Spelling suggestions: "subject:"proactive digital forensic"" "subject:"proactive digital orensic""
1 |
Proactive System for Digital Forensic InvestigationAlharbi, Soltan Abed 07 April 2014 (has links)
Digital Forensics (DF) is defined as the ensemble of methods, tools and techniques
used to collect, preserve and analyse digital data originating from any type of digital
media involved in an incident with the purpose of extracting valid evidence for a court
of law.
DF investigations are usually performed as a response to a digital crime and,
as such, they are termed Reactive Digital Forensic (RDF). An RDF investigation
takes the traditional (or post-mortem) approach of investigating digital crimes after
incidents have occurred. This involves identifying, preserving, collecting, analyzing,
and generating the final report.
Although RDF investigations are effective, they are faced with many challenges,
especially when dealing with anti-forensic incidents, volatile data and event reconstruction.
To tackle these challenges, Proactive Digital Forensic (PDF) is required.
By being proactive, DF is prepared for incidents. In fact, the PDF investigation has
the ability to proactively collect data, preserve it, detect suspicious events, analyze
evidence and report an incident as it occurs.
This dissertation focuses on the detection and analysis phase of the proactive
investigation system, as it is the most expensive phase of the system. In addition,
theories behind such systems will be discussed. Finally, implementation of the whole
proactive system will be tested on a botnet use case (Zeus). / Graduate / 0984 / 0537 / soltanalharbi@hotmail.com
|
2 |
Proactive System for Digital Forensic InvestigationAlharbi, Soltan Abed 07 April 2014 (has links)
Digital Forensics (DF) is defined as the ensemble of methods, tools and techniques
used to collect, preserve and analyse digital data originating from any type of digital
media involved in an incident with the purpose of extracting valid evidence for a court
of law.
DF investigations are usually performed as a response to a digital crime and,
as such, they are termed Reactive Digital Forensic (RDF). An RDF investigation
takes the traditional (or post-mortem) approach of investigating digital crimes after
incidents have occurred. This involves identifying, preserving, collecting, analyzing,
and generating the final report.
Although RDF investigations are effective, they are faced with many challenges,
especially when dealing with anti-forensic incidents, volatile data and event reconstruction.
To tackle these challenges, Proactive Digital Forensic (PDF) is required.
By being proactive, DF is prepared for incidents. In fact, the PDF investigation has
the ability to proactively collect data, preserve it, detect suspicious events, analyze
evidence and report an incident as it occurs.
This dissertation focuses on the detection and analysis phase of the proactive
investigation system, as it is the most expensive phase of the system. In addition,
theories behind such systems will be discussed. Finally, implementation of the whole
proactive system will be tested on a botnet use case (Zeus). / Graduate / 0984 / 0537 / soltanalharbi@hotmail.com
|
Page generated in 0.0791 seconds