Implementing Forensic Readiness Using Performance Monitoring Tools
نویسندگان
چکیده
This paper proposes the use of monitoring tools to record data in support of digital forensic investigations. The collection of live system data requires integrity checks and data validation to be performed as the data is collected and stored. Combining system monitoring and digital forensic functionality in a single system reduces the cost and complexity of administration and maintenance, while enhancing forensic readiness.
منابع مشابه
Graded security forensics readiness of SCADA systems
Security event logs are major indicators for the timely discovery of cyberattacks and during security incident examinations. Collection of sufficient logs of events associated with security incident time is critical for effective investigation. SCADA systems logging capabilities are intended for identifying and detecting process disruptions, not security incidents, and are frequently not suitab...
متن کاملA Forensic Framework for Handling Information Privacy Incidents
This paper presents a framework designed to assist enterprises in implementing a forensic readiness capability for information privacy incidents. In particular, the framework provides guidance for specifying high-level policies, business processes and organizational functions, and for determining the device-level forensic procedures, standards and processes required to handle information privac...
متن کاملA Ten Step Process for Forensic Readiness
A forensic investigation of digital evidence is commonly employed as a post-event response to a serious information security incident. In fact, there are many circumstances where an organisation may benefit from an ability to gather and preserve digital evidence before an incident occurs. Forensic readiness is defined as the ability of an organisation to maximise its potential to use digital ev...
متن کاملAssessing forensic readiness
In this paper we argue that optimization in terms of forensic readiness should be performed in a controlled and structured manner, taking under consideration the current situation an organization is in. We reflect upon well known practices relating to process maturity and investigate the feasibility and appropriateness of adopting such approaches in order to express forensic readiness. Levels o...
متن کاملRequirements for wireless sensor networks in order to achieve digital forensic readiness
The field of wireless sensor networking is a new and upcoming one and unfortunately still lacking as far as digital forensics is concerned. All communications between different nodes (also known as motes) are sent out in a broadcast fashion. These broadcasts make it quite difficult to capture data packets forensically whilst retaining their integrity and authenticity. This paper examines the di...
متن کامل