Embedding Hercule Poirot in Networks: Addressing Inefficiencies in Digital Forensic Investigations
Abstract: Forensic investigations on networks are not scalable in terms of time and money [1]. Those investigations that do occur consume months of attention from the very experts who should be investing in more productive activities, like designing and improving network performance [1]. Given these circumstances, organizations often must select which cases to pursue, ignoring many that could be prosecuted, if time allowed. Recognizing the exponential growth in the number of crimes that employ computers and networks that become subject to digital evidence procedures, researchers and practitioners, alike, have called for embedding forensics - essentially integrating the cognitive skills of a detective into the network [2, 3, 4]. The premise is that the level of effort required to document incidents can thus be reduced, significantly. This paper introduces what technical factors might reflect those detecting skills, leading to solutions that could offset the inefficiencies of current practice.
- Research Organization:
- Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- AC05-76RL01830
- OSTI ID:
- 990142
- Report Number(s):
- PNNL-SA-73584; TRN: US201020%%146
- Resource Relation:
- Related Information: Foundations of Augmented Cognition, Lecture Notews in Computer Science Vol 4565, 364-372
- Country of Publication:
- United States
- Language:
- English
Similar Records
Microbial Forensics: A Scientific Assessment
The Importance of International Technical Nuclear Forensics to Deter Illicit Trafficking