Event reconstruction in digital forensics suffers from fragmented perspectives, inconsistent terminology, and methodological fragmentation, lacking a systematic, unifying framework. Method: This paper proposes the first unified temporal event reconstruction framework tailored for digital forensics—adapting classical forensic reconstruction models to the digital domain; constructing a comprehensive, lifecycle-spanning conceptual map of temporal reconstruction; and conducting a systematic literature review (SLR) coupled with conceptual modeling to clarify terminological relationships and process elements. Contribution/Results: The study identifies three core challenges—data scale, temporal distortion, and semantic ambiguity—and establishes an extensible classification system. It delivers a consensus-based terminology set and a standardized process paradigm, thereby providing a rigorous theoretical foundation for the development and evaluation of automated event reconstruction tools.

Event reconstruction is a technique that examiners can use to attempt to infer past activities by analyzing digital artifacts. Despite its significance, the field suffers from fragmented research, with studies often focusing narrowly on aspects like timeline creation or tampering detection. This paper addresses the lack of a unified perspective by proposing a comprehensive framework for timeline-based event reconstruction, adapted from traditional forensic science models. We begin by harmonizing existing terminology and presenting a cohesive diagram that clarifies the relationships between key elements of the reconstruction process. Through a comprehensive literature survey, we classify and organize the main challenges, extending the discussion beyond common issues like data volume. Lastly, we highlight recent advancements and propose directions for future research, including specific research gaps. By providing a structured approach, key findings, and a clearer understanding of the underlying challenges, this work aims to strengthen the foundation of digital forensics.