IIF – an evidence extraction model for investigation

This framework was first introduced in DFRWS EU 2014 (the first DFRWS conference in Europe) at Amsterdam held in May and later presented at Hacks in Taiwan 2014 (HITCON) which is a high-tech security conference in Taiwan held in August.

Abstract

Digital forensics investigators are facing new challenges every day because there are a large variety of high-tech cybercrimes reported. For instance APT, Hacking, Ransomware and DDOS etc… During investigation, investigators are often too concentrated on the evidence itself, like reversing the malware for the detailed behaviors or analyzing packets for credential leakage, but seldom or having difficulties to draw out the whole picture of the incident by correlating the seized / acquired evidences for the intelligence purpose. All relevant data from seized media should be utilized and analyzed, later transformed to intelligence so as to build a profile of the potential suspect with the corresponding attributes…

Read More

Leave a Comment

Latest Videos

Cyacomb Examiner and Cyacomb Offender Manager Tools

Forensic Focus 5th December 2022 12:00 am

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Share to...