Thu. Mar 28th, 2024

Editor’s Note: Taken directly from the recent NIST media release highlighting the first large-scale “black box” study to test the accuracy of computer and mobile forensics, the following information is provided to describe the new digital forensics research initiative from NIST which, according to Barbara Guttman, leader of NIST’s digital forensics research program, is designed to help better understand the state of the practice and measure how well digital forensics experts do their job.

NIST Media Announcement

NIST to Digital Forensics Experts: Show Us What You Got

Digital forensics experts often extract data from computers and mobile phones that may contain evidence of a crime. Now, researchers at the National Institute of Standards and Technology (NIST) will conduct the first large-scale study to measure how well those experts do their job. But rather than testing the proficiency of individual experts, the study aims to measure the performance of the digital forensics community overall.

In this study, to be conducted online, participants will examine simulated digital evidence, then answer questions that might arise in a real criminal investigation. The exercise should take about two hours, and participation is voluntary. Enrollment is now open, and the online test will be available for approximately three months.

“We want to understand the state of the practice,” said Barbara Guttman, leader of NIST’s digital forensics research program. “Can experts produce accurate and reliable information when examining data from a digital device?”

In any forensic discipline, experts can encounter difficult cases. Fingerprints can be smudged and distorted. DNA can be degraded. One challenge with digital evidence is that it can often be difficult to find key bits of evidence among large volumes of data. Also, technology changes so quickly that it can be difficult to keep up.

“Forensics experts can’t extract data perfectly in every possible scenario,” Guttman said. “Phones change. Apps change. The world just moves too fast.”

While no forensic method works perfectly all the time, researchers can measure performance within a discipline by testing the experts. For instance, researchers might show fingerprint experts a series of prints and ask whether they do or don’t match. The study designers know the correct answers, and by combining the results from many experts, they can gain insight into the reliability of the method overall.

These studies only determine whether the expert gave the correct answer, without concern for how they reached it. In other words, they treat the expert as a black box — something you cannot see inside. Researchers use black box studies to assess the reliability of methods that rely on human judgment.

For the NIST black box study, participants will download simulated evidence from the NIST website in the form of one virtual mobile phone and one virtual computer. Such virtual devices, called “forensic images,” are commonly used in digital forensics, and study participants will be able to connect to them using the same software tools they use when working on real cases.

The forensic images created for this study simulate imagined but realistic scenarios involving a potential homicide and a potential theft of intellectual property. Study participants will download the images, examine them using whatever forensic software tools they choose, and answer a series of questions. For instance:

  • What software program was used to discuss a potentially illegal transaction?
  • What was the VIN number of the vehicle that connected to the phone via Bluetooth?
  • What location information can be gleaned from the photo of a black Labrador found on this device?

The study is open to all public and private sector digital examiners who conduct hard drive or mobile phone examinations as part of their official duties. NIST will not calculate the performance of any specific expert or laboratory. Instead, NIST will publish anonymized and aggregated results that show the overall performance for the expert community and different sectors within that community.

This study will fulfill a critical need identified in a landmark 2009 report by the National Academy of Sciences. Titled Strengthening Forensic Science in the United States: A Path Forward, that report called for black box studies to measure the reliability of forensic methods that rely on human judgment. Courts and jurors can then consider the results of those studies when weighing evidence. The results of this study will also provide strategic direction for future research.

This black box study is part of a larger effort to evaluate the scientific foundations of digital forensic methods. NIST is also conducting scientific foundation reviews for DNA mixtures, firearms identification and bitemark analysis.

For more information and to enroll, visit the NIST Blackbox Study for Digital Examiners webpage.

Read the original media announcement at NIST to Digital Forensics Experts: Show Us What You Got

Additional Reading

Source: ComplexDiscovery

 

Generative Artificial Intelligence and Large Language Model Use

ComplexDiscovery OÜ recognizes the value of GAI and LLM tools in streamlining content creation processes and enhancing the overall quality of its research, writing, and editing efforts. To this end, ComplexDiscovery OÜ regularly employs GAI tools, including ChatGPT, Claude, Midjourney, and DALL-E, to assist, augment, and accelerate the development and publication of both new and revised content in posts and pages published (initiated in late 2022).

ComplexDiscovery also provides a ChatGPT-powered AI article assistant for its users. This feature leverages LLM capabilities to generate relevant and valuable insights related to specific page and post content published on ComplexDiscovery.com. By offering this AI-driven service, ComplexDiscovery OÜ aims to create a more interactive and engaging experience for its users, while highlighting the importance of responsible and ethical use of GAI and LLM technologies.

 

Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know, and we will make our response to you a priority.

ComplexDiscovery OÜ is a highly recognized digital publication focused on providing detailed insights into the fields of cybersecurity, information governance, and eDiscovery. Based in Estonia, a hub for digital innovation, ComplexDiscovery OÜ upholds rigorous standards in journalistic integrity, delivering nuanced analyses of global trends, technology advancements, and the eDiscovery sector. The publication expertly connects intricate legal technology issues with the broader narrative of international business and current events, offering its readership invaluable insights for informed decision-making.

For the latest in law, technology, and business, visit ComplexDiscovery.com.