Vision: An empirical framework for examiners to accessing password-protected resources for on-the-scene digital investigations

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)


It is increasingly becoming difficult to acquire meaningful information in the field of digital forensics through the traditional approach owing to advances in information security and anti-forensics techniques. To counteract anonymous services such as data in remote areas without authentication information, data encryption, device locks, and cryptocurrencies, it is important to acquire key information through live forensics at search and seizure sites. Thus, it is necessary to establish a response system that explores and processes credential information on site and extracts meaningful information based on the processed information. To this end, this study proposes a new digital forensics framework for application at search and seizure sites. The proposed framework is designed to allow expansion in the form of additional functions on account of a module type development for the system even when new services and digital devices appear in the future. We then explain its applicability through case studies of actual digital investigations.

Original languageEnglish
Article number301376
JournalForensic Science International: Digital Investigation
Publication statusPublished - 2022 Mar

Bibliographical note

Funding Information:
This work is a part of Ph.D. thesis of the first author at the School of Cybersecurity, Korea University, South Korea. This work was supported by a Korea University Grant, and also supported by Police-Lab 2.0 Program( ) funded by the Ministry of Science and ICT(MSIT, Korea) & Korean National Police Agency (KNPA, Korea) [Project Name: Research on Data Acquisition and Analysis for Counter Anti-Forensics/ Project Number: 210121M07 ].

Publisher Copyright:
© 2022 Elsevier Ltd


  • Anti-forensics
  • Credential information
  • Digital forensics
  • Live forensics
  • Search and seizure

ASJC Scopus subject areas

  • Information Systems
  • Medical Laboratory Technology
  • Law
  • Pathology and Forensic Medicine
  • Computer Science Applications


Dive into the research topics of 'Vision: An empirical framework for examiners to accessing password-protected resources for on-the-scene digital investigations'. Together they form a unique fingerprint.

Cite this