Investigating cybersecurity incidents requires in-depth knowledge from the analyst. Moreover, the whole process is demanding due to the vast data volumes that need to be analyzed. While various techniques exist nowadays to help with particular tasks of the analysis, the process as a whole still requires a lot of manual activities and expert skills. We propose an approach that allows the analysis of disk snapshots more efficiently and with lower demands on expert knowledge. Following a user-centered design methodology, we implemented an analytical tool to guide analysts during security incident investigations. The viability of the solution was validated by an evaluation conducted with members of different security teams
File forensic tools examine the contents of a system's disk storage to analyze files, detect infecti...
Memory forensics (or memory analysis) is a relatively new approach to digital forensics that deals e...
Abstract — The manual forensics investigation of security in-cidents is an opaque process that invol...
Data exfiltration by insiders (or people masquerading as insiders) is a major threat for organizatio...
Abstract— The action of cyber crime is increasing day by day, as a comparison of the increasing numb...
Within the framework of this article, an analysis of the dynamics of the growth of information secur...
Cyber security incidents have affected organisations from various industries. Malicious actors aim t...
Over the last few years, companies have grown enormously in terms of IT; their structure has expande...
As people continue to rely increasingly on information systems, the threat landscape will keep evolv...
Cyber-crime is becoming more widespread every day, and hackers are hitting organizations' IT infrast...
D Wolthusen Both human analysts and particularly automated tool suites are capable of deriving sensi...
Securing the highly complex infrastructures of modern organizations against innovative and targeted ...
The possibility to use the snapshot functionality of OpenStack as a method of securing evidence has ...
This master's thesis describes methodologies used in malware forensic analysis including methods use...
Digital forensics is the science of identifying, extracting, analyzing and presenting the digital ev...
File forensic tools examine the contents of a system's disk storage to analyze files, detect infecti...
Memory forensics (or memory analysis) is a relatively new approach to digital forensics that deals e...
Abstract — The manual forensics investigation of security in-cidents is an opaque process that invol...
Data exfiltration by insiders (or people masquerading as insiders) is a major threat for organizatio...
Abstract— The action of cyber crime is increasing day by day, as a comparison of the increasing numb...
Within the framework of this article, an analysis of the dynamics of the growth of information secur...
Cyber security incidents have affected organisations from various industries. Malicious actors aim t...
Over the last few years, companies have grown enormously in terms of IT; their structure has expande...
As people continue to rely increasingly on information systems, the threat landscape will keep evolv...
Cyber-crime is becoming more widespread every day, and hackers are hitting organizations' IT infrast...
D Wolthusen Both human analysts and particularly automated tool suites are capable of deriving sensi...
Securing the highly complex infrastructures of modern organizations against innovative and targeted ...
The possibility to use the snapshot functionality of OpenStack as a method of securing evidence has ...
This master's thesis describes methodologies used in malware forensic analysis including methods use...
Digital forensics is the science of identifying, extracting, analyzing and presenting the digital ev...
File forensic tools examine the contents of a system's disk storage to analyze files, detect infecti...
Memory forensics (or memory analysis) is a relatively new approach to digital forensics that deals e...
Abstract — The manual forensics investigation of security in-cidents is an opaque process that invol...