Title :
Data Leak Analysis in a Corporate Environment
Author :
Lee, Seokhee ; Lee, Keungi ; Savoldi, Antonio ; Lee, Sangjin
Author_Institution :
Center for Inf. Security Technol. (CIST), Korea Univ., Seoul, South Korea
Abstract :
Digital forensics focuses on the collection of evidence from the volatile and non-volatile memory of a computer based system, such as the hard disk and the RAM content. Needless to say, hard disk data are crucial in the investigation, but whether hard disk data collection is possible or not depends on the features of the case, and whether the forensics practitioners have a suitable legal permission. As nowadays the capacity of hard disks is increasing more and more, it takes a considerable amount of time to perform the imaging phase, and thus to deal with different steps in the chain of custody of the case. As a consequence, delaying the collection step in the investigation may have a detrimental effect on the progress of the investigation or may be a barrier to succeed in the investigation. Hence, we suggest an efficient methodology to collect evidence for dealing with data leak cases, by substantially reducing the collection time.
Keywords :
computer forensics; corporate modelling; hard discs; random-access storage; RAM content; computer based system; corporate environment; data leak analysis; digital forensics; hard disk data collection; nonvolatile memory; Automatic control; Automation; Control system analysis; Control systems; Data analysis; Digital forensics; Hard disks; Information analysis; Information security; Nonvolatile memory;
Conference_Titel :
Innovative Computing, Information and Control (ICICIC), 2009 Fourth International Conference on
Conference_Location :
Kaohsiung
Print_ISBN :
978-1-4244-5543-0
DOI :
10.1109/ICICIC.2009.154
