GGrantIndex
← Search

SaTC: EDU: Expanding Digital Forensics Education with Artifact Curation and Scalable, Accessible Artifact Exercises

$300,000FY2019EDUNSF

University Of New Haven, West Haven CT

Investigators

Abstract

In digital forensic investigations, practitioners typically find data of forensic value in digital forensic artifacts. The Scientific Working Group on Digital Evidence (SWGDE) defines an artifact as "Information or data created as a result of the use of an electronic device that shows past activity". However, educational programs and resources have not kept up with digital forensics artifacts - which are the cornerstone of real-world investigations. Practitioners face the challenge of the diversity and volume of digital forensic artifacts they encounter. This makes the process of integrating artifacts into educational programs difficult. Little to no research has focused on creating scalable educational material that may be employed by instructors to teach the process of artifact curation and analysis. This is not only causing a learning gap in academic programs but is decreasing the possibility of students graduating with the necessary skills to conduct artifact analysis upon graduation. The community needs a granular, validated academic artifact dataset as well as academic exercises that employ them. This project will support the development of educational materials to address the artifact problem and will lead to graduates that understand artifacts, what they are and the process of recovering them. By leveraging past work on the Artifact Genome Project (AGP), the researchers will curate digital forensic artifacts, and use them to design scalable, self-paced, open, online digital forensic exercises. Furthermore, artifacts produced from this work will impact practice. The work will have an impact on a multitude of organizations worldwide spanning private, local, and federal organizations. The work will also impact digital forensics education through a paradigm shift from focusing only on data dumps, to digital forensic artifacts. Lastly, the curation of artifacts over time aids in the exploration of the basic scientific principles related to what artifacts are, their ontology, and definition. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

View original record on NSF Award Search →