Proactive System for Digital Forensic Investigation
| dc.contributor.author | Alharbi, Soltan Abed | |
| dc.contributor.supervisor | Weber, Jens | |
| dc.contributor.supervisor | Issa, Traore | |
| dc.date.accessioned | 2014-04-07T21:25:58Z | |
| dc.date.available | 2014-04-07T21:25:58Z | |
| dc.date.copyright | 2014 | en_US |
| dc.date.issued | 2014-04-07 | |
| dc.degree.department | Department of Electrical and Computer Engineering | en_US |
| dc.degree.level | Doctor of Philosophy Ph.D. | en_US |
| dc.description.abstract | Digital Forensics (DF) is defined as the ensemble of methods, tools and techniques used to collect, preserve and analyse digital data originating from any type of digital media involved in an incident with the purpose of extracting valid evidence for a court of law. DF investigations are usually performed as a response to a digital crime and, as such, they are termed Reactive Digital Forensic (RDF). An RDF investigation takes the traditional (or post-mortem) approach of investigating digital crimes after incidents have occurred. This involves identifying, preserving, collecting, analyzing, and generating the final report. Although RDF investigations are effective, they are faced with many challenges, especially when dealing with anti-forensic incidents, volatile data and event reconstruction. To tackle these challenges, Proactive Digital Forensic (PDF) is required. By being proactive, DF is prepared for incidents. In fact, the PDF investigation has the ability to proactively collect data, preserve it, detect suspicious events, analyze evidence and report an incident as it occurs. This dissertation focuses on the detection and analysis phase of the proactive investigation system, as it is the most expensive phase of the system. In addition, theories behind such systems will be discussed. Finally, implementation of the whole proactive system will be tested on a botnet use case (Zeus). | en_US |
| dc.description.proquestcode | 0984 | en_US |
| dc.description.proquestcode | 0537 | en_US |
| dc.description.proquestemail | soltanalharbi@hotmail.com | en_US |
| dc.description.scholarlevel | Graduate | en_US |
| dc.identifier.bibliographicCitation | Soltan Alharbi, Belaid Moa, Jens Weber-Jahnke, and Issa Traore. High performance proactive digital forensics. In Journal of Physics: Conference Series, volume 385, pages 01–15. IOP Publishing, 2012. | en_US |
| dc.identifier.bibliographicCitation | Soltan Alharbi, Jens Weber-Jahnke, and Issa Traore. The proactive and reactive digital forensics investigation process: A systematic literature review. In Information Security and Assurance, pages 87–100. Springer, 2011. | en_US |
| dc.identifier.bibliographicCitation | S.A. Soltan Alharbi, J.W.J. JensWeber-Jahnke, and I.T. Issa Traore. The proactive and reactive digital forensics investigation process: A systematic literature review. International Journal of Security and Its Applications, 5(4):59–72, 2011. | en_US |
| dc.identifier.uri | http://hdl.handle.net/1828/5237 | |
| dc.language | English | eng |
| dc.language.iso | en | en_US |
| dc.rights.temp | Available to the World Wide Web | en_US |
| dc.rights.uri | http://creativecommons.org/publicdomain/zero/1.0/ | * |
| dc.subject | Digital Forensics | en_US |
| dc.subject | Reactive Digital Forensic | en_US |
| dc.subject | Proactive Digital Forensic | en_US |
| dc.title | Proactive System for Digital Forensic Investigation | en_US |
| dc.type | Thesis | en_US |