Imagen de Portada

The admissibility of digital evidence from open-source forensic tools: Development of a framework for legal acceptance

Guardado en:
Publicado en:PLoS One vol. 20, no. 9 (Sep 2025), p. e0331683
Autor principal: Ismail, Isa
Otros Autores: Khairul Akram Zainol Ariffin
Publicado:
Public Library of Science
Materias:
United States > US
Autopsies
Software
Evidence
Peer review
Comparative analysis
Artifacts
Forensic sciences
Law enforcement
Reproducibility
Experimental methods
Forensic science
Autopsy
Acceptance
Identification
Transparency
Criminal investigations
Cybercrime
Computer forensics
Internet of Things
Forensic computing
Data recovery
Acceso en línea:Citation/Abstract
Full Text
Full Text - PDF
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
Resumen:The proliferation of cybercriminal activities from 2023 to 2025 has highlighted the critical role of digital forensics in legal proceedings; however, resource constraints often limit access to effective investigative capabilities. Despite the technical adequacy of open-source digital forensic tools, courts typically favor commercially validated solutions because of the absence of standardized validation frameworks for open-source alternatives, creating unnecessary financial barriers to high-quality forensic investigations. This study aims to validate and enhance the conceptual open-source digital forensic framework developed by Ismail et al. (2024) to ensure the legal admissibility of evidence acquired through open-source tools. Through a rigorous experimental methodology utilizing controlled testing environments, we conducted comparative analyses between commercial tools (FTK and Forensic MagiCube) and open-source alternatives (Autopsy and ProDiscover Basic) across three distinct test scenarios: preservation and collection of original data, recovery of deleted files through data carving, and targeted artifact searching. Each experiment was performed in triplicate to establish repeatability metrics, with error rates calculated by comparing the acquired artifacts with control references. Our findings demonstrate that properly validated open-source tools consistently produce reliable and repeatable results with verifiable integrity comparable to their commercial counterparts. The enhanced three-phase framework integrating basic forensic processes, result validation, and digital forensic readiness to satisfy Daubert Standard requirements while providing practitioners with a methodologically sound approach. This study contributes significantly to digital forensics by democratizing access to forensically sound investigative capabilities without compromising legal admissibility requirements, ultimately benefiting resource-constrained organizations while maintaining the evidentiary standards necessary for judicial acceptance.
ISSN:1932-6203
DOI:10.1371/journal.pone.0331683
Fuente:Health & Medical Collection