Actionable threat intelligence for digital forensics readiness

Authors: Serketzis, N., Katos, V., Ilioudis, C., Baltatzis, D. and Pangalos, G.J.

Journal: Information and Computer Security

Volume: 27

Issue: 2

Pages: 273-291

eISSN: 2056-497X

ISSN: 2056-4961

DOI: 10.1108/ICS-09-2018-0110

Abstract:

Purpose: The purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing digital forensic readiness (DFR) schemes by leveraging the capabilities of cyber threat information sharing. Design/methodology/approach: This paper uses a quantitative methodology to identify the most popular cyber threat intelligence (CTI) elements and introduces a lightweight approach to correlate those with potential forensic value, resulting in the quick and accurate triaging and identification of patterns of malicious activities. Findings: While threat intelligence exchange steadily becomes a common practice for the prevention or detection of security incidents, the proposed approach highlights its usefulness for the digital forensics (DF) domain. Originality/value: The proposed model can help organizations to improve their DFR posture, and thus minimize the time and cost of cybercrime incidents.

https://eprints.bournemouth.ac.uk/31484/

Source: Scopus

Actionable threat intelligence for digital forensics readiness

Authors: Serketzis, N., Katos, V., Ilioudis, C., Baltatzis, D. and Pangalos, G.J.

Journal: INFORMATION AND COMPUTER SECURITY

Volume: 27

Issue: 2

Pages: 273-291

ISSN: 2056-4961

DOI: 10.1108/ICS-09-2018-0110

https://eprints.bournemouth.ac.uk/31484/

Source: Web of Science (Lite)

Actionable Threat Intelligence for Digital Forensics Readiness

Authors: Serketzis, N., Katos, V., Ilioudis, C., Baltatzis, D. and Pangalos, G.

Journal: Information and Computer Security

DOI: 10.1108/ICS-09-2018-0110

Abstract:

The purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing Digital Forensic Readiness (DFR) schemes by leveraging the benefits of cyber threat information sharing.

This paper employs a quantitative methodology to identify the most popular Threat Intelligence elements and introduces a formalized procedure to correlate these elements with potential digital evidence resulting in the quick and accurate identification of patterns of malware activities.

While threat intelligence exchange steadily becomes a common practice for the prevention or detection of security incidents, the proposed approach highlights its usefulness for the digital forensics domain.

The proposed model can help organizations to improve their digital forensic readiness posture and thus minimize the time and cost of cybercrime incidents

https://eprints.bournemouth.ac.uk/31484/

Source: Manual

Actionable Threat Intelligence for Digital Forensics Readiness

Authors: Serketzis, N., Katos, V., Ilioudis, C., Baltatzis, D. and Pangalos, G.

Journal: Information and Computer Security

Volume: 27

Issue: 2

Pages: 273-291

ISSN: 2056-4961

Abstract:

The purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing Digital Forensic Readiness (DFR) schemes by leveraging the benefits of cyber threat information sharing. This paper employs a quantitative methodology to identify the most popular Threat Intelligence elements and introduces a formalized procedure to correlate these elements with potential digital evidence resulting in the quick and accurate identification of patterns of malware activities. While threat intelligence exchange steadily becomes a common practice for the prevention or detection of security incidents, the proposed approach highlights its usefulness for the digital forensics domain. The proposed model can help organizations to improve their digital forensic readiness posture and thus minimize the time and cost of cybercrime incidents

https://eprints.bournemouth.ac.uk/31484/

Source: BURO EPrints