An on-site digital investigation methodology for data leak case

Seokhee Lee; Keungi Lee; Jong Hyuk Park; Sangjin Lee

doi:10.1002/sec.405

An on-site digital investigation methodology for data leak case

Seokhee Lee, Keungi Lee, Jong Hyuk Park, Sangjin Lee

School of Cybersecurity

Research output: Contribution to journal › Article › peer-review

Abstract

The ever growing storage device capacity poses a severe limit to the standard digital forensics collection procedures based on duplicating the original storage device by creating a bit-by-bit copy. Such a traditional procedure is followed, even if the goal of the investigation is to find a limited quantity of digital objects to support or refute an investigative hypothesis related to a precise case category. Therefore, in this paper, we propose a new methodology to deal with data leak cases, by applying an intelligent collection paradigm, a fast analysis approach that reduces investigation time.

Original language	English
Pages (from-to)	2616-2626
Number of pages	11
Journal	Security and Communication Networks
Volume	7
Issue number	12
DOIs	https://doi.org/10.1002/sec.405
Publication status	Published - 2014 Dec 1

Keywords

Data leak detection
Intelligent imaging
On-the-spot live investigations

ASJC Scopus subject areas

Information Systems
Computer Networks and Communications

Access to Document

10.1002/sec.405

Cite this

@article{a67a92b3f7ca4fa09e17dbb988a57b8b,

title = "An on-site digital investigation methodology for data leak case",

abstract = "The ever growing storage device capacity poses a severe limit to the standard digital forensics collection procedures based on duplicating the original storage device by creating a bit-by-bit copy. Such a traditional procedure is followed, even if the goal of the investigation is to find a limited quantity of digital objects to support or refute an investigative hypothesis related to a precise case category. Therefore, in this paper, we propose a new methodology to deal with data leak cases, by applying an intelligent collection paradigm, a fast analysis approach that reduces investigation time.",

keywords = "Data leak detection, Intelligent imaging, On-the-spot live investigations",

author = "Seokhee Lee and Keungi Lee and Park, {Jong Hyuk} and Sangjin Lee",

note = "Publisher Copyright: {\textcopyright} 2012 John Wiley & Sons, Ltd.",

year = "2014",

month = dec,

day = "1",

doi = "10.1002/sec.405",

language = "English",

volume = "7",

pages = "2616--2626",

journal = "Security and Communication Networks",

issn = "1939-0122",

publisher = "John Wiley and Sons Inc.",

number = "12",

}

TY - JOUR

T1 - An on-site digital investigation methodology for data leak case

AU - Lee, Seokhee

AU - Lee, Keungi

AU - Park, Jong Hyuk

AU - Lee, Sangjin

PY - 2014/12/1

Y1 - 2014/12/1

N2 - The ever growing storage device capacity poses a severe limit to the standard digital forensics collection procedures based on duplicating the original storage device by creating a bit-by-bit copy. Such a traditional procedure is followed, even if the goal of the investigation is to find a limited quantity of digital objects to support or refute an investigative hypothesis related to a precise case category. Therefore, in this paper, we propose a new methodology to deal with data leak cases, by applying an intelligent collection paradigm, a fast analysis approach that reduces investigation time.

AB - The ever growing storage device capacity poses a severe limit to the standard digital forensics collection procedures based on duplicating the original storage device by creating a bit-by-bit copy. Such a traditional procedure is followed, even if the goal of the investigation is to find a limited quantity of digital objects to support or refute an investigative hypothesis related to a precise case category. Therefore, in this paper, we propose a new methodology to deal with data leak cases, by applying an intelligent collection paradigm, a fast analysis approach that reduces investigation time.

KW - Data leak detection

KW - Intelligent imaging

KW - On-the-spot live investigations

UR - http://www.scopus.com/inward/record.url?scp=84911868286&partnerID=8YFLogxK

U2 - 10.1002/sec.405

DO - 10.1002/sec.405

M3 - Article

AN - SCOPUS:84911868286

SN - 1939-0122

VL - 7

SP - 2616

EP - 2626

JO - Security and Communication Networks

JF - Security and Communication Networks

IS - 12

ER -

An on-site digital investigation methodology for data leak case

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this