Challenge Paper: Validation of Forensic Techniques for Criminal Prosecution
Abstract: As in many domains, there is increasing agreement in the user and research community that digital forensics analysts would benefit from the extension, development and application of advanced techniques in performing large scale and heterogeneous data analysis. Modern digital forensics analysis of cyber-crimes and cyber-enabled crimes often requires scrutiny of massive amounts of data. For example, a case involving network compromise across multiple enterprises might require forensic analysis of numerous sets of network logs and computer hard drives, potentially involving 100?s of gigabytes of heterogeneous data, or even terabytes or petabytes of data. Also, the goal for forensic analysis is to not only determine whether the illicit activity being considered is taking place, but also to identify the source of the activity and the full extent of the compromise or impact on the local network. Even after this analysis, there remains the challenge of using the results in subsequent criminal and civil processes.
- Research Organization:
- Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- AC05-76RL01830
- OSTI ID:
- 983450
- Report Number(s):
- PNNL-SA-73583; TRN: US201014%%210
- Resource Relation:
- Conference: Proceedings of the Second International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'07), 150-154
- Country of Publication:
- United States
- Language:
- English
Similar Records
U.S. and Russian Collaboration in the Area of Nuclear Forensics
Atypical Behavior Identification in Large Scale Network Traffic