The admissibility of digital evidence from open-source forensic tools: Development of a framework for legal acceptance
Bewaard in:
| Gepubliceerd in: | PLoS One vol. 20, no. 9 (Sep 2025), p. e0331683 |
|---|---|
| Hoofdauteur: | |
| Andere auteurs: | |
| Gepubliceerd in: |
Public Library of Science
|
| Onderwerpen: | |
| Online toegang: | Citation/Abstract Full Text Full Text - PDF |
| Tags: |
Geen labels, Wees de eerste die dit record labelt!
|
MARC
| LEADER | 00000nab a2200000uu 4500 | ||
|---|---|---|---|
| 001 | 3250086975 | ||
| 003 | UK-CbPIL | ||
| 022 | |a 1932-6203 | ||
| 024 | 7 | |a 10.1371/journal.pone.0331683 |2 doi | |
| 035 | |a 3250086975 | ||
| 045 | 2 | |b d20250901 |b d20250930 | |
| 084 | |a 174835 |2 nlm | ||
| 100 | 1 | |a Ismail, Isa | |
| 245 | 1 | |a The admissibility of digital evidence from open-source forensic tools: Development of a framework for legal acceptance | |
| 260 | |b Public Library of Science |c Sep 2025 | ||
| 513 | |a Journal Article | ||
| 520 | 3 | |a The proliferation of cybercriminal activities from 2023 to 2025 has highlighted the critical role of digital forensics in legal proceedings; however, resource constraints often limit access to effective investigative capabilities. Despite the technical adequacy of open-source digital forensic tools, courts typically favor commercially validated solutions because of the absence of standardized validation frameworks for open-source alternatives, creating unnecessary financial barriers to high-quality forensic investigations. This study aims to validate and enhance the conceptual open-source digital forensic framework developed by Ismail et al. (2024) to ensure the legal admissibility of evidence acquired through open-source tools. Through a rigorous experimental methodology utilizing controlled testing environments, we conducted comparative analyses between commercial tools (FTK and Forensic MagiCube) and open-source alternatives (Autopsy and ProDiscover Basic) across three distinct test scenarios: preservation and collection of original data, recovery of deleted files through data carving, and targeted artifact searching. Each experiment was performed in triplicate to establish repeatability metrics, with error rates calculated by comparing the acquired artifacts with control references. Our findings demonstrate that properly validated open-source tools consistently produce reliable and repeatable results with verifiable integrity comparable to their commercial counterparts. The enhanced three-phase framework integrating basic forensic processes, result validation, and digital forensic readiness to satisfy Daubert Standard requirements while providing practitioners with a methodologically sound approach. This study contributes significantly to digital forensics by democratizing access to forensically sound investigative capabilities without compromising legal admissibility requirements, ultimately benefiting resource-constrained organizations while maintaining the evidentiary standards necessary for judicial acceptance. | |
| 651 | 4 | |a United States--US | |
| 653 | |a Autopsies | ||
| 653 | |a Software | ||
| 653 | |a Evidence | ||
| 653 | |a Peer review | ||
| 653 | |a Comparative analysis | ||
| 653 | |a Artifacts | ||
| 653 | |a Forensic sciences | ||
| 653 | |a Law enforcement | ||
| 653 | |a Reproducibility | ||
| 653 | |a Experimental methods | ||
| 653 | |a Forensic science | ||
| 653 | |a Autopsy | ||
| 653 | |a Acceptance | ||
| 653 | |a Identification | ||
| 653 | |a Transparency | ||
| 653 | |a Criminal investigations | ||
| 653 | |a Cybercrime | ||
| 653 | |a Computer forensics | ||
| 653 | |a Internet of Things | ||
| 653 | |a Forensic computing | ||
| 653 | |a Data recovery | ||
| 700 | 1 | |a Khairul Akram Zainol Ariffin | |
| 773 | 0 | |t PLoS One |g vol. 20, no. 9 (Sep 2025), p. e0331683 | |
| 786 | 0 | |d ProQuest |t Health & Medical Collection | |
| 856 | 4 | 1 | |3 Citation/Abstract |u https://www.proquest.com/docview/3250086975/abstract/embedded/7BTGNMKEMPT1V9Z2?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text |u https://www.proquest.com/docview/3250086975/fulltext/embedded/7BTGNMKEMPT1V9Z2?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text - PDF |u https://www.proquest.com/docview/3250086975/fulltextPDF/embedded/7BTGNMKEMPT1V9Z2?source=fedsrch |