Malmö University Publications
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A comparative analysis of digital forensic readiness models using cfraas as a baseline
Malmö University, Faculty of Technology and Society (TS), Department of Computer Science and Media Technology (DVMT). Malmö University, Internet of Things and People (IOTAP).ORCID iD: 0000-0003-4071-4596
Univ Pretoria, Dept Comp Sci, DigiFORs Res Grp, Pretoria, South Africa..ORCID iD: 0000-0002-3607-8630
2019 (English)In: WIREs Forensic Science, E-ISSN 2573-9468, Vol. 1, no 6, article id e1350Article, review/survey (Refereed) Published
Abstract [en]

Digital forensic readiness (DFR) aims at maximizing the potential of conducting a digital forensic investigation while minimizing the cost of conducting postevent processes when a potential security incident is detected. Conducting digital forensic investigation (DFI) process and changing the functionality of software architectures and/or infrastructures while conducting these processes is a costly exercise; however, the availability of DFR processes can shorten and save the cost of these processes. A comparative analysis of the DFR process models is given that makes a strict comparison with the cloud forensic readiness as a service (CFRaaS) model. The main reason the CFRaaS model has been used as a basis for comparison is because it has been constructed by modifying the functionality of initially considered malicious botnets to allow the removal of potential digital evidence from the cloud without changing the architecture or the infrastructure of the cloud while conducting digital forensic processes. It is worth to note that the CFRaaS processes have been carefully developed based on the guidelines of ISO/IEC 27043:2015 international standards for information technology, security techniques, incident investigation principles and processes. Nevertheless, additional postevent response processes have also been incorporated in the CFRaaS like the reconstruction of the events and the Incident Response Procedures processes. The outcome of the comparison has shown promising results worth exploring. This article is categorized under: Digital and Multimedia Science > Cloud Forensics Digital and Multimedia Science > Cyber Threat Intelligence MoDigital and Multimedia Science > Forensic Visualization
Place, publisher, year, edition, pages
John Wiley & Sons, 2019. Vol. 1, no 6, article id e1350
Keywords [en]
CFRaaS, cloud, comparative, digital, forensic, model, readiness-as a service
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:mau:diva-64420DOI: 10.1002/wfs2.1350ISI: 000904811300002OAI: oai:DiVA.org:mau-64420DiVA, id: diva2:1819490
Available from: 2023-12-14 Created: 2023-12-14 Last updated: 2025-10-20Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full text

Authority records

Kebande, Victor Rigworo

Search in DiVA

By author/editor
Kebande, Victor RigworoVenter, Hein S.
By organisation
Department of Computer Science and Media Technology (DVMT)Internet of Things and People (IOTAP)
In the same journal
WIREs Forensic Science
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 67 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG
|
Support researchers
|
Support students
|
Simplified Registration (for researchers)
|
Register in DiVA