Real-Time Forensics Through Endpoint Visibility
Abstract
In the course of the last years, there has been an established forensic process in place known by every investigator and researcher. This traditional process is regarded to produce valid evidence when it comes to court trials and, more importantly, it specifies on a very precise level how to acquire a suspects machine and handle the data within. However, when new technologies come into play, certain constraints appear: Having an incident in a network containing thousands of machines, like a global corporate network, there is no such thing as shutting down and sending an investigation team. Moreover, the question appears: Is this an isolated incident, or are there any other clients affected?
Top
- Kieseberg, Peter
- Neuner, Sebastian
- Schrittwieser, Sebastian
- Schmiedecker, Martin
- Weippl, Edgar
Top
Shortfacts
Category |
Paper in Conference Proceedings or in Workshop Proceedings (Paper) |
Event Title |
9th International Conference on Digital Forensics and Cyber Crime 2017 |
Divisions |
Security and Privacy |
Subjects |
Computersicherheit Angewandte Informatik |
Event Location |
Prague, Czech Republic |
Event Type |
Conference |
Event Dates |
9-11 Oct 2017 |
Publisher |
Springer International Publishing |
Page Range |
pp. 18-32 |
Date |
October 2017 |
Export |
Top
