A multi-component view of digital forensics

C. P. Grobler, C. P. Louwrens, S. H. Von Solms

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

40 Citations (Scopus)

Abstract

We are living in a world where there is an increasing need for evidence in organizations. Good digital evidence is becoming a business enabler. Very few organizations have the structures (management and infrastructure) in place to enable them to conduct cost effective, low-impact and efficient digital investigations [1]. Digital Forensics (DF) is a vehicle that organizations use to provide good and trustworthy evidence and processes. The current DF models concentrate on reactive investigations, with limited reference to DF readiness and live investigations. However, organizations use DF for other purposes for example compliance testing. The paper proposes that DF consists of three components: Pro-active (ProDF), Active (ActDF) and Re-active (ReDF). ProDF concentrates on DF readiness and the proactive responsible use of DF to demonstrate good governance and enhance governance structures. ActDF considers the gathering of live evidence during an ongoing attack with a limited live investigation element whilst ReDF deals with the traditional DF investigation. The paper discusses each component and the relationship between the components.

Original languageEnglish
Title of host publicationARES 2010 - 5th International Conference on Availability, Reliability, and Security
Pages647-652
Number of pages6
DOIs
Publication statusPublished - 2010
Event5th International Conference on Availability, Reliability, and Security, ARES 2010 - Krakow, Poland
Duration: 15 Feb 201018 Feb 2010

Publication series

NameARES 2010 - 5th International Conference on Availability, Reliability, and Security

Conference

Conference5th International Conference on Availability, Reliability, and Security, ARES 2010
Country/TerritoryPoland
CityKrakow
Period15/02/1018/02/10

Keywords

  • Active Digital Forensics
  • Digital Forensic readiness
  • Digital Forensics
  • Information security governance
  • Live investigations
  • Proactive digital Forensics
  • Reactive Digital Forensics

ASJC Scopus subject areas

  • Computational Theory and Mathematics
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'A multi-component view of digital forensics'. Together they form a unique fingerprint.

Cite this