Comparison Study of Digital Forensics Analysis Techniques; Findings versus Resources

被引:2
作者
Shaaban, Ayman [1 ]
Abdelbaki, Nashwa [1 ]
机构
[1] Nile Univ, 26th July Corridor, Giza 12588, Egypt
来源
9TH INTERNATIONAL CONFERENCE ON EMERGING UBIQUITOUS SYSTEMS AND PERVASIVE NETWORKS (EUSPN-2018) / 8TH INTERNATIONAL CONFERENCE ON CURRENT AND FUTURE TRENDS OF INFORMATION AND COMMUNICATION TECHNOLOGIES IN HEALTHCARE (ICTH-2018) | 2018年 / 141卷
关键词
Incident Handling; Healthcare Security; Digital Forensics; Timeline Analysis; Memory Analysis; Live Analysis;
D O I
10.1016/j.procs.2018.10.128
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Recently, digital forensics analysis got a great attention in IT security. This is especially after cyber incidents are getting new form of organized crime which introduced Advanced Persistent Threats (APT), and hacking Kill Chain definitions. The threat intense rises when it is affecting the healthcare organization where it will be life-threatening. Handling such incidents is a great challenge for handlers to uncover the attack steps. With various sources of evidential data that require analysis, one analysis technique can be more beneficial than another, comparing to the time and resources invested in each one. Analysis speed and precise results, helps in creating unique attack's Indicators of Compromise faster. Which helps in containing incidents in such critical environments with lowest lose. The intent of this paper is to compare qualitatively outputs from different analysis techniques; memory, super timeline and live analysis on the same incident to help figuring out which technique can be more appropriate under different circumstances. (C) 2018 The Authors. Published by Elsevier Ltd.
引用
收藏
页码:545 / 551
页数:7
相关论文
共 17 条
[1]   Big healthcare data: preserving security and privacy [J].
Abouelmehdi, Karim ;
Beni-Hessane, Abderrahim ;
Khaloufi, Hayat .
JOURNAL OF BIG DATA, 2018, 5 (01)
[2]  
Brill A.E., 2006, Journal of Digital Forensic Practice, V1, P3, DOI DOI 10.1080/15567280500541488
[3]  
Carvey Harlan., 2009, WINDOWS FORENSIC ANA, V2e
[4]  
Esposito C, 2018, IEEE CLOUD COMPUT, V5, P31
[5]   Digital forensics research: The next 10 years [J].
Garfinkel, Simson L. .
DIGITAL INVESTIGATION, 2010, 7 :S64-S73
[6]  
Hamm J., 2017, DIGITAL FORENSICS, P147
[7]   Challenges of information security incident learning: An industrial case study in a Chinese healthcare organization [J].
He, Ying ;
Johnson, Chris .
INFORMATICS FOR HEALTH & SOCIAL CARE, 2017, 42 (04) :393-408
[8]   Cybersecurity in Hospitals: A Systematic, Organizational Perspective [J].
Jalali, Mohammad S. ;
Kaiser, Jessica P. .
JOURNAL OF MEDICAL INTERNET RESEARCH, 2018, 20 (05)
[9]   A cyber kill chain based taxonomy of banking Trojans for evolutionary computational intelligence [J].
Kiwia, Dennis ;
Dehghantanha, Ali ;
Choo, Kim-Kwang Raymond ;
Slaughter, Jim .
JOURNAL OF COMPUTATIONAL SCIENCE, 2018, 27 :394-409
[10]  
Loomis J., 2017, USA Patent US, Patent No. [9,773,405, 9773405]