Digital Forensics(4N6) is an ever growing field of study as security on devices increases and the involvement of digital devices in investigating a crime becomes integral. This aspect of digital forensics makes it all the more important to have open access to research on digital forensics, so that investigators all around the world can benefit from the resources and lead crucial investigations in the right direction. With that said, I would like to address a few questions through this blog:
- What is Open Access or What are Open Access Articles?
- What is Digital Forensics?
- What is the Need for Open Access in Digital Forensics and Incident Response?
- Case Study on an Open Access Digital Forensics and Incident Response Journal
1. What is Open Access or What are Open Access articles?
According to Wikipedia,
“Open access (OA) is a set of principles and a range of practices through which research outputs are distributed online, free of cost or other access barriers. With open access strictly defined (according to the 2001 definition), or libre open access, barriers to copying or reuse are also reduced or removed by applying an open license for copyright.
The main focus of the open access movement is “peer reviewed research literature.” Historically, this has centered mainly on print-based academic journals.“
As per the above definition, we can see that open access corresponds to academic research papers or journals that are free to access without any charge, providing quality research to all sections of the society with better reach and quality content. When researchers have open access to academic materials, they can focus on expanding that research with limited resources, hence providing breakthrough content back to the community. A brief explanation of the various tracks related to Open Access Publishing in mind is illustrated in the following image.
2. What is Digital Forensics?
According to Wikipedia,
“Digital forensics (sometimes known as digital forensic science) is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime. The term digital forensics was originally used as a synonym for computer forensics but has expanded to cover investigation of all devices capable of storing digital data.“
Digital Forensics can be referred to as the conglomeration of forensic science involving all digital devices such as computers, mobile devices, wearable devices and vehicle infotainment systems etc. Each one has a vast field of study related to it, such as Mobile Device Forensics, Computer Forensics and Vehicle Forensics etc. Digital Forensics is employed by police departments and investigative agencies throughout the world to help chalk out the crime scene and the mindset or motives of the criminal.
3. What is the Need for Open Access in Digital Forensics and Incident Response?
Even though violent crimes have gone down in the US in the past few years, the number of digital devices associated with a crime have gone up significantly and the number of crimes related to digital fraud and cyber crimes have also risen, making Digital Forensics an important source of crime investigation data. These statistics are illustrated by the following images.
As can be seen above, the need for digital forensics has risen over the years, leading to a rise in the number of investigators as well. This situation demands access to training and education on and open access to research on Digital Forensics. Without open access to research material, investigators may not be able to make sense of the extracted data leading to reverse or no outcome to sensitive cases. Also, all investigators around the world may not have access to enough resources to be able to pay to download relevant research material, hence strengthening the case for open access in the field of Digital Forensics.
4. Case Study on an Open Access Digital Forensics and Incident Response Journal
As the nature of the study demands, a lot of open access materials are available for Digital Forensics from various sources. I would like discuss about DFRWS or DFIR Review, which is a peer reviewed Open Access journal based out of New York, United States. As per their website,
“DFIR Review responds to the need for a focal point for up-to-date community-reviewed applied research and testing in digital forensics and incident response. DFIR Review concentrates on targeted studies of specific devices, digital traces, analysis methods, and criminal activities to help digital forensic practitioners deal with real-world issues.”
This statement clearly outlines their goal of promoting up-to-date community-reviewed applied research and testing in digital forensics and incident response. This leads us to the fact that this journal is by the community and for the community, since its peer-reviewed and Open Access. Further, the motivation for the journal states that:
“Rapid review and dissemination of up-to-date results of applied research and testing is necessary to keep pace with changes in technology and cybercrime. The Internet-of-Things (IoT) and smartphone applications are prime examples of the unprecedented proliferation of new devices and digital traces. New versions of operating systems can also have data structures that contain valuable information from a forensic perspective. When a new type of digital trace is found to be relevant to a legal matter, it may be the first time it has been studied from a forensic perspective. New approaches to analysing digital traces can help develop insights in an investigation. Often this type of material is shared via blogs by active practitioners who are the first to tackle new devices, uncover new digital traces, and encounter new forms of criminal activity. Currently, these posts do not undergo community review or vetting, and are not presented or published in a formalized forum for long term reference. The faster this knowledge can be produced, reviewed, and shared among the DFIR community, the better able we will be to deal with new devices, digital traces, and criminal activities. DFIR Review aims to take the up-to-date rapid content created by practitioners and distributed regularly via blogs and provide review such that the findings can be cited and stored in a referenceable format so that it may be used by others including for reference in legal and other matters while crediting the originating source such as a practitioner blog.”
The main motivation for this Open Access journal is getting out the latest research and techniques to the DFIR community in a timely manner to assist with time sensitive investigations and individual learning while still crediting the author for their work. One of the reasons DFIR Review was born is that in DFIR, most of the research is done by tool vendors and researchers who are based of off corporate environments and do not have the time to write academic papers, so DFIR Review accepts blog formats, helping such researchers get due credit for their work.
The Open Access aspect of DFIR Review is vey well highlighted in the “Presentation” section of their website, which states that:
“Accepted submissions will be made available on the DFRWS website open access under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/). Accepted submissions will be organized along with reviewer response materials. Although authors can revise accepted materials on the basis of reviewer feedback, this is not a requirement for publication, taking into account that practitioners may not have time to rework a submission or perform additional research. Authors can post their work on their personal website or blog with a reference to the publication in DFIR Review. In this way, DFIR Review is the system of record for the work, and authors can disseminate their work with a reference to the publication in DFIR Review.”
I would like to conclude by saying that Open Access resources are an integral part of research, as they provide everyone equal access to research material without financial or other access constraints. More quality Open Access material should be promoted and should be available freely to everyone around the world.
References: 1. https://www.journals.elsevier.com/digital-investigation 2. https://www.journals.elsevier.com/digital-investigation/most-downloaded-articles 3. https://www.sciencedirect.com/science/article/pii/S1742287610000368 4. https://www.sciencedirect.com/science/article/pii/S1742287619300313 5. https://en.wikipedia.org/wiki/Open_access 6. https://en.wikipedia.org/wiki/Digital_forensics 7. https://dfrws.org/dfir-review/