Towards A Systemic Framework for Digital Forensic Readiness

Elyas, Mohamed; Maynard, Sean B.; Ahmad, Atif; Lonie, Andrew

doi:10.1080/08874417.2014.11645708

Cited by 36 publications

(20 citation statements)

References 36 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In a paper by Mohamed et al, [11] a description is given about a comprehensive approach to identifying the factors that contribute to DFR and how these factors work together to achieve forensic readiness in an organization. In this research, a conceptual framework for organizational forensic readiness was developed, and a future work towards the empirical validation and refinement of the framework was defined.…”

Section: Related Workmentioning

confidence: 99%

Adding Digital Forensic Readiness as a Security Component to the IoT Domain

Kebande¹,

Karie²,

Venter³

2018

International Journal on Advanced Science, Engineering and Information Technology

View full text Add to dashboard Cite

The unique identities of remote sensing, monitoring, self-actuating, self-adapting and self-configuring "things" in Internet of Things (IoT) has come out as fundamental building blocks for the development of "smart environments". This experience has begun to be felt across different IoT-based domains like healthcare, surveillance, energy systems, home appliances, industrial machines, smart grids and smart cities. These developments have, however, brought about a more complex and heterogeneous environment which is slowly becoming a home to cyber attackers. Digital Forensic Readiness (DFR) though can be employed as a mechanism for maximizing the potential use of digital evidence while minimizing the cost of conducting a digital forensic investigation process in IoT environments in case of an incidence. The problem addressed in this paper, therefore, is that at the time of writing this paper, there still exist no IoT architectures that have a DFR capability that is able to attain incident preparedness across IoT environments as a mechanism of preparing for post-event response process. It is on this premise, that the authors are proposing an architecture for incorporating DFR to IoT domain for proper planning and preparing in the case of security incidents. It is paramount to note that the DFR mechanism in IoT discussed in this paper complies with ISO/IEC 27043: 2015, 27030:2012 and 27017: 2015 international standards. It is the authors' opinion that the architecture is holistic and very significant in IoT forensics.

show abstract

Section: Related Workmentioning

confidence: 99%

Adding Digital Forensic Readiness as a Security Component to the IoT Domain

Kebande¹,

Karie²,

Venter³

2018

International Journal on Advanced Science, Engineering and Information Technology

View full text Add to dashboard Cite

show abstract

“…In addition, Kohn et al [20] proposed the following components of the digital forensic readiness model: evidence collection and preservation policy, information system usage policy, etc. Through the studies of Elyas et al [2] and Kim et al [15], the organization's culture regarding digital forensic investigation, governance structure, etc. was proposed as a component of the digital forensic readiness model; in addition, they proposed policy requirements needed for digital forensic readiness.…”

Section: Digital Forensics Readinessmentioning

confidence: 99%

“…Numerous organizations think of preparation for future security incidents as the lowest-priority task, or generate the results of introducing new digital forensic investigations after security incidents occur because they only consider it as political side of the inside and outside of the organization. Organizations that desire to prepare digital forensic readiness have difficulties in determining the kind of technical readiness required to gain digital forensic capability [2]. In particular, as explained earlier, with the development of ICT technology, organizations that pursue a change into a smart work environment equipped with immediacy need to ensure an appropriate level of readiness with the investment of optimal resources, as it is difficult to invest identical manpower and expenses to the existing work environment.…”

Section: Introductionmentioning

confidence: 99%

Research on Digital Forensic Readiness Design in a Cloud Computing-Based Smart Work Environment

Park

Kim

Park³

et al. 2018

Sustainability

View full text Add to dashboard Cite

Recently, the work environments of organizations have been in the process of transitioning into smart work environments by applying cloud computing technology in the existing work environment. The smart work environment has the characteristic of being able to access information assets inside the company from outside the company through cloud computing technology, share information without restrictions on location by using mobile terminals, and provide a work environment where work can be conducted effectively in various locations and mobile environments. Thus, in the cloud computing-based smart work environment, changes are occurring in terms of security risks, such as an increase in the leakage risk of an organization's information assets through mobile terminals which have a high risk of loss and theft and increase the hacking risk of wireless networks in mobile environments. According to these changes in security risk, the reactive digital forensic method, which investigates digital evidence after the occurrence of security incidents, appears to have a limit which has led to a rise in the necessity of proactive digital forensic approaches wherein security incidents can be addressed preemptively. Accordingly, in this research, we design a digital forensic readiness model at the level of preemptive prevention by considering changes in the cloud computing-based smart work environment. Firstly, we investigate previous research related to the cloud computing-based smart work environment and digital forensic readiness and analyze a total of 50 components of digital forensic readiness. In addition, through the analysis of the corresponding preceding research, we design seven detailed areas, namely, outside the organization environment, within the organization guideline, system information, terminal information, user information, usage information, and additional function. Then, we design a draft of the digital forensic readiness model in the cloud computing-based smart work environment by mapping the components of digital forensic readiness to each area. To verify the draft of the designed model, we create a survey targeting digital forensic field-related professionals, analyze their validity, and deduce a digital forensic readiness model of the cloud computing-based smart work environment consisting of seven detailed areas and 44 components. Finally, through an analytic hierarchy process analysis, we deduce the areas that should be emphasized compared to the existing work environment to heighten the forensic readiness in the cloud computing-based smart work environment. As a result, the weightings of the terminal information Universal Subscriber Identity Module(USIM) card, collect/gain virtual machine image, etc.), user information (user account information analysis, analysis of user's used service, etc.), and usage information (mobile OS artifact timeline analysis, action analysis through timeline, etc.) appear to be higher than those of the existing work environment. This is analyzed for each organization to preem...

show abstract

“…They proposed a theoretical digital forensics framework that can guide organizations in implementing proactive forensics. Moreover, Elyas et al [20,21] Certain papers have highlighted the need for new tools and digital forensics techniques to investigate anti-forensics methods; these papers have also provided an automation of live investigations. Moreover, a systematic literature review was undertaken by Alharbi [23] in order to identify and map out the existing processes in the digital forensics literature.…”

Section: Related Workmentioning

confidence: 99%

A Framework for Cloud Forensic Readiness in Organizations

Alenezi

Hussein

Walters

et al. 2017

2017 5th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud)

View full text Add to dashboard Cite

Abstract-Many have argued that cloud computing is one of the fastest growing and most transformative technologies in the history of computing. It has radically changed the way in which information technologies can manage, access, deliver and create services. It has also brought numerous benefits to end-users and organizations. However, this rapid growth in cloud computing adoption has also seen it become a new arena for cybercrime. This has, in turn, led to new technical, legal and organizational challenges. In addition to the large number of attacks which affect cloud computing and the decentralized nature of data processing in the cloud, many concerns have been raised. One of these concerns is how to conduct a proper digital investigation in cloud environments and be ready to collect data proactively before an incident occurs in order to save time, money and effort. This paper proposes the technical, legal and organizational factors that influence digital forensic readiness for Infrastructure as a Service consumers.

show abstract

Towards A Systemic Framework for Digital Forensic Readiness

Cited by 36 publications

References 36 publications

Adding Digital Forensic Readiness as a Security Component to the IoT Domain

Adding Digital Forensic Readiness as a Security Component to the IoT Domain

Research on Digital Forensic Readiness Design in a Cloud Computing-Based Smart Work Environment

A Framework for Cloud Forensic Readiness in Organizations

Contact Info

Product

Resources

About