Applying a stepwise forensic approach to incident response and computer usage analysis

Kyung Soo Lim, Seung Bong Lee, Sangjin Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

While traditional digital investigation is limited to cyber crimes, now it is an essential procedure on most of civil and criminal case. With the proliferation of the digital investigation in this situation, the need for the timely identification, analysis and interpretation of digital evidence is becoming more crucial. The general method of investigating the suspect's computer is laborious, time-consuming, complicated tasks and requires specialty on the part of forensic experts. In particular cases, such as child abduction, missing or exploited persons, time is of the essence and rapid incident response is necessary. But the increase in capacity of storage media made this method to take much longer time. Therefore, we need new process model to collect crucial evidence quickly and investigate these cases rapidly. The Stepwise Forensic Process Model (SFPM) provides stepwise and in-situ approach for providing incident identification, acquisition, analysis. The SFPM suggest a new investigational model for selecting the target and analyzing the relevant evidences only.

Original languageEnglish
Title of host publicationProceedings of the 2009 2nd International Conference on Computer Science and Its Applications, CSA 2009
DOIs
Publication statusPublished - 2009
Event2009 2nd International Conference on Computer Science and Its Applications, CSA 2009 - Jeju Island, Korea, Republic of
Duration: 2009 Dec 102009 Dec 12

Publication series

NameProceedings of the 2009 2nd International Conference on Computer Science and Its Applications, CSA 2009

Other

Other2009 2nd International Conference on Computer Science and Its Applications, CSA 2009
Country/TerritoryKorea, Republic of
CityJeju Island
Period09/12/1009/12/12

Keywords

  • Digital forensics
  • Forensic process model
  • Incident response

ASJC Scopus subject areas

  • Computational Theory and Mathematics
  • Computer Science Applications

Fingerprint

Dive into the research topics of 'Applying a stepwise forensic approach to incident response and computer usage analysis'. Together they form a unique fingerprint.

Cite this