ResearchSpace

Guidelines for procedures of a harmonised digital forensic process in network forensics

Show simple item record

dc.contributor.author Sibiya, G
dc.contributor.author Venter, HS
dc.contributor.author Ngobeni, Sipho J
dc.contributor.author Fogwill, T
dc.date.accessioned 2013-02-08T13:23:05Z
dc.date.available 2013-02-08T13:23:05Z
dc.date.issued 2012-08
dc.identifier.citation Sibiya, G, Venter, HS, Ngobeni, S and Fogwill, T. 2012. Guidelines for procedures of a harmonised digital forensic process in network forensics. International Workshop on Digital Forensics in the Cloud, Sandton, Johannesburg, 17 August 2012 en_US
dc.identifier.isbn 978-1-4673-2160-0
dc.identifier.uri http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=6320451&contentType=Conference+Publications&searchField%3DSearch_All%26queryText%3Dsibiya
dc.identifier.uri http://jmiller.uaa.alaska.edu/cse465-fall2012/papers/sibiya2012.pdf
dc.identifier.uri http://hdl.handle.net/10204/6543
dc.description Copyright: 2012 IEEE. This is the accepted version of the work. Reprinted, with permission, from Sibiya, G, Venter, HS, Ngobeni, S and Fogwill, T. 2012. Guidelines for procedures of a harmonised digital forensic process in network forensics. International Workshop on Digital Forensics in the Cloud, Sandton, Johannesburg, 17 August 2012. This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of CSIR Information Services' products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to pubs-permissions@ieee.org. By choosing to view this document, you agree to all provisions of the copyright laws protecting it. en_US
dc.description.abstract Cloud computing is a new computing paradigm that presents fresh research issues in the field of digital forensics. Cloud computing builds upon virtualisation technologies and is distributed in nature. Depending on its implementation, the cloud can span across numerous countries. Its distributed nature and virtualisation introduces digital forensic research issues that include among others difficulty in identifying and collecting forensically sound evidence. Even if the evidence may be identified and essential tools for collecting the evidence are acquired, it may be illegal to access computer data residing beyond the jurisdiction of a forensic investigator. The investigator needs to acquire a search warrant that can be executed in a specific foreign country – which may not be a single country due to the distributed nature of the cloud. Obtaining warrants for numerous countries at once may be costly and time consuming. Some countries may also fail to comply with the demands of cloud forensics. Since the field of digital forensics is itself still in its infancy, it lacks standardised forensic processes and procedures. Thus, digital forensic investigators are able to collect evidence, but often fail in following a valid investigation process that is acceptable in a court of law. In addressing digital forensic issues such as the above, the authors are writing a series of papers that are aimed at providing guidelines for digital forensic procedures in a cloud environment. Live forensics and network forensics constitute an integral part of cloud forensics. A paper that deals with guidelines for digital forensic procedures in live forensics was submitted elsewhere. The current paper is therefore the second in a series where the authors propose and present guidelines for digital forensic procedures in network forensics. The authors eventually aim to have guidelines for digital forensic procedures in a cloud environment as the last paper in the series. en_US
dc.language.iso en en_US
dc.publisher IEEE en_US
dc.relation.ispartofseries Workflow;9575
dc.relation.ispartofseries Workflow;10003
dc.subject Cloud computing en_US
dc.subject Network forensics en_US
dc.subject Live forensics en_US
dc.subject Digital forensics en_US
dc.title Guidelines for procedures of a harmonised digital forensic process in network forensics en_US
dc.type Conference Presentation en_US
dc.identifier.apacitation Sibiya, G., Venter, H., Ngobeni, S., & Fogwill, T. (2012). Guidelines for procedures of a harmonised digital forensic process in network forensics. IEEE. http://hdl.handle.net/10204/6543 en_ZA
dc.identifier.chicagocitation Sibiya, G, HS Venter, S Ngobeni, and T Fogwill. "Guidelines for procedures of a harmonised digital forensic process in network forensics." (2012): http://hdl.handle.net/10204/6543 en_ZA
dc.identifier.vancouvercitation Sibiya G, Venter H, Ngobeni S, Fogwill T, Guidelines for procedures of a harmonised digital forensic process in network forensics; IEEE; 2012. http://hdl.handle.net/10204/6543 . en_ZA
dc.identifier.ris TY - Conference Presentation AU - Sibiya, G AU - Venter, HS AU - Ngobeni, S AU - Fogwill, T AB - Cloud computing is a new computing paradigm that presents fresh research issues in the field of digital forensics. Cloud computing builds upon virtualisation technologies and is distributed in nature. Depending on its implementation, the cloud can span across numerous countries. Its distributed nature and virtualisation introduces digital forensic research issues that include among others difficulty in identifying and collecting forensically sound evidence. Even if the evidence may be identified and essential tools for collecting the evidence are acquired, it may be illegal to access computer data residing beyond the jurisdiction of a forensic investigator. The investigator needs to acquire a search warrant that can be executed in a specific foreign country – which may not be a single country due to the distributed nature of the cloud. Obtaining warrants for numerous countries at once may be costly and time consuming. Some countries may also fail to comply with the demands of cloud forensics. Since the field of digital forensics is itself still in its infancy, it lacks standardised forensic processes and procedures. Thus, digital forensic investigators are able to collect evidence, but often fail in following a valid investigation process that is acceptable in a court of law. In addressing digital forensic issues such as the above, the authors are writing a series of papers that are aimed at providing guidelines for digital forensic procedures in a cloud environment. Live forensics and network forensics constitute an integral part of cloud forensics. A paper that deals with guidelines for digital forensic procedures in live forensics was submitted elsewhere. The current paper is therefore the second in a series where the authors propose and present guidelines for digital forensic procedures in network forensics. The authors eventually aim to have guidelines for digital forensic procedures in a cloud environment as the last paper in the series. DA - 2012-08 DB - ResearchSpace DP - CSIR KW - Cloud computing KW - Network forensics KW - Live forensics KW - Digital forensics LK - https://researchspace.csir.co.za PY - 2012 SM - 978-1-4673-2160-0 T1 - Guidelines for procedures of a harmonised digital forensic process in network forensics TI - Guidelines for procedures of a harmonised digital forensic process in network forensics UR - http://hdl.handle.net/10204/6543 ER - en_ZA


Files in this item

This item appears in the following Collection(s)

Show simple item record