• home
• current students
• graduate
• events

Presenter: Soltan Alharbi
Supervisor: Dr. Jens Weber and Dr. Issa Traore

Date: Thu, February 20, 2014
Time: 12:30:00 - 13:30:00
Place: EOW 430

ABSTRACT

Abstract:

Digital Forensics (DF) is defined as the ensemble of methods, tools and techniques used to collect, preserve and analyse digital data originating from any type of digital media involved in an incident with the purpose of extracting valid evidence for a court of law.

DF investigations are usually performed as a response to a digital crime and, as such, they are termed Reactive Digital Forensic (RDF). An RDF investigation takes the traditional (or post-mortem) approach of investigating digital crimes after incidents have occurred. This involves identifying, preserving, collecting, analyzing, and generating the final report.

Although RDF investigations are effective, they are faced with many challenges, especially when dealing with anti-forensic incidents, volatile data and event reconstruction. To tackle these challenges, Proactive Digital Forensics (PDF) is required. By being proactive, DF is prepared for incidents. In fact, the PDF investigation has the ability to proactively collect data, preserve it, detect suspicious events, analyze evidence and report an incident as it occurs.

This presentation focuses on the detection and analysis phase of the proactive investigation system, as it is the most expensive phase of the system.