Proceedings ArticleDOI
Towards verifiable evidence generation in forensic-ready systems
Lukas Daubner,Martin Macak,Barbora Buhnova,Tomáš Pitner +3 more
- pp 2264-2269
Reads0
Chats0
TLDR
In this paper, the authors present a process that serves as a template for designing, developing, and refining a verification method for forensic-ready software systems, with a focus on digital evidence produced by the systems.Abstract:
With the increasing threat of cybercrime, there is also an increasing need for the forensic investigation of those crimes However, the topic of systematic preparation on the possible forensic investigation during the software development, called forensic readiness, has only been explored since recently Thus, there are still many challenges and open issues One of the obstacles is ensuring the correct implementation Moreover, the growing volume and variety of digital evidence produced by the systems have to be put into consideration It is especially important in the critical information infrastructure domain where potential cyberattacks could impact the safety of people In this paper, we present research towards verification of forensic readiness in software development, with a focus on digital evidence they produce, to assist the advancement of this research domain Furthermore, we formulate a process that serves a template for designing, developing, and refining a verification method for forensic-ready software systemsread more
Citations
More filters
Proceedings ArticleDOI
Risk-Oriented Design Approach For Forensic-Ready Software Systems
TL;DR: In this article, the authors propose a risk-oriented forensic-ready design approach for the automated valet parking scenario, which composes of two parts: (1) process guiding the identification of the requirements in the form of potential evidence sources, and (2) supporting BPMN notation capturing the potential evidence source and their relationship.
Proceedings ArticleDOI
Risk-Oriented Design Approach For Forensic-Ready Software Systems
TL;DR: In this article, the authors proposed a risk-oriented forensic-ready design approach for the automated valet parking scenario, which composes of two parts: (1) process guiding the identification of the requirements in the form of potential evidence sources, and (2) supporting BPMN notation capturing the potential evidences sources and their relationship.
Journal ArticleDOI
Addressing insider attacks via forensic-ready risk management
TL;DR: In this article , a risk management approach is proposed to derive the forensic readiness requirements addressing insider attacks, which, once implemented, assist in the reliable uncovering culprit, root cause, damage of the attack, and overall improvement of security posture.
Book ChapterDOI
BPMN4FRSS: An BPMN Extension to Support Risk-Based Development of Forensic-Ready Software Systems
TL;DR: In this paper , the syntax and semantics of BPMN for Forensic-Ready Software Systems (BPMN4FRSS) are defined and a semantic mapping to forensic-ready risk management is defined to support riskoriented design.
Book ChapterDOI
A Model of Qualitative Factors in Forensic-Ready Software Systems
TL;DR: In this paper , a forensic readiness qualitative factor reference model is presented to enable the formulation of specific requirements for forensic-ready software systems, which can then be used to formulate a verifiable requirement targeted at a specific quality.
References
More filters
Book ChapterDOI
UMLsec: Extending UML for Secure Systems Development
TL;DR: This work presents the extension UMLsec of UML that allows to express securityrelevant information within the diagrams in a system specification, and gives criteria to evaluate the security aspects of a system design, by referring to a formal semantics of a simplified UML.
Proceedings ArticleDOI
ProvChain: A Blockchain-based Data Provenance Architecture in Cloud Environment with Enhanced Privacy and Availability
TL;DR: This paper designs and implements ProvChain, an architecture to collect and verify cloud data provenance by embedding the provenance data into blockchain transactions, and demonstrates that ProvChain provides security features including tamper-proof provenance, user privacy and reliability with low overhead for the cloud storage applications.
The Enron Email Dataset Database Schema and Brief Statistical Report
Jitesh Shetty,Jafar Adibi +1 more
TL;DR: The MySql database prepared for the Enron email dataset is described and its appropriateness for research is analyzed and a social network constituting of 151 employees is derived.
Journal Article
A Ten Step Process for Forensic Readiness.
TL;DR: This paper proposes a ten step process for an organisation to implement forensic readiness, which aims to maximise its potential to use digital evidence whilst minimising the costs of an investigation.
Journal ArticleDOI
Towards a Reliable Intrusion Detection Benchmark Dataset
TL;DR: A comprehensive evaluation of the existing datasets using the proposed criteria, a design and evaluation framework for IDS and IPS datasets, and a dataset generation model to create a reliable IDS or IPS benchmark dataset are presented.