TY - GEN
T1 - Applying a stepwise forensic approach to incident response and computer usage analysis
AU - Lim, Kyung Soo
AU - Lee, Seung Bong
AU - Lee, Sangjin
PY - 2009
Y1 - 2009
N2 - While traditional digital investigation is limited to cyber crimes, now it is an essential procedure on most of civil and criminal case. With the proliferation of the digital investigation in this situation, the need for the timely identification, analysis and interpretation of digital evidence is becoming more crucial. The general method of investigating the suspect's computer is laborious, time-consuming, complicated tasks and requires specialty on the part of forensic experts. In particular cases, such as child abduction, missing or exploited persons, time is of the essence and rapid incident response is necessary. But the increase in capacity of storage media made this method to take much longer time. Therefore, we need new process model to collect crucial evidence quickly and investigate these cases rapidly. The Stepwise Forensic Process Model (SFPM) provides stepwise and in-situ approach for providing incident identification, acquisition, analysis. The SFPM suggest a new investigational model for selecting the target and analyzing the relevant evidences only.
AB - While traditional digital investigation is limited to cyber crimes, now it is an essential procedure on most of civil and criminal case. With the proliferation of the digital investigation in this situation, the need for the timely identification, analysis and interpretation of digital evidence is becoming more crucial. The general method of investigating the suspect's computer is laborious, time-consuming, complicated tasks and requires specialty on the part of forensic experts. In particular cases, such as child abduction, missing or exploited persons, time is of the essence and rapid incident response is necessary. But the increase in capacity of storage media made this method to take much longer time. Therefore, we need new process model to collect crucial evidence quickly and investigate these cases rapidly. The Stepwise Forensic Process Model (SFPM) provides stepwise and in-situ approach for providing incident identification, acquisition, analysis. The SFPM suggest a new investigational model for selecting the target and analyzing the relevant evidences only.
KW - Digital forensics
KW - Forensic process model
KW - Incident response
UR - http://www.scopus.com/inward/record.url?scp=80655134675&partnerID=8YFLogxK
U2 - 10.1109/CSA.2009.5404204
DO - 10.1109/CSA.2009.5404204
M3 - Conference contribution
AN - SCOPUS:80655134675
SN - 9781424449460
T3 - Proceedings of the 2009 2nd International Conference on Computer Science and Its Applications, CSA 2009
BT - Proceedings of the 2009 2nd International Conference on Computer Science and Its Applications, CSA 2009
T2 - 2009 2nd International Conference on Computer Science and Its Applications, CSA 2009
Y2 - 10 December 2009 through 12 December 2009
ER -