A proposal for automating investigations in live forensics

Authors:
Seokhee Lee;Antonio Savoldi;Kyoung Soo Lim;Jong Hyuk Park;Sangjin Lee
Affiliations:
Center for Information Security & Technologies - CIST, Korea University, Anam-dong, Sungbuk-Gu, Seoul, Korea;Department of Electronics for Automation, DEA, University of Brescia, Via Branze, 38, I25123, Brescia, Italy;Center for Information Security & Technologies - CIST, Korea University, Anam-dong, Sungbuk-Gu, Seoul, Korea;Department of Computer Science and Engineering, Seoul National University of Technology, 172 Gongreung 2-dong, Nowon-gu, Seoul, 139-742, Korea;Center for Information Security & Technologies - CIST, Korea University, Anam-dong, Sungbuk-Gu, Seoul, Korea
Venue:
Computer Standards & Interfaces
Year:
2010

Citing 3
Cited 1

The role of behavioral research and profiling in malicious cyber insider investigations

Digital Investigation: The International Journal of Digital Forensics & Incident Response
On the role of file system metadata in digital forensics

Digital Investigation: The International Journal of Digital Forensics & Incident Response
The future of forensic computing

Digital Investigation: The International Journal of Digital Forensics & Incident Response

Standardised system for automatic remote evaluation of biometric algorithms

Computer Standards & Interfaces

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we present an XML-based framework, called XLIVE, which provides an efficient way to collect data in live forensic cases, according to well-known crime categories. XLIVE is a forensic automated framework that can be used in live forensic investigations for gathering live data on a Windows-based system. In addition, we have also implemented a proof-of-concept, called LRDS (Live Resource Detection System). This approach of examination will be used extensively to deal with terabyte/petabyte digital systems, where other approaches, such as a post-mortem analysis, cannot be adopted.