IS 6363: Digital Forensics - Systematic Literature Review (Choo)

Tips on conducting literature and systematic reviews in Computer Science and Cyber Security

Purpose

The purpose of this guide is to provide guidance on conducting review of research articles on a selected topic to help you:

Understand the difference between literature review vs. systematic review.
Identify relevant keywords and construct effective search statements.
Use advanced features of UTSA databases and Google Scholar to run searches.
Formulate selection criteria for research articles and methodology for your review.
Utilize citation managers to export, organize and cite relevant articles.

Google Scholar - Get Oriented

Google Scholar is a good starting point to begin your research, assess how much is already published on your topic, and identify keywords and synonyms to expand your search.

It covers scholarly literature, including journal articles, scholarly book chapters, works from institutional repositories, pre-prints, conference proceedings, as well as patents and legal opinions. It does NOT include trade journals or magazines.

Google Scholar Off Campus

To ensure that you have access off campus to full text provided by the Libraries, establish your affiliation with the UTSA Libraries. Click the link for instructions:

Setting Up Google Scholar Off Campus

Google Scholar Search Tips

Word order matters
Use quotation marks "search phrase" to search words next to each other
AND is already implied in the search algorithm, but you may use AND to combine concepts. It slightly changes results.
Use OR to add synonyms and expand your search.
Google Scholar ignores parenthesis ( ) for grouping.
Filter by Date on the left hand menu.
Click on Cited By in a result to see additional articles that cite this article.
Go to Advanced Google Scholar search by clicking on the menu icon in the top left corner > Advanced Search.

Search Example

Start simple and then improve by applying " " operators and adding synonyms. Put OR statements first.

"digital forensics" OR "cloud forensics" AND IoT

Google Scholar

UTSA Databases

Google Scholar searching is not sufficient for a systematic literature review. Database searching is required for these reasons:

Proprietary subscription content not available or not accessible in full text for free on the Web
Rich metadata and powerful search with more comprehensive and precise results and full text access

Search functionality differs among databases, but generally you can expect support for:

Boolean operators AND to combine search terms, OR to expand results, NOT to exclude
Wildcard * (or other symbol) to allow stem searching for variants of a word, e.g. crim* would search for crime and criminal
Parenthesis ( ) to group search terms
Quotation marks " " to search keywords next to each other
Limiting searches to TITLE, ABSTRACT and other fields
Limiting by date, type of publication (e.g. research article vs. conference proceeding vs. trade journal, etc.)
Exporting to citation managers

Specialized Databases

ACM Digital Library This link opens in a new window
Provides full-text access to computer science and information technology literature in all ACM (Association for Computing Machinery) journals and magazines, transactions, conference proceedings, and SIG newsletters. Some coverage begins in the 1950s.
IEEE Xplore/IET Electronic Library Online (IEL) This link opens in a new window
Provides full-text journal articles, conference papers, and technical standards published by IEEE and the IEE. Emphasis is on electrical engineering, computer science, and information systems.
Engineering Village 2 This link opens in a new window
Designed for engineers across many fields and sub-fields, this database allows the user to independently or simultaneously search the Compendex and Inspec databases. Provides access to the international engineering literature including thousands of journals, conference proceedings, dissertations, books, reports, and technical standards.

Publisher Databases

ScienceDirect This link opens in a new window
Provides full-text access to thousands of scholarly journals and e-books published by Elsevier. Indexes and abstracts articles from journals in the life, physical, medical, technical, and social sciences.
Springer Nature Link This link opens in a new window
Provides electronic access to the full-text of thousands of journals and e-books published by Springer Nature in chemical sciences, economics, environmental sciences, life sciences, law, medicine, computer science, engineering, geosciences, mathematics, statistics, and physics.

Full-text and Indexing Aggregators

ProQuest This link opens in a new window
Provides access to journals, magazines, conference proceeding and more across multiple subject areas, including cyber security.
EBSCOhost Databases This link opens in a new window
Provides bibliographic and full-text access to journals articles and other content across multiple disciplines. Select Academic Search Complete, Business Source Complete, Computer Source, and Science and Technology Collection for your search.

Required Textbook

Required Text

File System Forensic Analysis by Brian Carrier
Call Number: Online - Safari (O’Reilly for Higher Education)
ISBN: 0321268172
Publication Date: 2005

Recommended Book

Digital Forensic Education by Xiaolu Zhang (Editor); Kim-Kwang Raymond Choo (Editor)
ISBN: 3030235467
Publication Date: 2019

PRISMA 2020: Guidelines and Checklist for Systematic Reviews

The PRISMA 2020 Statement: an Updated Guideline for Reporting Systematic Reviews
The Preferred Reporting Items for Systematic reviews and Meta-Analyses (PRISMA) statement, updated in 2020, provides guidance for authors. It includes a 27-item checklist, an expanded checklist with reporting recommendations for each item, the PRISMA 2020 abstract checklist, and revised flow diagrams for original and updated reviews.

Originally developed for healthcare fields, these guidelines are now adopted by other disciplines.

BMJ 2021;372:n71 http://dx.doi.org/10.1136/bmj.n71

Examples of Literature Review Articles

Review these articles suggested by Dr. Choo for methodology and overall approach to analysis and presentation. Listed keywords are supplied in the article metadata.

Internet of Things Applications: A Systematic Review
Application-based services | Internet of Things | Systematic literature review | Smart objects | Quality of service
A Systematic Survey on Cloud Forensics Challenges, Solutions, and Future Directions
Cloud forensics | digital forensics in cloud | forensic challenges in cloud | cloud storage |
artifacts forensics | cloud network forensics | VM forensics in cloud | SDN forensics
Impacts of increasing volume of digital forensic data: A survey and future research challenges
Data mining | Data volume | Digital forensics | Evidence discovery | Forensic computer analysis |
Intelligence analysis | Knowledge management
Fog data analytics: A taxonomy and process model
Big data | Fog data analytics | Data collection | Data storage | Data reduction | Data security and privacy
Threaten me softly: A review of potential dating app risks
Dating apps | Online dating | Mobile forensics | Dating app artifacts | Dating app risks | Dating app forensics
Remote Wiping and Secure Deletion on Mobile Devices: A Review
Forensic science | Remote wiping | Secure deletion | Flash storage | NAND | Nonvolatile flash memory | Solid-state drive/disk
Windows 7 Antiforensics: A Review and a Novel Approach
Forensic science | Digital forensics | Windows 7 antiforensics | DarkComet RAT | Trojan Horse Defence