TY - GEN
T1 - Data leak analysis in a corporate environment
AU - Lee, Seokhee
AU - Lee, Keungi
AU - Savoldi, Antonio
AU - Lee, Sangjin
PY - 2009
Y1 - 2009
N2 - Digital Forensics focuses on the collection of evidence from the volatile and non-volatile memory of a computer-based system, such as the hard disk and the RAM content. Needless to say, hard disk data are crucial in the investigation, but whether hard disk data collection is possible or not depends on the features of the case, and whether the forensics practitioners have a suitable legal permission. As nowadays the capacity of hard disks is increasing more and more, it takes a considerable amount of time to perform the imaging phase, and thus to deal with different steps in the chain of custody of the case. As a consequence, delaying the collection step in the investigation may have a detrimental effect on the progress of the investigation or may be a barrier to succeed in the investigation. Hence, we suggest an efficient methodology to collect evidence for dealing with data leak cases, by substantially reducing the collection time.
AB - Digital Forensics focuses on the collection of evidence from the volatile and non-volatile memory of a computer-based system, such as the hard disk and the RAM content. Needless to say, hard disk data are crucial in the investigation, but whether hard disk data collection is possible or not depends on the features of the case, and whether the forensics practitioners have a suitable legal permission. As nowadays the capacity of hard disks is increasing more and more, it takes a considerable amount of time to perform the imaging phase, and thus to deal with different steps in the chain of custody of the case. As a consequence, delaying the collection step in the investigation may have a detrimental effect on the progress of the investigation or may be a barrier to succeed in the investigation. Hence, we suggest an efficient methodology to collect evidence for dealing with data leak cases, by substantially reducing the collection time.
UR - http://www.scopus.com/inward/record.url?scp=77951487482&partnerID=8YFLogxK
U2 - 10.1109/ICICIC.2009.154
DO - 10.1109/ICICIC.2009.154
M3 - Conference contribution
AN - SCOPUS:77951487482
SN - 9780769538730
T3 - 2009 4th International Conference on Innovative Computing, Information and Control, ICICIC 2009
SP - 38
EP - 43
BT - 2009 4th International Conference on Innovative Computing, Information and Control, ICICIC 2009
T2 - 2009 4th International Conference on Innovative Computing, Information and Control, ICICIC 2009
Y2 - 7 December 2009 through 9 December 2009
ER -