Abstract:
Evidence relating to computer crimes is far, much different from that associated with the everyday traditional. crimes. Unlike for digital. forensics, there are well established standards, procedures and models to which courts of law can refer to as regards traditional crimes and their acquisition This thesis makes an original contribution in the field of digital forensics in Uganda, by developing a process model and matrix for admissible. live digital evidence acquisition for Uganda. This is intended for acquisition of relevant and reliable live digital data by addressing the practical steps to be undertaken by investigators before the courts of-law can admit such evidence.
The methodology adopted for this research is design science on the basis that it is particularly suited to the task of creating u new artifact. This was achieved by determining the matrices for admissibility of live digital evidence in Ugandan courts of law which help in attaining relevancy and- reliability and later admissibility. To do so, both a literature review and model assessment of previous models and a descriptive field study using questionnaires was carried out. All this helped to identify the major activities, steps, guiding principles and rules, potential sources of live evidence and the major tools and methods used in Uganda.
The combination of these identified matrices from the results of the field study were used to extend the advanced data acquisition model, which in end led to the final stages of the admissible live digital evidence model for Uganda. Eventually the model was evaluated in a questionnaire. based field study and the results showed that at least a good number thought the model was formally represented and easy to use, the language used could be understood, model is relevant, it can be reverse engineered and the steps are direct. The feedback from these were taken into consideration for the final development of the ALDEM.
The final ALDEM consists of two major stages that is preparation and live acquisition stages, these stages are eventually summarized into nine major objects and all these are represented using unified modeling language.
