Abstract:
One major challenge the investigative teams face during the course of the digital investigation of electronic devices is that popular forensic software such as Encase aid in the reporting process but do not automatically encode why the evidence being analysed is considered important. Besides, the reporting of digital investigation results is traditionally carried out in prose which is prone to error. The clustering techniques proposed in this research efficiently model the investigative findings into content-based homogeneous groups. The hybrid clustering model generates a semantic model for digital forensic evidence management when integrated into an automated image annotation system and also automatically encodes the semantic information of evidence by means of a structured vocabulary of terms. The image annotation system uses an efficient automated model called Cross Media Relevance Model and it is used for three distinct tasks: image annotation, semantic based image retrieval and content based image retrieval whose system supports Query-By-Example. The algorithm for the image annotation system is written using Microsoft Visual Basic 6.0 and the database; Microsoft SQL Server 2000, implemented on the Microsoft Windows XP Home edition. The results generated from the proposed hybrid clustering solution can be used to supplement the final report of investigative findings presented in courts of law and to clients.
