A weekend Twitter thread about having a lack of citable, peer-reviewed, DFIR research prompted me to volunteer to host a project management website (a sub-domain of dfir.training). I think the need is real for reasons mentioned on the Twitter thread, but whether or not it can work is all together a different matter.
From what I have seen, peer reviewed DFIR research generally lives within journals and books , or within the walls of academia . Either the research is not freely available and/or not easily found within the walls and halls of educational institutions. Research is blogged about, presented at conferences, and uploaded to the Internet via any number of websites, with much of this work not being peer reviewed . There is too much great effort that is never formally published in which the researcher deserves to (1) receive formal recognition and (2) be formally peer-reviewed by the community without having to be published in a journal or book.
I absolutely give credit to the bloggers sharing their research online, more than you can imagine and for many reasons. However, referencing a blog in a case report, affidavit, or in a research paper does not quite reach the level of peer reviewed research as a source of information. The life of a blog is also indefinite, dynamic in nature, and many times never found by those who need the information.
That is where I am offering research.dfir.training as an option.
Given enough interest, I will gladly maintain the website, and ensure that the research will always be freely available. I will manage the users and research groups to reduce the risk of trouble-makers (such as bots and spammers) from having access to the editable parts of the research projects.
Playing devil’s advocate, here is what I see:
-Lack of willing contributors
-Lack of willing peer-reviewers
-Continued reliance on wiki’s and blogs as a source of non-peer reviewed research
-Continued non-sharing of personal research
Countering this, I see:
-Contributors being those who have already completed personal research, who can now have their work peer-reviewed
-Peer reviewers growing professionally by helping and mentoring researchers
-Reliance on credible, peer-reviewed, professionally monitored research for citable resources
- You personally being credited and formally validated by the community for your work
-Research that is developed, peer-reviewed, and published months faster than in a journal or book
-Research that meets Daubert-Frye standards (community accepted methods)
- You get another source of community validated research without having to pay for it
To gauge interest
I have a Twitter poll that will expire in a few days. If not enough interest, perhaps the timing is not right. Personally, I think it is past time for an additional means to create peer reviewed research for those who would rather see their efforts received by the community-at-large, rather than kept behind paywalls or within privately accessible collections of research.
As to the mechanics of how this can work
-Project manager (researcher) initiates a research topic
* Project created
* Tasks created
*Contributors join in the project
*Project manager keeps the research going through final draft
*Public does not have access to the active research (unless they want to contribute)
-Final drafts reviewed by peer review process (any number of types, such as a blind review, double-blind, etc…)
*Corrections, suggestions, recommendations made
*Sent back to project team
-Project team makes corrections as necessary (or defends any claims against research)
-Final peer review and publish (accessible to the public)
All of the above is through a project management platform. The final peer reviewed and approved project would be in a standard format. This concept is to provide an additional means of peer review for that research which currently sits on websites without earning documented community credibility.
Imagine taking research you have done in the past, perhaps it's on your blog, and you get it peer-reviewed, meets Daubert-Frye standards, and becomes available to everyone as a credible source of DFIR information. That's the point to all of this.
Or, we can stick to citing blogs and wikipedias…