Location of Repository

Towards a Threat Intelligence Informed Digital Forensics Readiness Framework

By N. Serketzis, Vailis Katos, C. Ilioudis, D. Baltatzis and G. Pangalos


Digital Forensic Readiness (DFR) has received little attention by the research community, when compared to the core digital forensic investigation processes. DFR was primarily about logging of security events to be leveraged by the forensic analysis phase. However, the increasing number of security incidents and the overwhelming volumes of data produced mandate the development of more effective and efficient DFR approaches. We propose a DFR framework focusing on the prioritisation, triaging and selection of Indicators of Compromise (IoC) to be used in investigations of security incidents. A core component of the framework is the contextualisation of the IoCs to the underlying organisation, which can be achieved with the use of clustering and classification algoriihms and a local IoC database

Year: 2017
OAI identifier: oai:eprints.bournemouth.ac.uk:30391
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • http://eprints.bournemouth.ac.... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.