A Survey of Digital Evidences Forensic and Cybercrime Investigation Procedure

Due to the development of networks, cybercrime has many crime types, including network attack, mail fraud, intimidation, copyright infringement, and so on. For network attacks, many approaches have been proposed and used to detect and defense. However, after the network attack is confirmed or other crime exists, it still need to execute the investigation procedure by the investigators, collect the evidences related to the crime, find the perpetrators, and prosecute them. Therefore, in this paper, we collect the researches of investigation procedure of cybercrime in the recent years. By introducing the research investigation procedure of these papers, we will discover the features of every procedure. Then we compare these investigation procedures via the traditional investigative procedures compatibility, cybercrime behavior analysis, evidence forensic procedures, case analysis and verification, the methods of evidence collection and analysis, and the area of judicial jurisdiction. Finally, we will propose the viewpoints of cybercrime investigation and forensic procedures, and we wish this paper will help the research of investigation and forensic procedures.