Novel First Responder Digital Forensics Tool as a Support to Law EnforcementMitko Bogdanoski (Military Academy “General Mihailo Apostolski”, Macedonia), Marjan Stoilkovski (Ministry of Interior, Macedonia) and Aleksandar Risteski (Ss. Cyril and Methodius University, Macedonia)
Copyright © 2016.
25 pages.
OnDemand Chapter PDF Download
Download link provided immediately after order completion
| $30.00
List Price: $37.50 | | |
Available.
Instant access upon order completion.
DOI: 10.4018/978-1-4666-8793-6.ch016| Cite Chapter
MLA
Bogdanoski, Mitko, Marjan Stoilkovski and Aleksandar Risteski. "Novel First Responder Digital Forensics Tool as a Support to Law Enforcement." Handbook of Research on Civil Society and National Security in the Era of Cyber Warfare. IGI Global, 2016. 352-376. Web. 4 Nov. 2015. doi:10.4018/978-1-4666-8793-6.ch016
APA
Bogdanoski, M., Stoilkovski, M., & Risteski, A. (2016). Novel First Responder Digital Forensics Tool as a Support to Law Enforcement. In M. Hadji-Janev, & M. Bogdanoski (Eds.) Handbook of Research on Civil Society and National Security in the Era of Cyber Warfare (pp. 352-376). Hershey, PA: Information Science Reference. doi:10.4018/978-1-4666-8793-6.ch016
Chicago
Bogdanoski, Mitko, Marjan Stoilkovski and Aleksandar Risteski. "Novel First Responder Digital Forensics Tool as a Support to Law Enforcement." In Handbook of Research on Civil Society and National Security in the Era of Cyber Warfare, ed. Metodi Hadji-Janev and Mitko Bogdanoski, 352-376 (2016), accessed November 04, 2015. doi:10.4018/978-1-4666-8793-6.ch016
Export Reference
| | TopAbstractThere are many freeware and commercial tools which can be used to provide forensics information based on dead and live forensics acquisition. The main problem with these tools is that in many cases the investigator cannot explain the script functionality and generated results and information during the trial. Because of this reason there is an increased need for developing and using script which can be easy explained and adapted to any analysis which should be made by the examiners. The chapter presents a novel developed First Responder script which can be used to perform a live and dead forensics analysis in support of Law Enforcement during the investigation process. TopIntroductionNowadays, the security of information systems is crucial. There is almost no organization that does not take appropriate security measures on its own level in order to protect systems from external and internal attacks. To ensure an adequate level of security, the organizations have started establishing special CERT (Community Emergency Response Team) teams whose key objective is to increase information security in the organization. In case if there are no such teams established, this role is undertaken by system administrators, who must attend specialized training to perform those unique duties connected with cyber security. In order to increase the information security and users' awareness, all the users of the information systems in the organization should be trained about the secure usage of the systems, ethics in information system, and the way of reporting for any registered computer incident. The need for this training is because each of them can, intentionally or unintentionally, harm the security of the information systems, and consequently harm the security of the organization. However, no matter how much the companies invest in information security and no matter how much the staff is trained, there will always be malicious users, which driven by different motives will try to exploit vulnerabilities in hardware and software solutions in the company, as well as employees’ negligence. Very often, the attackers in their intentions are supported by internal attacks made by employees in companies (insiders). The goal of the companies is to stop attackers in the perimeter network, i.e. not to allow them to enter the internal network of the company/organization. The reason for this is that when the attacker enters in the internal network and systems the only thing left is to resist malicious users using computer forensics. However, very often the responsible for information security in the companies cannot catch the attackers at the perimeter network, so after registering intrusion into the system they must react immediately and analyze the intentions of the attackers. In order the analysis to be at the highest level the responsible for information security must be trained to make a detailed analysis of the attack and, if it is possible, to discover as much information about the attacker. Sure that, even the attacker is discovered, the intrusion must be reported and companies need to ask for assistance from the competent authorities to tackle cyber threats (law enforcement), and to initiate appropriate action against the attackers. In this whole process of discovering the intentions of the attack, as well as detection of offenders, the computer forensics takes a main role. In the process of information gathering basic analysis will be performed using traditional forensics, but if there is the slightest chance, live forensics should be performed on the running computer systems. Using the live response the investigator can capture all the volatile data that will be lost as soon as the machine is powered down, such as the current configuration of the machine and the data in its RAM memory. It should be noted that, whether traditional or live forensics is performed, during the entire process of systems' analysis the investigators should avoid possible corruption of the original data. The purpose of this chapter is to provide basic concepts for live forensics and to explain its advantage when instead of automated software tools for computer forensics the investigators are using specially created scripts that are easy to adapt as necessary, i.e. accordingly to the needs of the forensic examiners. For this purpose, the rest of the chapter is organized as follows. Section 2 gives a brief overview of live computer forensics investigation process. Moreover, Section 3 explains how other disciplines are impacted by computer forensics. Section 4 shows the classification of the digital forensics as well as different models and frameworks for digital investigation process. Section 5 outlines the process of analysis of the RAM. In Section 6 the functionality and capabilities of the developed First Responder script are explained. Finally, the Section 7 concludes our work. TopComplete Chapter List
Search this Book:
Reset
Preface
Metodi Hadji-Janev, Mitko Bogdanoski | |
Chapter 1 Jai Galliott
Cyber attacks pose fresh challenges for high-level military strategy and the ethics of war. In this chapter I consider the interplay between cyber...
