Towards Increasing Trust In Expert Evidence Derived From Malware Forensic Tools
Ian Kennedy, Arosha Bandara, Blaine Price
TL;DR
This paper proposes the Malware Analysis Tool Evaluation Framework (MATEF) to improve trust and scientific rigor in digital forensic malware analysis, addressing current gaps in tool evaluation and practitioner accreditation.
Contribution
It introduces a structured framework for evaluating malware analysis tools, enhancing scientific methodology and practitioner standards in digital forensic investigations.
Findings
MATEF addresses key legal and practical needs in malware analysis.
The framework improves reliability and trust in forensic tool results.
It supports the push for mandatory practitioner accreditation.
Abstract
Following a series of high profile miscarriages of justice in the UK linked to questionable expert evidence, the post of the Forensic Science Regulator was created in 2008. The main objective of this role is to improve the standard of practitioner competences and forensic procedures. One of the key strategies deployed to achieve this is the push to incorporate a greater level of scientific conduct in the various fields of forensic practice. Currently there is no statutory requirement for practitioners to become accredited to continue working with the Criminal Justice System of England and Wales. However, the Forensic Science Regulator is lobbying the UK Government to make this mandatory. This paper focuses upon the challenge of incorporating a scientific methodology to digital forensic investigations where malicious software ('malware') has been identified. One aspect of such a…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.