Evidential notions of defensibility and admissibility with property preservation

Raphael C.W. Phan, Ahmad R. Amran, John N. Whitley, David J. Parish

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review


For security-emphasizing fields that deal with evidential data acquisition, processing, communication, storage and presentation, for instance network forensics, border security and enforcement surveillance, ultimately the outcome is not the technical output but rather physical prosecutions in court (e.g. of hackers, terrorists, law offenders) or counter-attack measures against the malicious adversaries. The aim of this paper is to motivate the research direction of formally linking these technical fields with the legal field. Notably, deriving technical representations of evidential data such that they are useful as evidences in court; while aiming that the legal parties understand the technical representations in better light. More precisely, we design the security notions of evidence processing and acquisition, guided by the evidential requirements from the legal perspective; and discuss example relations to forensics investigations.

Original languageEnglish
Title of host publicationOpen Research Problems in Network Security - IFIP WG 11.4 International Workshop, iNetSec 2010, Revised Selected Papers
Number of pages6
Publication statusPublished - 2011
Externally publishedYes
EventIFIP WG 11.4 International Workshop on Open Problems in Network Security 2010 - Sofia, Bulgaria
Duration: 5 Mar 20106 Mar 2010
https://link.springer.com/book/10.1007/978-3-642-19228-9 (Proceedings)

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume6555 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


ConferenceIFIP WG 11.4 International Workshop on Open Problems in Network Security 2010
Abbreviated titleiNetSec 2010
Internet address

Cite this