Integrated Computer Forensics Investigation Process Model (ICFIPM) for Computer Crime Investigations

2015 ◽  
pp. 83-95 ◽  
Author(s):  
Reza Montasari ◽  
Pekka Peltola ◽  
David Evans
Keyword(s):  
Process Model ◽  
Computer Forensics ◽  
Computer Crime ◽  
Investigation Process

A GENERIC DATABASE FORENSIC INVESTIGATION PROCESS MODEL

2016 ◽  
Vol 78 (6-11) ◽  
Author(s):  
Arafat Al-Dhaqm ◽  
Shukor Abd Razak ◽  
Siti Hajar Othman ◽  
Asri Nagdi ◽  
Abdulalem Ali
Keyword(s):  
Research Methodology ◽  
Process Model ◽  
Design Science ◽  
Science Research ◽  
Design Science Research ◽  
Database Systems ◽  
Research Area ◽  
Forensic Investigation ◽  
Fast Growing ◽  
Investigation Process

Database Forensic investigation is a domain which deals with database contents and their metadata to reveal malicious activities on database systems. Even though it is still new, but due to the overwhelming challenges and issues in the domain, this makes database forensic become a fast growing and much sought after research area. Based on observations made, we found that database forensic suffers from having a common standard which could unify knowledge of the domain. Therefore, through this paper, we present the use of Design Science Research (DSR) as a research methodology to develop a Generic Database Forensic Investigation Process Model (DBFIPM). From the creation of DBFIPM, five common forensic investigation processes have been proposed namely, the i) identification, ii) collection, iii) preservation, iv) analysis and v) presentation process. From the DBFIPM, it allows the reconciliation of concepts and terminologies of all common databases forensic investigation processes. Thus, this will potentially facilitate the sharing of knowledge on database forensic investigation among domain stakeholders.  

scholarly journals HoneyNetCloud Investigation Model, A Preventive Process Model for IoT Forensics

2021 ◽  
Vol 26 (3) ◽  
pp. 319-327
Author(s):  
Jayakrishnan Anilakkad Raman ◽  
Vasanthi Varadharajan
Keyword(s):  
Cyber Security ◽  
Process Model ◽  
Security Systems ◽  
Iot Security ◽  
Digital Devices ◽  
Sensing Systems ◽  
Preventive Method ◽  
One Year ◽  
Investigative Process ◽  
Investigation Process

With the pervasive usage of sensing systems and IoT things, the importance of security has increased. Attempts towards breaching IoT security systems by attackers are on upsurge. Many intrusions in embedded systems, sensing equipment and IoT things have occurred in the past. Though there are cyber security tools like Antivirus, Intrusion detection and prevention systems available for securing the digital devices and its networks. However, a forensic methodology to be followed for the analysis and investigation to detect origin cause of network incidents is lacking. This paper derives a comprehensive preventive cyber forensic process model with honeypots for the digital IoT investigation process which is formal, that can assist in the court of law in defining the reliability of the investigative process. One year data of various attacks to the IoT network has been recorded by the honeypots for this study. The newly derived model HIM has been validated using various methods and instead of converging on a particular aspect of investigation, it details the entire lifecycle of IoT forensic investigation. The model is targeted to address the forensic analysts’ requirements and the need of legal fraternity for a forensic model. The process model follows a preventive method which reduce further attacks on network.

scholarly journals Computer Forensics Field Triage Process Model

2006 ◽  
Author(s):  
Marcus Rogers ◽  
James Goldman ◽  
Rick Mislan ◽  
Timothy Wedge ◽  
Steve Debrota
Keyword(s):  
Process Model ◽  
Computer Forensics ◽  
Field Triage

Current Status and Development Trend of Research of Computer Forensic

2014 ◽  
Vol 496-500 ◽  
pp. 2208-2215 ◽  
Author(s):  
Zhong Yong Fu ◽  
Zhen Zhou Zhao
Keyword(s):  
Information Security ◽  
Development Trend ◽  
Computer Forensics ◽  
Computer Crime ◽  
Current Status ◽  
Scientific Methods ◽  
Security Problem ◽  
Definition Of ◽  
Computer Forensic

With the popularity of computer and network technology, information security problem is increasingly highlighted, and the computer related crime phenomenon more and more. Computer forensics to protect information security and to crack down on computer crime provides scientific methods and means, can provide evidence of the court need. This paper first gives the definition of computer forensics, and then introduces the features of computer evidence, principles and classification of computer forensics, finally describes the research status of computer forensics, points out the problems existing in the computer forensics and its development trend is forecasted.

scholarly journals Estudio Comparativo De Las Metodologías De Análisis Forense Informático Para La Examinación De Datos En Medios Digitales

2018 ◽  
Vol 14 (18) ◽  
pp. 40
Author(s):  
Iván Mesias Hidalgo Cajo ◽  
Saul Yasaca Pucuna ◽  
Byron Geovanny Hidalgo Cajo ◽  
Víctor Manuel Oquendo Coronado ◽  
Fanny Valeria Salazar Orozco
Keyword(s):  
Digital Media ◽  
Scientific Method ◽  
Forensic Analysis ◽  
Computer Forensics ◽  
Comparison Results ◽  
Digital Investigation ◽  
Computer Forensic ◽  
Robust Process ◽  
Investigation Process

The aim of this research is to compare the different standards and methodologies of computer forensic analysis used in the examination of data in digital media. The research was developed based on the scientific method, and a standard and two analysis methodologies were specifically used, which were applied to ten researchers. The analysis variables were based on the feasibility of use and on the time of extracting information from the computer. Among the comparison results of the different methodologies analyzed, it was determined that for the Methodology UNE 71506: 2013, 60% of the researchers used it due to the feasibility of use because it is made up of a robust process (contains the most detailed steps of computer forensics). Reliable and applicable in any field necessarily supervised by specialists working in the area, compared to the National Institute of Standards and Technology that selected 30%, Integrated Digital Investigation Process 10%. Regarding the time of analysis in the examination of digital media with different methodologies (Case study: Extraction of a file of 100 Mb, of a hard disk of 20 Gb in off mode. It is revealed that in the UNE 71506: 2013 it took less than 1 hour compared to the National Institute of Standards and Technology, which took between 1 and less than 2 hours, the Integrated Digital Investigation Process, which lasted longer than 3 hours. In addition, with the use of the Methodology UNE 71506: 2013, it was possible to have greater feasibility in the examination of digital media, since it is composed of four stages such as the preservation, acquisition, analysis and presentation of information results.

Sign in / Sign up

Export Citation Format

Share Document