The article “Data for digital forensics: Why a discussion on ‘how realistic is synthetic data’ is dispensable” has been accepted by the ACM Journal of Digital Threats: Research and Practice for open access publication. Details about the article are listed below. Special thanks to my co-authors Thomas Göbel and Harald Baier.
This article was presented at the 12th International Conference on IT Security Incident Management IT Forensics (IMF).
Abstract
Digital forensics depends on data sets for various purposes like concept evaluation, educational training, and tool validation. Researchers have gathered such data sets into repositories and created data simulation frameworks for producing large amounts of data. Synthetic data often face skepticism due to its perceived deviation from real-world data, raising doubts about its realism. This paper addresses this concern, arguing that there is no definitive answer. We focus on four common digital forensic use cases that rely on data. Through these, we elucidate the specifications and prerequisites of data sets within their respective contexts. Our discourse uncovers that both real-world and synthetic data are indispensable for advancing digital forensic science, software, tools, and the competence of practitioners. Additionally, we provide an overview of available data set repositories and data generation frameworks, contributing to the ongoing dialogue on digital forensic data sets’ utility.