Open In App

UML Digital Forensic Model

Last Updated : 29 Jun, 2023
Improve
Improve
Like Article
Like
Save
Share
Report

Unified Modeling Language (UML) contains a set of rules for modeling software and system designs. It is used to model various processes of digital forensics. The digital forensic process of UML consists of five main phases: 

1. Collection Phase

Digital evidence is collected from various sources such as computers, smartphones, and other digital devices. To model this phase in UML the “Use Case Diagram” and “Activity Diagram” is used. The Use Case diagram will show the actions involved in the collection process and the Activity Diagram illustrates the sequence of activities involved in collecting the evidence.

2. Examination Phase

Digital evidence is examined to identify the potential evidence. This phase in UML uses the “Class Diagram” and “Sequence Diagram”. The Class Diagram represents the classes examining the evidence while the Sequence Diagram defines the sequence of activities in the examination process.

3. Analysis Phase

Evidence is analyzed to identify the facts and circumstances surrounding the case. Modeling of this phase in UML is done using the “State chart Diagram”. The State Chart Diagram displays the states in the analysis process. 

4. Reporting Phase

Findings from the analysis are documented in a report. This phase is modeled in UML using the “Component Diagram”. The Component Diagram clarifies the components used in its creation.

5. Evidence Reporting Phase

The evidence report is presented in court or to other relevant parties. This phase is modeled in UML using the “Deployment Diagram”. The Deployment Diagram interprets the hardware and software components in presenting the report. 

The whole process is triggered by criminal activity which contributes of starting point. Prepare is the final step. The rest of the process follows logically from preparation to collection, authenticating, examination, and analysis.

Authentication is introduced between the examination and collection phases to make sure that the data integrity of the data before the examination is started is preserved. Examination alters the content of data such as in the case of compressed files, hidden files, and other forms of data incomprehension. The primary investigator will consider whether to analyze more data or to extract more data from original source. After reaching the decision points an evidence report is compiled as part of the procedure. The whole document is compiled during the investigation phase.  

Overall, UML is a useful tool for modeling the digital forensic process that allows investigators to visualize and communicate the steps involved in a clear and structured manner.

UML Digital Forensic Model

 


Like Article
Suggest improvement
Next
Difference between UML and ER diagram
Share your thoughts in the comments

Similar Reads

Conceptual Model of the Unified Modeling Language (UML)
Top 7 UML Diagram Tools That You Can Consider
Difference between UML and ER diagram
Introduction to UML Diagrams
Sequence Diagram (UML) of Ecommerce Firm in Software Engineering
Project Idea | (Online UML Designing Tool)
State Machine Diagrams | Unified Modeling Language (UML)
Activity Diagrams | Unified Modeling Language (UML)
Sequence Diagrams | Unified Modeling Language (UML)
Object Diagrams | Unified Modeling Language (UML)

S
shravanimjagtap13
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox