Digital Forensics

Automating Aspects of Forensic Case Management

Abstract:

The forensics community has invested considerable effort in the development of tools in support of the different stages of a digital investigation. However, the main focus has been on the development of tools to capture data, or to support later forensic analysis in the sifting and sorting of large volumes of data in the search for information relating to specific system or user activities. 

Modeling System Activity Logging for Evidence Collection

ABSTRACT

System activity logs create an ongoing history of chronologically ordered records that describe events taking place in a computing system. Although system activity logs were originally designed for performance monitoring and troubleshooting, they can be used to collect forensic evidence.  This paper develops a generic ‘technology-independent’ model of an event reporting service. The paper finds three key features that determine data collection capability – ‘event detection’, ‘event selection’ and ‘event description’. Design constraints in each of these features typically found in mainstream operating systems are identified and the limitations imposed on the forensic evidence collection capability of modern operating systems are discussed.

An Academic Approach to Digital Forensics

ABSTRACT

Digital forensics as a field of study creates a number of challenges when it comes to the academic environment. The aim of this paper is to explore these challenges in relation to learning and teaching theories. We discuss our approach and methods of educating digital forensic investigators based on the learning axioms and models, and we also present the learning environments we develop for our scholars.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

P

PDA

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com