Open AccessComparison Study of Digital Forensics Analysis Techniques; Findings versus Resources
Author(s) -
Ayman A. Shaaban,
Nashwa Abdelbaki
Publication year - 2018
Publication title -
procedia computer science
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.334
H-Index - 76
ISSN - 1877-0509
DOI - 10.1016/j.procs.2018.10.128
Subject(s) - computer science , timeline , computer security , digital forensics , hacker , adversary , compromise , data science , risk analysis (engineering) , internet privacy , law , medicine , archaeology , history , political science
Recently, digital forensics analysis got a great attention in IT security. This is especially after cyber incidents are getting new form of organized crime which introduced Advanced Persistent Threats (APT), and hacking Kill Chain definitions. The threat intense rises when it is affecting the healthcare organization where it will be life-threatening. Handling such incidents is a great challenge for handlers to uncover the attack steps. With various sources of evidential data that require analysis, one analysis technique can be more beneficial than another, comparing to the time and resources invested in each one. Analysis speed and precise results, helps in creating unique attack’s Indicators of Compromise faster. Which helps in containing incidents in such critical environments with lowest lose. The intent of this paper is to compare qualitatively outputs from different analysis techniques; memory, super timeline and live analysis on the same incident to help figuring out which technique can be more appropriate under different circumstances.
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom