Search Books

Applying a forensic approach to incident response, network investigation and system administration using Digital Evidence Bags [An article from: Digital Investigation]

Author P. Turner
Publisher Elsevier
📄 Viewing lite version Full site ›
🌎 Shop on Amazon — choose country
10.95 USD
🛒 Buy New on Amazon 🇺🇸

✓ Available for download now

Share:
Book Details
Author(s)P. Turner
PublisherElsevier
ISBN / ASINB000PDTX8M
ISBN-13978B000PDTX88
AvailabilityAvailable for download now
Sales Rank13,049,109
MarketplaceUnited States 🇺🇸

Description

This digital document is a journal article from Digital Investigation, published by Elsevier in 2007. The article is delivered in HTML format and is available in your Amazon.com Media Library immediately after purchase. You can view it with any web browser.

Description:
This paper questions the current approach to forensic incident response and network investigations. Although claiming to be 'forensic' in nature it shows that the basic processes and mechanisms used in traditional computer forensics are rarely applied in the live incident investigation arena. This paper demonstrates how the newly proposed Digital Evidence Bag (DEB) storage format can be applied to a dynamic environment. A DEB is a universal container for digital evidence from any source. It allows the provenance to be recorded and continuity to be maintained throughout the life of the investigation. With a small amount of forethought a forensically rigorous approach can be applied to incident response, network investigations and system administration with minimal overhead.