The ever growing storage device capacity poses a severe limit to the standard digital forensics collection procedures based on duplicating the original storage device by creating a bit-by-bit copy. Such a traditional procedure is followed, even if the goal of the investigation is to find a limited quantity of digital objects to support or refute an investigative hypothesis related to a precise case category. Therefore, in this paper, we propose a new methodology to deal with data leak cases, by applying an intelligent collection paradigm, a fast analysis approach that reduces investigation time.

• 出版日期2014-12