Actionable threat intelligence for digital forensics readiness
Authors: Serketzis, N., Katos, V., Ilioudis, C., Baltatzis, D. and Pangalos, G.J.
Journal: Information and Computer Security
Volume: 27
Issue: 2
Pages: 273-291
eISSN: 2056-497X
ISSN: 2056-4961
DOI: 10.1108/ICS-09-2018-0110
Abstract:Purpose: The purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing digital forensic readiness (DFR) schemes by leveraging the capabilities of cyber threat information sharing. Design/methodology/approach: This paper uses a quantitative methodology to identify the most popular cyber threat intelligence (CTI) elements and introduces a lightweight approach to correlate those with potential forensic value, resulting in the quick and accurate triaging and identification of patterns of malicious activities. Findings: While threat intelligence exchange steadily becomes a common practice for the prevention or detection of security incidents, the proposed approach highlights its usefulness for the digital forensics (DF) domain. Originality/value: The proposed model can help organizations to improve their DFR posture, and thus minimize the time and cost of cybercrime incidents.
https://eprints.bournemouth.ac.uk/31484/
Source: Scopus
Actionable threat intelligence for digital forensics readiness
Authors: Serketzis, N., Katos, V., Ilioudis, C., Baltatzis, D. and Pangalos, G.J.
Journal: INFORMATION AND COMPUTER SECURITY
Volume: 27
Issue: 2
Pages: 273-291
ISSN: 2056-4961
DOI: 10.1108/ICS-09-2018-0110
https://eprints.bournemouth.ac.uk/31484/
Source: Web of Science (Lite)
Actionable Threat Intelligence for Digital Forensics Readiness
Authors: Serketzis, N., Katos, V., Ilioudis, C., Baltatzis, D. and Pangalos, G.
Journal: Information and Computer Security
DOI: 10.1108/ICS-09-2018-0110
Abstract:The purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing Digital Forensic Readiness (DFR) schemes by leveraging the benefits of cyber threat information sharing.
This paper employs a quantitative methodology to identify the most popular Threat Intelligence elements and introduces a formalized procedure to correlate these elements with potential digital evidence resulting in the quick and accurate identification of patterns of malware activities.
While threat intelligence exchange steadily becomes a common practice for the prevention or detection of security incidents, the proposed approach highlights its usefulness for the digital forensics domain.
The proposed model can help organizations to improve their digital forensic readiness posture and thus minimize the time and cost of cybercrime incidents
https://eprints.bournemouth.ac.uk/31484/
Source: Manual
Actionable Threat Intelligence for Digital Forensics Readiness
Authors: Serketzis, N., Katos, V., Ilioudis, C., Baltatzis, D. and Pangalos, G.
Journal: Information and Computer Security
Volume: 27
Issue: 2
Pages: 273-291
ISSN: 2056-4961
Abstract:The purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing Digital Forensic Readiness (DFR) schemes by leveraging the benefits of cyber threat information sharing. This paper employs a quantitative methodology to identify the most popular Threat Intelligence elements and introduces a formalized procedure to correlate these elements with potential digital evidence resulting in the quick and accurate identification of patterns of malware activities. While threat intelligence exchange steadily becomes a common practice for the prevention or detection of security incidents, the proposed approach highlights its usefulness for the digital forensics domain. The proposed model can help organizations to improve their digital forensic readiness posture and thus minimize the time and cost of cybercrime incidents
https://eprints.bournemouth.ac.uk/31484/
Source: BURO EPrints