Improving Digital Forensic Investigations through Automated User Entity Correlation

Mabrouka Abuhmida, Eric Llewellyn, Glenn Nor*

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

Abstract

Digital forensic investigation is a time-consuming process, particularly when it comes to manually correlating information between different custodians. Existing methods have been limited in their ability to provide a complete overview of relevant activities and events. In response, this research project has developed a new framework that uses metadata and document entity correlation to identify correlations between custodians. The resulting insights are novel, providing a unique overview of custodian data and a clearer understanding of document content and revisions. Using this framework, digital forensic investigators can extract relevant activity or event-based data, create custom activity or event-based correlation data, and generate event graphs. This approach is an efficient and practical way to generate actionable insights for large-scale investigations.
Original languageEnglish
Article number51446
Pages (from-to)991-1001
Number of pages12
JournalInternational Journal for Research in Applied Science & Engineering Technology
Volume11
Issue numberV
DOIs
Publication statusPublished - 11 May 2023

Keywords

  • Digital forensics
  • entity correlation
  • event-based data
  • framework development
  • custodians

Fingerprint

Dive into the research topics of 'Improving Digital Forensic Investigations through Automated User Entity Correlation'. Together they form a unique fingerprint.

Cite this