Sample PDF
Cyber Warfare, Asymmetry, and Responsibility: Considerations for Defence Theorem
| $30.00 List Price: $37.50 |
Chapter 2 Olivera Injac, Ramo Šendelj
This chapter gives explanation on theoretical framework of the national security policy and strategy. Moreover, it analyzes selected countries...
Sample PDF
National Security Policy and Strategy and Cyber Security Risks
| $30.00 List Price: $37.50 |
Chapter 3 Mohammed S. Gadelrab, Ali A. Ghorbani
New computing and networking technologies have not only changed the way traditional crimes are committed but also introduced completely brand new...
Sample PDF
Cyber Criminal Profiling
| $30.00 List Price: $37.50 |
Chapter 4 Katerina Zlatanovska
The distribution of information technology is a step forward in accelerating rapidity and efficiency of transferring information. As each system...
Sample PDF
Hacking and Hacktivism as an Information Communication System Threat
| $30.00 List Price: $37.50 |
Chapter 5 Flavia Zappa Leccisotti, Raoul Chiesa, Niccolo De Scalzi, Leopoldo Gudas, Daniele De Nicolo
The ICT technology is even more central in modern society. Every relevant sectors of Western economies depend on ICT technology, from Energy...
Sample PDF
Attack Scenarios Perpetrated by Terrorist Organizations Through the Use of IT and ICT: On the Basis of What Is Already Available Today
| $30.00 List Price: $37.50 |
Chapter 6 Marina Shorer-Zeltser, Galit M. Ben-Israel
The current research is dedicated to put forward the ways the Internet surfers are mobilized for the aims of illegal and harmful actions and even...
Sample PDF
Analysis of Success of Mobilization to Terror using Tools of Neuro-Linguistic Programming (NLP)
| $30.00 List Price: $37.50 |
Chapter 7 Kimberly Lukin
This article analyzes the similarities and differences between the EU's and Russia's cyber preparedness, management structures, governmental...
Sample PDF
Russian Cyberwarfare Taxonomy and Cybersecurity Contradictions between Russia and EU: An Analysis of Management, Strategies, Standards, and Legal Aspects
| $30.00 List Price: $37.50 |
Chapter 8 Stojan Slaveski, Biljana Popovska
Certain information and personal data, held by the government, needs to be kept secret because its disclosure to the general public could jeopardize...
Sample PDF
Access to Information in the Republic of Macedonia: Between Transparency and Secrecy
| $30.00 List Price: $37.50 |
Chapter 9 Flavia Zappa Leccisotti, Raoul Chiesa, Daniele De Nicolo
At a global level, various risks have increased due to the intensification of globalization, and in this scenario Cybercrime is becoming a more...
Sample PDF
Analysis of Possible Future Global Scenarios in the Field of Cyber Warfare: National Cyber Defense and Cyber Attack Capabilities
| $30.00 List Price: $37.50 |
Chapter 10 Predrag Pale
Information security is gaining attention of managers, leaders and public as attacks extend from “pure” IT systems into critical infrastructure...
