Towards a Threat Intelligence Informed Digital Forensics Readiness Framework
Authors: Serketzis, N., Katos, V., Ilioudis, C., Baltatzis, D. and Pangalos, G.
Conference: Twenty-Fifth European Conference on Information Systems (ECIS)
Dates: 6 June 2017
https://eprints.bournemouth.ac.uk/30391/
Source: Manual
Towards a Threat Intelligence Informed Digital Forensics Readiness Framework
Authors: Serketzis, N., Katos, V., Ilioudis, C., Baltatzis, D. and Pangalos, G.
Conference: Twenty-Fifth European Conference on Information Systems (ECIS)
Abstract:Digital Forensic Readiness (DFR) has received little attention by the research community, when compared to the core digital forensic investigation processes. DFR was primarily about logging of security events to be leveraged by the forensic analysis phase. However, the increasing number of security incidents and the overwhelming volumes of data produced mandate the development of more effective and efficient DFR approaches. We propose a DFR framework focusing on the prioritisation, triaging and selection of Indicators of Compromise (IoC) to be used in investigations of security incidents. A core component of the framework is the contextualisation of the IoCs to the underlying organisation, which can be achieved with the use of clustering and classification algoriihms and a local IoC database.
https://eprints.bournemouth.ac.uk/30391/
Source: BURO EPrints