Journal of Information Systems and Informatics (Jun 2024)
Comparison Study of NIST SP 800-86 and ISO/IEC 27037 Standards as A Framework for Digital Forensic Evidence Analysis
Abstract
To ensure a comprehensive and scientifically rigorous analysis, adhering to standardized procedures serves as the foundation of any investigation. In the realm of digital forensics, the establishment of well-defined protocols for generating exhaustive reports to analyze digital evidence holds paramount importance. These reports not only carry significance in legal contexts but are also increasingly valuable across various industries for internal purposes. Esteemed organizations like the International Organization for Standardization (ISO) and the National Institute of Standards and Technology (NIST) have played a pivotal role in shaping recognized standards in this domain. The primary goal of this report is to conduct an in-depth comparison between two prominent digital forensics standards: ISO/IEC 27037, widely embraced in industries, and NIST SP 800-86, predominantly prevalent in academic circles. Through this comprehensive analysis, the report aims to provide valuable insights to Digital Evidence First Responders (DEFR), including law enforcement, academia, and industry professionals. By elucidating the discrepancies, scopes, and limitations inherent in each standard, DEFRs can bolster their understanding, thus empowering them to make well-informed decisions during digital investigations. Future works in this field should focus on the continual evolution of digital forensic practices, adapting to new technologies and challenges, and ensuring that standards remain up to date with the dynamic digital landscape.
Keywords
