Title: Building Ontologies for Digital Forensic Terminologies

Issue Number: Vol. 5, No. 2
Year of Publication: Apr - 2016
Page Numbers: 75-82
Authors: Nickson M. Karie, Victor R. Kebande
Journal Name: International Journal of Cyber-Security and Digital Forensics (IJCSDF)
- Hong Kong
DOI:  http://dx.doi.org/10.17781/P002032

Abstract:


Digital forensics (DF) is a relatively new discipline with a lot of technical and non-technical terminologies that can be hard to comprehend. During a timeintensive digital forensic investigation process, for example, investigators may at times encounter several new terminologies. In such a scenario, the time required to unearth and analyse the root cause of a potential security incident might be influenced by the complexity involved in resolving the meaning of new terminologies encountered. The difficulty lies in the lack of an approach in DF that can help investigators in resolving the meaning of terminologies or even how these terminologies are perceived by individuals especially when used in their domain of expertise. If existing digital forensic tools, for example, were to be designed in such a way as to allow investigators to automatically resolve or incorporate the meaning of new terminologies used or encountered during investigations, then the time required to unearth and analyse the root cause of a security incident might be reduced extensively. The main problem addressed in this paper therefore, is that, there exists no approaches in DF that have the ability to help investigators in reasoning with regard to the perceived meaning of different digital forensic terminologies encountered during a digital forensics investigation process. Existing tools thus needs to incorporate new approaches that can help in resolving or clarifying the meaning of new terminologies used during investigation processes. For this reason, this paper examines the concept of building ontologies for digital forensic terminologies and proposes an ontological approach to resolve the meaning of different digital forensic terminologies. Besides, ontologies are known to provide a form of knowledge in a given discipline of interest. In the authors’ opinion, thus, building ontologies for digital forensic terminologies can support the development of future investigative tools as well as new techniques to a degree of certainty.