The digital forensics research community develops new solutions daily to advance its subfields, including cloud and network forensics and security. However, a substantial amount of such research requires greater experimental rigor. A few works have discussed how to improve such rigor. One of the most essential ways to address it is to promote the reproducibility of digital forensics controlled experiments. Research has demonstrated that specific techniques, such as conceptual modeling and ontology, have been successfully applied.
This book presents techniques for planning, modeling, conducting, and disseminating controlled experiments and quasi-experiments in digital forensics. By properly documenting and disseminating experiments, researchers are preparing their experimental artifacts to ensure reproducibility, thereby enabling the appropriate evolution of a given research topic.
The target audience comprises researchers in digital forensics, undergraduate and graduate students, law enforcement personnel, police, experts, and other related communities interested in improving their experiments to make them more reproducible. All of these groups might benefit from this book by deepening their understanding of the essential concepts of digital forensics experiments, how to plan, conduct, and disseminate experimental findings, and how to organize experimental artifacts for reproducibility.
Table of Contents:
Part I: Fundamentals of Digital Forensics and Controlled Experimentation.- 1. Digital Forensics in a Nutshell.- 2. Principles of Controlled Experimentation.- 3. The Role of Reproducibility in Science and Digital Forensics.- Part II: Documenting Digital Forensics Controlled Experiments.- 4. Basics of Conceptual Modelling.- 5. ExperDF-CM: a Digital Forensics Controlled Experiments Conceptual Model.- Part III: Formal Representation and Semantic Integration of Digital Forensics Controlled Experiments.- 6. Basics of Ontology and SPARQL Queries.- 7. The ExperDF-Onto Ontology.- Part IV: ExperDF-Onto Walkthroughs of Exemplary Digital Forensics.- 8. Example 1: The Memory That Wouldn’t Lie.- 9. Example 2: Unlocking the Locked - Smartphone Bypass Experiments.- 10. Example 3: The Case of the Altered Cloud Logs.- 11. Example 4: Echoes in the IoT Lab.- 12. Example 5: The Invisible Signature — Blockchain Provenance.- Part V: Integration, Reflection, and Future Directions.- 13. Concluding Remarks - Towards a Scientifically Grounded and Open Digital Forensic.
About the Author :
Edson OliveiraJr: Member of the Brazilian Computer Society (SBC), Brazilian Forensic Sciences Society (SBCF), and Association for Computing Machinery (ACM). Associate Professor in the Informatics Department at the State University of Maringá (UEM), Brazil. He holds a BSc and an MSc in Computer Science from UEM, as well as a PhD in Computer Science from the University of São Paulo (ICMC-USP). He also completed a postdoctoral fellowship in Digital Forensics Experimentation at PUCRS. His research spans Software Engineering and Digital Forensics, with contributions in software processes, software product lines, software architecture evaluation, variability management, metrics and modeling, UML modeling and metamodeling, and Java-based development environments. In Digital Forensics, his work focuses on experimentation methods, requirements, ontologies, conceptual models, and tooling for forensic investigation. He is also an active advocate for open science and has been engaged in broad discussions on strengthening scientific rigor, transparency, and reproducibility in computing research.
Thiago J. Silva: Technology Manager at Ambev Tech, with experience in technical leadership, including Azure DevOps, JavaScript, CI/CD, and IoT. He has a strong background in quality assurance and digital transformation. He holds a Bachelor’s degree in Systems Analysis and Development from Faculdade Cidade Verde, a Master’s degree in Computer Science. He is currently a Ph.D. candidate in Computer Science at the State University of Maringá (UEM), with research interests in software engineering, digital forensics, and open science.
Charles V. Neu: Member of the Brazilian Computer Society (SBC). Adjunct professor at UNISC/Brazil. Computer Science Professional in SecOps and DevOps. Computer Science BSc from University of Santa Cruz do Sul - UNISC (2011), Industrial Systems and Processes MSc from University of Santa Cruz do Sul - UNISC (2014), and Computing Science PhD from Pontifical Catholic University of Rio Grande do Sul - PUCRS (2019). Post-doctorate at the Secure and Resilient Systems Centre at Newcastle University (2020-2024). Main research topics: security, privacy, Compliance, AI, IoT, Computer Networks, and digital forensics.
Avelino F. Zorzo: Member of the Brazilian Computer Society (SBC), Brazilian Society for the Advancement of Science, and Institute of Electrical and Electronics Engineers (IEEE). Full-time professor at PUCRS/Brazil. Computer Science BSc from Universidade Federal do Rio Grande do Sul (1989), Computer Science MSc from Universidade Federal do Rio Grande do Sul (1994), and Computing Science PhD from Newcastle University, England (1999). Post-doctorate at the Cybercrime and Computer Security Center at Newcastle University (2012). Computer Science Area Coordinator at CAPES (Ministry of Education - Brazil - 2022-2026). Education Director at the Brazilian Computing Society (2015-2017). Computer Science Area Adjunct Coordinator at CAPES (Ministry of Education - Brazil - 2014-2022). Main research topics: security, dependability, software testing, and digital forensics.
Ana H. B. Mazur: Systems analyst at Lode Desenvolvimento de Software Ltda. She has a bachelor's degree in Computer Science from the State University of Maringá (UEM), with research interests in digital forensics and information security.
