Applying a stepwise forensic approach to incident response and computer usage analysis

Kyung Soo Lim, Seung Bong Lee, Sangjin Lee

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    4 Citations (Scopus)

    Abstract

    While traditional digital investigation is limited to cyber crimes, now it is an essential procedure on most of civil and criminal case. With the proliferation of the digital investigation in this situation, the need for the timely identification, analysis and interpretation of digital evidence is becoming more crucial. The general method of investigating the suspect's computer is laborious, time-consuming, complicated tasks and requires specialty on the part of forensic experts. In particular cases, such as child abduction, missing or exploited persons, time is of the essence and rapid incident response is necessary. But the increase in capacity of storage media made this method to take much longer time. Therefore, we need new process model to collect crucial evidence quickly and investigate these cases rapidly. The Stepwise Forensic Process Model (SFPM) provides stepwise and in-situ approach for providing incident identification, acquisition, analysis. The SFPM suggest a new investigational model for selecting the target and analyzing the relevant evidences only.

    Original languageEnglish
    Title of host publicationProceedings of the 2009 2nd International Conference on Computer Science and Its Applications, CSA 2009
    DOIs
    Publication statusPublished - 2009
    Event2009 2nd International Conference on Computer Science and Its Applications, CSA 2009 - Jeju Island, Korea, Republic of
    Duration: 2009 Dec 102009 Dec 12

    Publication series

    NameProceedings of the 2009 2nd International Conference on Computer Science and Its Applications, CSA 2009

    Other

    Other2009 2nd International Conference on Computer Science and Its Applications, CSA 2009
    Country/TerritoryKorea, Republic of
    CityJeju Island
    Period09/12/1009/12/12

    Keywords

    • Digital forensics
    • Forensic process model
    • Incident response

    ASJC Scopus subject areas

    • Computational Theory and Mathematics
    • Computer Science Applications

    Fingerprint

    Dive into the research topics of 'Applying a stepwise forensic approach to incident response and computer usage analysis'. Together they form a unique fingerprint.

    Cite this