Nowadays, more than ever, digital forensics activities are involved in any criminal, civil or military investigation and represent a fundamental tool to support cyber-security. Investigators use a variety of techniques and proprietary software forensics applications to examine the copy of digital devices, searching hidden, deleted, encrypted, or damaged files or folders. Any evidence found is carefully analysed and documented in a “finding report” in preparation for legal proceedings that involve discovery, depositions, or actual litigation. The aim is to discover and analyse patterns of fraudulent activities. In this work, a new methodology is proposed to support investigators during the analysis process, correlating evidence found through different forensics tools. The methodology was implemented through a system able to add semantic assertion to data generated by forensics tools during extraction processes. These assertions enable more effective access to relevant information and enhanced retrieval and reasoning capabilities.

如今，数字取证活动比以往任何时候都参与任何刑事，民事或军事调查，并代表了支持网络安全的基本工具。研究人员使用各种技术和专有的软件取证应用程序检查数字设备的副本，搜索隐藏，删除，加密或损坏的文件或文件夹。任何发现的证据均经过仔细分析，并记录在“调查报告”中，以准备涉及发现，沉积或实际诉讼的法律程序。目的是发现和分析欺诈活动的模式。在这项工作中，提出了一种新的方法，以在分析过程中为研究人员提供支持，将通过不同取证工具发现的证据进行关联。该方法是通过能够在提取过程中向取证工具生成的数据添加语义声明的系统来实现的。这些断言使得可以更有效地访问相关信息，并增强了检索和推理能力。