Problem statement: The needs of computer forensics investigators have been directly influenced by the increasing number of crimes performed using computers. It is the responsibility of the investigator to ascertain the authenticity of the collected digital evidence. Without proper classification of digital evidence, the computer forensics investigator may ended up investigating using untrusted digital evidence and ultimately cannot be use to implicate the suspected criminal. Approach: The historical methods of verifying the authenticity of a hadith were studied. The similarities between hadith authentication and digital evidence authentication were identified. Based on the similarities of the identified processes, a new method of authenticating digital evidence was proposed, together with the trust calculation algorithm and evidence classification. Results: The new investigation processes and an algorithm to calculate the trust value of given digital evidence was proposed. Furthermore, a simple classification of evidence, based on the calculated trust values was also proposed. Conclusion/Recommendations: We had successfully extracted the methods to authenticate hadith and mapped it into the digital evidence authentication processes. The trust values of digital evidence were able to be calculated and the evidence can be further classified based on the different level of trust values. The ability to classify evidence based on trust levels can offer great assistance to the computer forensics investigator to plan their works and focus on the evidence that would give them a better chance of catching the criminals.
All Science Journal Classification (ASJC) codes
- Computer Networks and Communications
- Artificial Intelligence