Embedding Forensic Capabilities into Networks: Addressing Inefficiencies in Digital Forensics Investigations
A typical incident response pits technicians against networks that aren't prepared forensically. [1, 2] If practitioners do consider collecting network forensic data, they face a choice between expending extraordinary effort (time and money) collecting forensically sound data, or simply restoring the network as quickly as possible. In this context, the concept of organizational network forensic readiness has emerged. This paper proposes a methodology for "operationalizing" organizational network forensic readiness. The methodology, and the theoretical analysis that led to its development, are offered as a conceptual framework for thinking about more efficient, proactive approaches to digital forensics on networks.
- Research Organization:
- Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- AC05-76RL01830
- OSTI ID:
- 981608
- Report Number(s):
- PNNL-SA-53734; TRN: US201013%%818
- Resource Relation:
- Conference: Proceedings of the 2006 IEEE Workshop on Information Assurance, 133-139
- Country of Publication:
- United States
- Language:
- English
Similar Records
Embedding Hercule Poirot in Networks: Addressing Inefficiencies in Digital Forensic Investigations
Comments on Reservoir Technology, DOE PR VII, San Francisco, March 23, 1989