Date Approved

2025

Degree Type

Open Access Thesis

Degree Name

Master of Science (MS)

Department or School

Information Security and Applied Computing

Committee Member

Rachel Ledesma-Kinsella, MS

Committee Member

Munther Abualkibash, PhD

Abstract

The increasing use of digital technologies such as Internet of Things devices, cloud computing, and networked information systems has made digital evidence essential to modern cybersecurity investigations. Digital evidence supports the reconstruction of cyber incidents, identification of responsible parties, and legal proceedings. However, its collection and preservation pose substantial technical and legal challenges. Rapid technological change, strong encryption, data volatility, cloud-based and distributed storage, and variations in jurisdictional privacy and evidentiary laws complicate the timely, reliable, and legally admissible acquisition of digital evidence. This study addresses how investigators can effectively collect and preserve digital evidence while maintaining data integrity, legal compliance, and respect for individual privacy rights. The research examines three questions: the technical and legal challenges affecting digital evidence collection, the influence of jurisdictional differences and privacy regulations on admissibility, and strategies that enhance the reliability and legal defensibility of digital evidence. The study aims to integrate technical forensic practices with legal requirements. A qualitative approach is employed, drawing on an extensive review of academic literature, legal frameworks, case law, and established digital forensic standards. Technical methods for evidence acquisition and preservation are analyzed alongside legal principles governing privacy, jurisdiction, chain of custody, and admissibility. The findings show that encryption, data volatility,

Share

COinS