A Digital Triage Forensics framework of Window malware forensic toolkit: Based on ISO}/IEC 27037:2012
Title | A Digital Triage Forensics framework of Window malware forensic toolkit: Based on ISO}/IEC 27037:2012 |
Publication Type | Conference Paper |
Year of Publication | 2015 |
Authors | Kao, D. Y., Wu, G. J. |
Conference Name | 2015 International Carnahan Conference on Security Technology (ICCST) |
Keywords | Computer crime, Computers, crime scene investigation, critical analysis, cyber security incident, Cybercrime, data leakage, digital evidence handling, digital forensic, digital forensics, digital triage forensics, digital triage forensics framework, DTF methodologies, hacker, IEC standards, Internet, invasive software, ISO standards, ISO/IEC 27037, ISO/IEC 27037:2012, Malware, malware forensics, operating systems (computers), pubcrawl170109, Window malware forensic toolkit |
Abstract | The rise of malware attack and data leakage is putting the Internet at a higher risk. Digital forensic examiners responsible for cyber security incident need to continually update their processes, knowledge and tools due to changing technology. These attack activities can be investigated by means of Digital Triage Forensics (DTF) methodologies. DTF is a procedural model for the crime scene investigation of digital forensic applications. It takes place as a way of gathering quick intelligence, and presents methods of conducting pre/post-blast investigations. A DTF framework of Window malware forensic toolkit is further proposed. It is also based on ISO/IEC 27037: 2012 - guidelines for specific activities in the handling of digital evidence. The argument is made for a careful use of digital forensic investigations to improve the overall quality of expert examiners. This solution may improve the speed and quality of pre/post-blast investigations. By considering how triage solutions are being implemented into digital investigations, this study presents a critical analysis of malware forensics. The analysis serves as feedback for integrating digital forensic considerations, and specifies directions for further standardization efforts. |
DOI | 10.1109/CCST.2015.7389685 |
Citation Key | kao_digital_2015 |
- DTF methodologies
- Window malware forensic toolkit
- pubcrawl170109
- operating systems (computers)
- malware forensics
- malware
- ISO/IEC 27037:2012
- ISO/IEC 27037
- ISO standards
- invasive software
- internet
- IEC standards
- Hacker
- Computer crime
- digital triage forensics framework
- digital triage forensics
- Digital Forensics
- digital forensic
- digital evidence handling
- data leakage
- Cybercrime
- cyber security incident
- critical analysis
- crime scene investigation
- Computers