The ever growing storage device capacity poses a severe limit to the standard digital forensics collection procedures based on duplicating the original storage device by creating a bit-by-bit copy. Such a traditional procedure is followed, even if the goal of the investigation is to find a limited quantity of digital objects to support or refute an investigative hypothesis related to a precise case category. Therefore, in this paper, we propose a new methodology to deal with data leak cases, by applying an intelligent collection paradigm, a fast analysis approach that reduces investigation time.
- Data leak detection
- Intelligent imaging
- On-the-spot live investigations
ASJC Scopus subject areas
- Computer Networks and Communications
- Information Systems