Toward Models for Forensic Analysis
- Author(s): Peisert, Sean;
- Bishop, Matt;
- Karin, Sidney;
- Marzullo, Keith
- et al.
Published Web Locationhttp://ieeexplore.ieee.org/iel5/4155337/4155338/04155346.pdf?tp=&arnumber=4155346&isnumber=4155338
The existing solutions in the field of computer forensics are largely ad hoc. This paper discusses the need for a rigorous model of forensics and outlines qualities that such a model should possess. It presents an overview of a forensic model and an example of how to apply the model to a real-world, multi-stage attack. We show how using the model can result in forensic analysis requiring a much smaller amount of carefully selected, highly useful data than without the model.