai).

Scientific Working Group on Digital Evidence (SWGDE). (2014). SWGDE Best Practices for Computer Forensics Version 3.1.

Suriyawongkul, A. (2015). Digital evidence is everywhere. How to manage it reliably. Retrieved 15 September 2019, from https://thainetizen.org/2015/07/digital-forensics-workshop/. (In Thai).

Thailand Computer Emergency Response Team (ThaiCERT) of Electronic Transactions Development Agency (Public Organization). (2020). Threat statistics. Retrieved 12 February 2020, from https://www.thaicert.or.th/statistics/statistics.html. (In Thai).

Umberg, T. and Warden, C. (2013). Digital Evidence and Investigatory Protocols. Digital Evidence and Electronic Signature Law Review. 11, 128-136.

Working Group for Drafting Digital Forensic Examination Practice Standards. (2016). Recommendations for Digital Devices Management Standards in Forensic Examination. Huai Khwang: Digital Forensics Center of Electronic Transactions Development Agency (Public Organization). (In Thai).

Working Group for Drafting Digital Forensic Examination Practice Standards. (2018). Thailand Internet User Behavior 2018. Huai Khwang: Digital Forensics Center of Electronic Transactions Development Agency (Public Organization). (In Thai).