| HAL-Inria | Publications, software ... of Inria's scientists |
Conference papers
Case-Based Reasoning in Live Forensics
Abstract : The traditional forensic search and seizure process employed by law enforcement is not always appropriate given large data volumes and the potential of hard drive encryption. This paper proposes a framework built on case-based reasoning to support a live forensic response during the search and seizure process. The framework assists a first responder by identifying the risks and the procedures to ensure the optimal collection of evidence based on prior cases. Test results demonstrate that the framework provides valuable assistance to first responders, reducing the time taken to complete a response and increasing the likelihood of a successful conclusion.
Keywords :
Live forensics
case-based reasoning
Cited literature [11 references]
https://hal.inria.fr/hal-01569564
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Thursday, July 27, 2017 - 8:22:35 AM
Last modification on : Thursday, March 5, 2020 - 4:46:43 PM
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Thursday, July 27, 2017 - 8:22:35 AM
Last modification on : Thursday, March 5, 2020 - 4:46:43 PM
File
978-3-642-24212-0_6_Chapter.pd...
Files produced by the author(s)
Licence
Distributed under a Creative Commons Attribution 4.0 International License