Open AccessJournal Article
A Ten Step Process for Forensic Readiness.
Reads0
Chats0
TLDR
This paper proposes a ten step process for an organisation to implement forensic readiness, which aims to maximise its potential to use digital evidence whilst minimising the costs of an investigation.Abstract:
A forensic investigation of digital evidence is commonly employed as a post-event response to a serious information security incident. In fact, there are many circumstances where an organisation may benefit from an ability to gather and preserve digital evidence before an incident occurs. Forensic readiness is defined as the ability of an organisation to maximise its potential to use digital evidence whilst minimising the costs of an investigation. The costs and benefits of such an approach are outlined. Preparation to use digital evidence may involve enhanced system and staff monitoring, technical, physical and procedural means to secure data to evidential standards of admissibility, processes and procedures to ensure that staff recognise the importance and legal sensitivities of evidence, and appropriate legal advice and interfacing with law enforcement. This paper proposes a ten step process for an organisation to implement forensic readiness.read more
Citations
More filters
Journal ArticleDOI
A hierarchical, objectives-based framework for the digital investigations process
TL;DR: A multi-tier, hierarchical framework to guide digital investigations that includes objectives-based phases and sub-phases that are applicable to various layers of abstraction, and to which additional layers of detail can easily be added as needed.
Journal ArticleDOI
Forensic-by-Design Framework for Cyber-Physical Cloud Systems
TL;DR: The authors discuss the challenges associated with a CPCS attack and highlight the need for forensic-by-design, prior to presenting their conceptual CPCS forensic- by-design model.
Journal ArticleDOI
Integrated digital forensic process model
TL;DR: This paper proposes a standardized Digital Forensic Process Model to aid investigators in following a uniform approach in digital forensic investigations.
Proceedings ArticleDOI
A Generic Digital Forensic Investigation Framework for Internet of Things (IoT)
Victor R. Kebande,Indrakshi Ray +1 more
TL;DR: It is the authors' opinion that if the proposed framework is successfully incorporated in future DF tool development, it will facilitate effective digital forensic crime investigation for IoT infrastructures.
Journal ArticleDOI
High-quality InGaN∕GaN heterojunctions and their photovoltaic effects
Xinhe Zheng,Ray-Hua Horng,Dong-Sing Wuu,Mu Tao Chu,Wen Yih Liao,Ming Hsien Wu,Ray-Ming Lin,Yuan Chieh Lu +7 more
TL;DR: In this article, high-quality p-GaN∕i-In01Ga09N ∕n-GaNs heterojunctional epilayers are grown on (0001)-oriented sapphire substrates by metal organic chemical vapor deposition.
References
More filters
Journal Article
Getting Physical with the Digital Investigation Process
TL;DR: The notion of a digital crime scene with its own witnesses, evidence, and events that can be investigated using the same model as a physical crime scene is introduced.
Guidelines for Evidence Collection and Archiving
D. Brezinski,Tom Killalea +1 more
TL;DR: The purpose of this document is to provide System Administrators with guidelines on the collection and archiving of evidence relevant to a security incident.
Reliable Delivery for syslog
TL;DR: Two mappings of the BSD Syslog protocol to TCP connections are described, both useful for reliable delivery of event messages and a trivial mapping maximizing backward compatibility.
Incident handling: where the need for planning is often not recognised
TL;DR: The study identified that not having prior planning for any incident handling and being unaware of the importance to do so are major inhibitors to an organization’s ability in reacting to security incidents.
The forensic chain-of-evidence model: Improving the process of evidence collection in incident handling procedures
TL;DR: This paper suggests that administrators form a new way of conceptualizing evidence collection across an intranet based on a model consisting of linked audit logs that enables the establishment of a chain of evidence that is especially useful across a corporate Intranet environment.