Abstract
In recent years, the advancement of Information and Communication Technologies has led to their involvement into many criminal activities. Thus, the development and deployment of digital forensics practices represent a fundamental goal to mine the potential value of data contained in digital devices and to support cyber-security. However, investigators use a variety of techniques and proprietary forensic software to examine digital devices that generate data in different formats. The variety, volume, heterogeneity, and, sometimes, real-time nature of data obtained from devices pose considerable challenges. In this paper, we propose a framework that supports investigators during the analysis process. The proposed framework retrieves and models evidences, found through different forensic tools, exploiting semantic technologies. Moreover, we present a system able to add semantic assertion to data generated by forensics tools during extraction processes. The experimental results show that our system is able of enabling more effective access to relevant information and enhancing retrieval and reasoning capabilities.