Published Paper Details:

Cyber-attacks represent a pervasive threat in the digital age, with perpetrators leaving behind digital artefacts that can potentially unveil their identities and behaviours. In response, forensic agencies and law enforcement departments leverage an array of digital forensic toolkits, both commercial and open-source, to examine digital evidence comprehensively. This research survey, a comprehensive and in-depth study, is a comprehensive overview of the current state-of-the-art digital forensics concepts, identifying research gaps, introducing different computer forensic domains and toolkits, and offering a comparative analysis to aid investigators in tool selection during forensic processes. It also pinpoints current challenges and suggests future research directions in computer forensics. The field of digital forensics is multidimensional, encompassing various domains such as network forensics, memory forensics, and mobile forensics. Each domain presents unique challenges and requires specialised toolkits tailored to effectively extract and analyse digital evidence. The survey, designed to provide a nuanced understanding of the forensic landscape, aims to equip investigators with a comprehensive view of these domains and the corresponding toolkits. Commercial and open-source digital forensic toolkits are pivotal in evidence acquisition, analysis, and presentation. While commercial solutions often offer comprehensive features and user-friendly interfaces, open-source toolkits provide flexibility and customisation options. Through a detailed examination of these toolkits, the survey aims to empower investigators with insights into their capabilities and limitations, enabling informed decision-making during the forensic process. Moreover, the survey includes a comparative analysis of toolkit characteristics, such as scalability, reliability, and compatibility with operating and file systems. This comparative framework, a comprehensive guide, facilitates the selection of appropriate toolkits based on the specific requirements of each forensic investigation, thereby enhancing efficiency and efficacy. In addition to providing an overview of existing digital forensic practices, the survey identifies research gaps and challenges in the field. These challenges encompass technological limitations, legal and ethical considerations, and the evolving nature of cyber threats. By acknowledging these challenges, the survey encourages further research and innovation to address emerging issues and enhance the effectiveness of digital forensic investigations. Furthermore, the survey delineates future research directions, emphasising areas such as the integration of artificial intelligence and machine learning techniques into digital forensic processes, the development of standardised procedures and protocols, and the enhancement of forensic readiness in emerging technologies such as Internet of Things (IoT) and cloud computing. In conclusion, the proposed research survey is a comprehensive tool that aims to provide a comprehensive overview of digital forensics, identifying current practices, research gaps, and challenges. By offering insights into different forensic domains, toolkits, and comparative analysis, the survey empowers investigators to navigate the complex landscape of digital evidence examination effectively. Moreover, by identifying future research directions, the survey contributes to advancing the field and developing innovative solutions to combat cybercrime.