Digital Forensics

Wiles, Jack; Alexander, Tammy; Ashlock, Stevee; Ballou, Susan M.; Depew, Larry; Dominguez, Greg; Ehuan, Art; Green, Ron; Long, Johnny; Reis, Kevin; Schroader, Amber; Schuler, Karen; Thompson, Eric

doi:10.1016/b978-1-59749-228-7.00002-3

Cited by 3 publications

(1 citation statement)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The DFR framework proposed by this research also addressed the post-mortem challenges of cybercrime (i.e. after-the-fact cybercrime incident identification/detection), because one of the component of the DFR framework generate cybercrime data that could be used for the swift identifications of what happened and how it happened [65][66][67] , in any digital forensic investigations. Volatile information can be collected while the instances are still active.…”

Section: Discussionmentioning

confidence: 99%

A natural human language framework for digital forensic readiness in the public cloud

Baror

Venter

Adeyemi

2020

Australian Journal of Forensic Sciences

View full text Add to dashboard Cite

Currently, about half of all global enterprises are adopting and using some form of cloud computing services. In cloud computing, potential digital evidence is distributed across multiple isolated virtual machine instances. Investigating deleted or inactive virtual instances of a cloud is a challenge to digital forensics, and the traditional methods of digital forensics are inadequate to address such digital forensic investigation. Users of the public cloud (whether a potential victim of a cyberattack, a cybercriminal or a digital forensic investigator) inherently communicate using natural human language in the form of sentences and semantics in document messaging such as texts, emails or instant messages. Consequently, natural human language interaction provides a unique identifier for cloud users. This study leverages the natural human language as an identifier to develop a novel digital forensic readiness (DFR) framework for cloud computing to detect cybercrime. The DFR framework comprises the integration of natural language processing techniques in designing a process that mimics a near real-time approach towards cybercrime detection in a cloud environment. Natural language understanding techniques are used to analyse textdata of users in the public cloud and textdata of reported cybercrimes to develop a DFR framework. In the preliminary formation of the DFR framework, the output shows that cybercrime attacks that are in progress in the form of textdata such as online documents, instant messages or emails within an organizational cloud domain can be identified, and potentially investigated swiftly, using the unique signature of users as identifiers. When adopted, the proposed DFR framework can minimize the time lapses in incident identification and reduce the subsequent investigation time of cybercrimes in the public cloud domain.

show abstract

Section: Discussionmentioning

confidence: 99%