Dr. Rogers is the Director of the Cyber Forensics Program in the Dept. of Computer and Information Technology at Purdue University. He is a Professor, Faculty Scholar, and Fellow of the Center for Education and Research in Information Assurance and Security (CERIAS). Dr. Rogers is a member of the quality assurance board for (ISC)2*s SCCP designation, the International Chair of the Law, Regulations, Compliance and Investigation Domain of the Common Body of Knowledge (CBK) committee, Chair * Program Committee Digital & Multimedia Sciences Section * American Academy of Forensic Sciences, and Chair * Certification Committee Digital Forensics Certification Board. Dr. Rogers is the Editor-in-Chief of the Journal of Digital Forensic Practice and sits on the editorial board for several other professional journals. He is also a member of other various national and international committees focusing on digital forensic science and digital evidence. Dr. Rogers is the author of numerous book chapters, and journal publications in the field of digital forensics and applied psychological analysis. His research interests include applied cyber forensics, psychological digital crime scene analysis, and cyber terrorism.
 

Abstract: Digital Evidence Analytics: What does the evidence really mean?

Traditionally we in the field of digital forensics have treated digital evidence as a static entity and have used a siloed approach when dealing with data. We as a scientific and applied discipline have done an excellent job of collecting and acquiring data, but a relatively poor job at turning this volume of data into information and knowledge. Our protocols, tools, and techniques give us a very one-dimensional view of the data. However, evidence is much more dynamic. In order to fully understand evidence we must understand its relationship to other data, other evidence from the physical domain, and the user(s) themselves. These relationships include temporal, behavioral/social and spatial dimensions.

Analytics allow us to move from raw information to knowledge and understanding; key components if we are to determine what data is relevant evidence and what is not.  Understanding data*s dynamics and inter-relationships will allow us to move from describing past actions, to being able to predict future behaviors or systems and users.