A Formalization of Digital Forensics
نویسندگان
چکیده
Forensic investigative procedures are used in the case of an intrusion into a networked computer system to detect the scope or nature of the attack. In many cases, the forensic procedures employed are constructed in an informal manner that can impede the effectiveness or integrity of the investigation. We propose a formal model for analyzing and constructing forensic procedures, showing the advantages of formalization. A mathematical description of the model will be presented demonstrating the construction of the elements and their relationships. The model highlights definitions and updating of forensic procedures, identification of attack coverage, and portability across different platforms. The forensic model is applied in a real-world scenario with focus on Linux and OS X.
منابع مشابه
Towards a Formalization of Digital Forensics
While some individuals have referred to digital forensics as an art, the literature of the discipline suggests a trend toward the formalization of digital forensics as a forensic science. Questions about the quality of digital evidence and forensic soundness continue to be raised by researchers and practitioners in order to ensure the trustworthiness of digital evidence and its value to the cou...
متن کاملAnalyzing registry, log files, and prefetch files in finding digital evidence in graphic design applications
The products of graphic design applications leave behind traces of digital information which can be used during a digital forensic investigation in cases where counterfeit documents have been created. This paper analyzes the digital forensics involved in the creation of counterfeit documents. This is achieved by first recognizing the digital forensic artifacts left behind from the use of graphi...
متن کاملShrinking the Ocean: Formalizing I/O Methods Modern Operating Systems
Currently, it is not practical for any single software system to perform forensically acceptable verification of the contents of all possible file systems on a disk, let alone the contents of more esoteric peripherals. Recent court decisions that require judges to restrict testimony based on their understanding of the validity of the science behind it will only make such verification even more ...
متن کاملOn the Development of Digital Forensics Curriculum
Computer Crime and computer related incidents continue their prevalence and frequency, resulting in losses approaching billions of dollars. To fight against these crimes and frauds, it is urgent to develop digital forensics education programs to train a suitable workforce that can effectively investigate computer crimes and incidents. There is presently no standard to guide the design of digita...
متن کاملDigital Forensics: Emerging Trends and Analysis of Counter-Security Environment
Corporates and organizations across the globe are spending huge sums on information security as they are reporting an increase in security related incidents. The proliferation of cloud, social network and multiple mobile device usage is on one side represent an opportunity and benefits to the organisation and on other side have posed new challenges for those policing cybercrimes. Cybercriminals...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IJDE
دوره 3 شماره
صفحات -
تاریخ انتشار 2004