Title: Best Practices for Cybercrime Evidence Collection Projects

Year of Publication: Dec - 2014
Page Numbers: 21-28
Authors: Lilian Noronha Nassif
Conference Name: The International Conference in Information Security and Digital Forensics (ISDF2014)
- Greece


One important phase related to a cybercrime investigation is evidence collection. If the investigator lacks a standard, robust approach to properly conduct crime scene research, some important information can be lost, and judges can discard case evidence because the acquisition process was faulty. In this situation, a formal process could guarantee the evidence veracity and integrity. This paper presents processes, procedures, and tasks using a project structure that could be beneficial in the evidence collection phase. A detailed model that follows the project management process describes the steps a digital investigator should follow in the initiation, planning, execution, controlling, and closing phases of the evidence collection. All mechanisms can contribute to a best practices guide in the forensics field.