Towards a Threat Intelligence Informed Digital Forensics Readiness Framework.

Serketzis, N., Katos, V., Ilioudis, C., Baltatzis, D. and Pangalos, G., 2017. Towards a Threat Intelligence Informed Digital Forensics Readiness Framework. In: Twenty-Fifth European Conference on Information Systems (ECIS), 6 June 2017, Guimarães, Portugal.

Full text available as:

2017_ecis.pdf - Accepted Version
Available under License Creative Commons Attribution Non-commercial No Derivatives.



Digital Forensic Readiness (DFR) has received little attention by the research community, when compared to the core digital forensic investigation processes. DFR was primarily about logging of security events to be leveraged by the forensic analysis phase. However, the increasing number of security incidents and the overwhelming volumes of data produced mandate the development of more effective and efficient DFR approaches. We propose a DFR framework focusing on the prioritisation, triaging and selection of Indicators of Compromise (IoC) to be used in investigations of security incidents. A core component of the framework is the contextualisation of the IoCs to the underlying organisation, which can be achieved with the use of clustering and classification algoriihms and a local IoC database.

Item Type:Conference or Workshop Item (Paper)
Uncontrolled Keywords:Digital Forensic Readiness; Threat Intelligence; Indicators of Compromise
Group:Faculty of Science & Technology
ID Code:30391
Deposited By: Unnamed user with email symplectic@symplectic
Deposited On:19 Feb 2018 12:08
Last Modified:19 Feb 2018 12:08


Downloads per month over past year

More statistics for this item...
Repository Staff Only -