Visible to the public A Digital Triage Forensics framework of Window malware forensic toolkit: Based on ISO}/IEC 27037:2012

TitleA Digital Triage Forensics framework of Window malware forensic toolkit: Based on ISO}/IEC 27037:2012
Publication TypeConference Paper
Year of Publication2015
AuthorsKao, D. Y., Wu, G. J.
Conference Name2015 International Carnahan Conference on Security Technology (ICCST)
KeywordsComputer crime, Computers, crime scene investigation, critical analysis, cyber security incident, Cybercrime, data leakage, digital evidence handling, digital forensic, digital forensics, digital triage forensics, digital triage forensics framework, DTF methodologies, hacker, IEC standards, Internet, invasive software, ISO standards, ISO/IEC 27037, ISO/IEC 27037:2012, Malware, malware forensics, operating systems (computers), pubcrawl170109, Window malware forensic toolkit

The rise of malware attack and data leakage is putting the Internet at a higher risk. Digital forensic examiners responsible for cyber security incident need to continually update their processes, knowledge and tools due to changing technology. These attack activities can be investigated by means of Digital Triage Forensics (DTF) methodologies. DTF is a procedural model for the crime scene investigation of digital forensic applications. It takes place as a way of gathering quick intelligence, and presents methods of conducting pre/post-blast investigations. A DTF framework of Window malware forensic toolkit is further proposed. It is also based on ISO/IEC 27037: 2012 - guidelines for specific activities in the handling of digital evidence. The argument is made for a careful use of digital forensic investigations to improve the overall quality of expert examiners. This solution may improve the speed and quality of pre/post-blast investigations. By considering how triage solutions are being implemented into digital investigations, this study presents a critical analysis of malware forensics. The analysis serves as feedback for integrating digital forensic considerations, and specifies directions for further standardization efforts.

Citation Keykao_digital_2015