Candidate:
Bianca
Esanu
Title:
An
Assessment
of,
and
Improvements
to,
the
Digital
Forensics
Acquisition
Process
of
a
Law
Enforcement
Agency
Date:
December
10,
2021
Time:
13:00
Place:
MS
Teams
Supervisor(s):
Tripunitara,
Mahesh
Abstract:
Forensics
addresses
the
collection
and
analysis
of
evidence.
Digital
forensics
is
forensics
in
the
context
of
digital
devices.
It
is
a
rapidly
evolving
field
employed
in
various
organizations
such
as
law
enforcement,
government,
and
the
private
sector.
The
acquisition
of
digital
evidence
is
the
step
in
digital
forensics
where
digital
evidence
is
preserved.
The
preservation
of
digital
evidence
in
its
original
form
is
customarily
deemed
a
necessary
property
in
the
context
of
digital
forensics,
as
such
evidence
may
need
to
be
re-examined
in
the
future.
In
this
thesis,
we
first
analyze
the
acquisition
phase
of
the
digital
forensics
process
of
the
Ontario
Provincial
Police
(OPP)
to
determine
whether
it
is
forensically
sound.
The
OPP
is
a
law
enforcement
agency
that
serves
a
population
of
14
million
people
who
reside
in
the
province
of
Ontario
in
Canada.
We
extract
a
set
of
properties
that
OPP's
acquisition
phase
does,
and
should,
uphold
to
achieve
forensic
soundness.
We
then
evaluate
whether
the
desired
properties
are
met
by
comparing
OPP's
process
to
three
standards
on
forensic
soundness
for
law
enforcement.
We
conclude
by
proposing
improvements
to
the
parts
of
the
process
that
do
not
uphold
desired
properties.
While
our
thesis
evaluates
and
provides
suggestions
to
OPP's
current
process,
it
also
serves
a
greater
purpose.
Our
contributions
allow
OPP,
and
any
other
law
enforcement
agency,
the
framework
needed
to
analyze
an
existing
process,
identify
areas
that
may
jeopardize
forensic
soundness,
and
implement
changes
that
mitigate
those
threats.
Friday, December 10, 2021 1:00 pm
-
1:00 pm
EST (GMT -05:00)