Mouhtaropoulos, Antonis, Grobler, Marthie and Li, Chang-Tsun (2011) Digital forensic readiness : an insight into governmental and academic initiatives. In: 2011 European Intelligence and Security Informatics Conference, Athens, Greece, 12th-14th September 2011 pp. 191-196.

Preview

PDF WRAP_Li_PID1937883.pdf - Accepted Version - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader Download (249Kb)

Abstract

Digital Forensics is a discipline that primarily focuses on the post-incident side of an investigation. However, during the last decade, there is a considerable amount of research that considers proactive measures taken by an organization. Such measures comprise a digital forensic readiness plan. This paper first presents research initiatives on forensic readiness across the public sector and the academia, and then critically evaluates their motivations and objectives by pointing out gaps that need bridging. Lastly, it informally proposes steps to guide the formulation of a forensic readiness policy.

Item Type:	Conference Item (Paper)
Subjects:	K Law > K Law (General) T Technology > T Technology (General)
Divisions:	Faculty of Science > Computer Science
Library of Congress Subject Headings (LCSH):	Electronic evidence -- Planning, Forensic sciences -- Planning
Book Title:	2011 European Intelligence and Security Informatics Conference
Date:	September 2011
Page Range:	pp. 191-196
Identification Number:	10.1109/EISIC.2011.30
Status:	Peer Reviewed
Publication Status:	Published
Access rights to Published version:	Restricted or Subscription Access
Conference Paper Type:	Paper
Title of Event:	2011 European Intelligence and Security Informatics Conference
Type of Event:	Conference
Location of Event:	Athens, Greece
Date(s) of Event:	12th-14th September 2011
References:	[1] US-CERT (2008), "Computer Forensics," [On-line]. Available: http://www.us-cert.gov/reading_room/forensics.pdf [2] J. Tan, "Forensic Readiness," Cambridge, MA : @Stake, 2001. [3] P. G. Bradford, M. Brown, J. Perdue and B. Self, "Towards proactive computer-system forensics," in Proc. Information Technology: Coding and Computing, ITCC 2004. International Conference on, 2004, pp. 648-652, Vol.2. [4] B. E. Endicott-Popovsky and D. A. Frincke, "Embedding forensic capabilities into networks: Addressing inefficiencies in digital forensics investigations," in Proc. IEEE, Information Assurance Workshop, 2006, pp. 133-139. [5] P. Hunton, "The stages of cybercrime investigations: Bridging the gap between technology examination and law enforcement investigation," Computer Law & Security Review, vol. 27, 2011, pp. 61-67. [6] M. Karyda and L. Mitrou, "Internet forensics: Legal and technical issues," in Digital Forensics and Incident Analysis, WDFIA 2007. Second International Workshop on, 2007, pp. 3-12. [7] U. Sieber, "Legal aspects of computer-related crime in the information society," University of Würzburg. COMCRIME-Study Prepared for the European Commission, 1998. [8] Cabinet Office, "HMG Security Policy Framework," May 2010, version 4.0. [9] BBC (November 20, 2007). UK's families put on fraud alert. [On-line]. Available: http://news.bbc.co.uk/2/hi/uk_news/politics/7103566.stm [Mar. 30, 2011] [10] Kieran Poynter, "Review of information security at HM Revenue and Customs: Final report," June 2008. [11] Cabinet Office, "Data Handling Procedures in Government: Final Report," June 2008. [12] Cabinet Office, "Cross Government Actions: Mandatory Minimum Measures," 2008. [13] Cabinet Office, "HMG Information Assurance Maturity Model and Assessment Framework" May 27, 2010, version 4.0. [14] CESG, "CESC Good Practice Guide No. 18," October 2009, Issue 1.0. [15] L. Duranti and B. Endicott-Popovsky, "Digital records forensics: A new science and academic program for forensic readiness," Journal of Digital Forensics, Security and Law, vol. 5, 2010, pp.1-12. [16] Royal Canadian Mounted Police (May 2008). Computer Forensics: A Guide for IT Security Incident Responders. Information Technology Security Guide Lead Agency Publication G2-008. [On-line]. Available: http://www.rcmp-grc.gc.ca/ts-st/pubs/it-ti-sec/g2-008-eng.pdf [17] C. Taylor, B. Endicott-Popovsky and D.A. Frincke, "Specifying digital forensics: A forensics policy approach," Digital Investigation, vol. 4, 2007, pp. 101-104. [18] Attorney-General's Department - Australian Government, "Cyber Storm II National Cyber Security Exercise Final Report," 2008. [19] ISO/IEC 27037, "Guidelines for identification, collection and/or acquisition and preservation of digital evidence," Committee Draft text, 2011. [20] R. Rowlingson, "A Ten Process for Forensic Readiness," International Journal of Digital Evidence, vol. 2, 2004. [21] D. A. Ray, "Developing a proactive digital forensics system" Ph.D. Dissertation, University of Alabama, Tuscaloosa, AL, USA, 2007. [22] C.P. Grobler, C.P. Louwrens and S.H. von Solms, "A framework to guide the implementation of proactive digital forensics in organisations," in Proc. International Conference on Availability, Reliability and Security, 2010, pp. 677-682. [23] M. M. Pollitt, "An ad hoc review of digital forensic models," in Proc. Systematic Approaches to Digital Forensic Engineering, SADFE 2007, International Workshop on, 2007. [24] K. Mandia, C. Procise and M.Pepe, Incident Response and Computer Forensics. Emeryville: McGraw-Hill/Osborne, 2003. [25] PCI Security Standards Council, "Requirements and Security Assessment Procedures," 2010.
URI:	http://wrap.warwick.ac.uk/id/eprint/45247

Request changes to a record

Actions (login required)

View Item