Due to frequent use of Internet and with technological advancements, cyber and malware attacks over the digital devices have increased manifold. Activities performed electronically can be investigated by means of digital forensic analysis methodologies. Live digital forensic tools are used for digital evidence collection and investigations of malicious activities that occurred on a standalone system or networks. Since compromised system remains active while using these tools, some serious issues relating to malicious functionalities and policy violations could lead to serious damages like data theft or data loss. In this paper, we present a critical review of the triage in live forensic. This paper discusses several techniques being used for performing live forensic analysis and critically evaluate their efficacy in terms of their applicability and reliability. A brief anecdote about the pros and cons of these techniques are also discussed. We present the findings of our study in the critical section.
Digital forensic, digital evidence, forensic analysis, Triage, live analysis.
To return to the Volume/Number webpage, click here.
THE INTERNATIONAL JOURNAL OF FORENSIC COMPUTER SCIENCE - IJoFCS
Volume 8, Number 1, pages 35-44, DOI: 10.5769/J201301005 or http://dx.doi.org/10.5769/J201301005
Triage in Live Digital Forensic Analysis
By Muhammad Shamraiz Bashir and M. N. A. Khan
To download this paper, click here.