Sample PDF
Information Security as a Part of Curricula in Every Professional Domain, Not Just ICT's
| $30.00 List Price: $37.50 |
Chapter 11 Dimitar Stevo Bogatinov, Mitko Bogdanoski, Slavko Angelevski
The growing network attacks and intrusions have put the government organizations at a great risk. In cyberspace, humans have great limitations in...
Sample PDF
AI-Based Cyber Defense for More Secure Cyberspace
| $30.00 List Price: $37.50 |
Chapter 12 Ashok Vaseashta, Sherri B. Vaseashta, Eric W. Braman
Advances in S&T coupled with universal access to cyberspace have motivated both state and non-state sponsored actors to new levels in the...
Sample PDF
Mitigating Unconventional Cyber-Warfare: Scenario of Cyber 9/11
| $30.00 List Price: $37.50 |
Chapter 13 Metodi Hadji-Janev
Many incidents in cyberspace and the response to those incidents by victim states prove that the cyber conflict is a reality. This new conflict is...
Sample PDF
Changing the Approach to Deterrence in Cyberspace while Protecting Civilians from Cyber Conflict
| $30.00 List Price: $37.50 |
Chapter 14 Denis Čaleta
The globalisation of the world, and thus indirectly of security, poses serious dilemmas for the modern society about how to continue basing its...
Sample PDF
Cyber Threats to Critical Infrastructure Protection: Public Private Aspects of Resilience
| $30.00 List Price: $37.50 |
Chapter 15 Biljana Tanceska, Mitko Bogdanoski, Aleksandar Risteski
In this chapter, an analysis of security attacks on network elements along with the appropriate countermeasures is presented. The main goal of this...
Sample PDF
Toward More Resilient Cyber Infrastructure: A Practical Approach
| $30.00 List Price: $37.50 |
Chapter 16 Mitko Bogdanoski, Marjan Stoilkovski, Aleksandar Risteski
There are many freeware and commercial tools which can be used to provide forensics information based on dead and live forensics acquisition. The...
Sample PDF
Novel First Responder Digital Forensics Tool as a Support to Law Enforcement
| $30.00 List Price: $37.50 |
Chapter 17 Zlatogor Borisov Minchev
The chapter describes the problem of building cyber threats resilience for the human factor as the technological growth is constantly changing the...
Sample PDF
Human Factor Role for Cyber Threats Resilience
| $30.00 List Price: $37.50 |
Chapter 18 Nancy Houston
Perhaps the greatest challenge to cyber security is that people are inherently behind each cyber problem as well as its solution. The reality is...
Sample PDF
The Impact of Human Behavior on Cyber Security
| $30.00 List Price: $37.50 |
Chapter 19 Metodi Hadji-Janev
The post-Cold War reality has brought many changes that challenge political leaders, planners and operators. Using cyberspace to accomplish their...
Sample PDF
International Legal Aspects of Protecting Civilians and Their Property in the Future Cyber Conflict
| $30.00 List Price: $37.50 |
Chapter 20 Vesna Poposka
Referring to the cyber space as the new dimension of warfare opens many legal challenges. Those challenges can be settled in two main clusters...
Sample PDF
Right to Life and Cyber Warfare: Applicability of Legal Regimes during Counterterrorist Operations (International Humanitarian Law)
| $30.00 List Price: $37.50 |
Chapter 21 Lior Tabansky
Cyberspace opened a Pandora's Box: it enabled a direct strike on national infrastructure while circumventing traditional defence systems....
Sample PDF
Israel's Cyber Security Policy: Local Response to the Global Cybersecurity Risk
| $30.00 List Price: $37.50 |
TopKey Terms in this ChapterLinux: Unix-like operating system that was designed to provide personal computer users a free or very low-cost operating system comparable to traditional and usually more expensive Unix systems. Law Enforcement: The activity of making certain that the laws of an area are obeyed. First Responder: Refers to those individuals who in the early stages of an incident are responsible for the protection and preservation of life, property, evidence, and the environment. Script: A program or sequence of instructions that is interpreted or carried out by another program rather than by the computer processor (as a compiled program is). Digital forensics: The process of uncovering and interpreting electronic data for use in a court of law. |
| |