From the Computer Incident Taxonomy to a Computer Forensic Examination Taxonomy

From the Computer Incident Taxonomy to a Computer Forensic Examination Taxonomy

Forensic investigations are usually conducted to solve crimes committed using IT systems as pertetrator and/or victim. However, depending on the size of IT system, also nonmalicious incidents can be investigated using the same, methodological and proven techniques. Based upon the principles containe...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Altschaffel, R., Kiltz, S., Dittmann, J.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Computer crime
Computer security
Conference management
Data analysis
Documentation
Failure analysis
Forensics
IT-forensics
Law enforcement
Taxonomy
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Forensic investigations are usually conducted to solve crimes committed using IT systems as pertetrator and/or victim. However, depending on the size of IT system, also nonmalicious incidents can be investigated using the same, methodological and proven techniques. Based upon the principles contained in the well known computer incident taxonomy, this paper proposes the establishment a common language for the description of computer forensic examinations, both in malicious and nonmalicious incidents. Additionally this taxonomy helps performing a forensic examination in establishing answers to a set of well defined questions during such an examination. The usefulness of the proposed forensic examination taxonomy is shown using a malicious and a nonmalicious example.
DOI:10.1109/IMF.2009.17