Incident Response: Practice Makes Perfect

2019 ◽  
Vol 111 (6) ◽  
pp. 24-31 ◽  
Author(s):  
Susan Beck ◽  
Priyanka Uppu ◽  
Rita Kopansky ◽  
James E. Golembeski ◽  
Stacey Black ◽  
...  
Keyword(s):  
Incident Response ◽  
Response Practice

scholarly journals A Comparative UAV Forensic Analysis: Static and Live Digital Evidence Traceability Challenges

Drones ◽  
2021 ◽  
Vol 5 (2) ◽  
pp. 42
Author(s):  
Fahad E. Salamh ◽  
Umit Karabiyik ◽  
Marcus K. Rogers ◽  
Eric T. Matson
Keyword(s):  
High Volume ◽  
Forensic Analysis ◽  
Digital Evidence ◽  
Incident Response ◽  
Scientific Contribution ◽  
Response Plan ◽  
Technical Challenges ◽  
And Control ◽  
The Impact ◽  
Categorization Model

The raising accessibility of Unmanned Aerial Vehicles (UAVs), colloquially known as drones, is rapidly increasing. Recent studies have discussed challenges that may come in tow with the growing use of this technology. These studies note that in-depth examination is required, especially when addressing challenges that carry a high volume of software data between sensors, actuators, and control commands. This work underlines static and live digital evidence traceability challenges to further enhance the UAV incident response plan. To study the live UAV forensic traceability issues, we apply the `purple-teaming’ exercise on small UAVs while conducting UAV forensic examination to determine technical challenges related to data integrity and repeatability. In addition, this research highlights current static technical challenges that could pose more challenges in justifying the discovered digital evidence. Additionally, this study discusses potential drone anti-forensic techniques and their association with the type of use, environment, attack vector, and level of expertise. To this end, we propose the UAV Kill Chain and categorize the impact and complexity of all highlighted challenges based on the conducted examination and the presented scientific contribution in this work. To the best of our knowledge, there has not been any contribution that incorporates `Purple-Teaming’ tactics to evaluate UAV-related research in cybersecurity and digital forensics. This work also proposes a categorization model that classifies the discovered UAV static and live digital evidence challenges based on their complexity and impact levels

scholarly journals Development and implementation of incident response near-infrared models for analyzing contaminated medicines containing diethylene glycol solvent

2014 ◽  
Vol 07 (06) ◽  
pp. 1450035
Author(s):  
Lihui Yin ◽  
Xuebo Zhang ◽  
Xiaodong Li ◽  
Shaohong Jin
Keyword(s):  
Propylene Glycol ◽  
Diethylene Glycol ◽  
Near Infrared ◽  
Raw Materials ◽  
Prediction Performance ◽  
Raw Material ◽  
Distilled Water ◽  
Incident Response ◽  
Quantification Model ◽  
Material Screening

Samples of preparations contaminated by diethylene glycol (DEG), diethylene glycol raw materials and laboratory prepared solutions were measured to get NIR spectra. Then the identification models were developed using the collected spectra and the spectra of distilled water, propylene glycol and the preparations without diethylene glycol. Besides, the quantification model was also established for determining the concentration of diethylene glycol in the preparations. Validation results show the identification and quantification models have ideal prediction performance. The emergency NIR models are rapid, easy to use and accurate, and can be implemented for identifying diethylene glycol raw material, screening the preparations contaminated by diethylene glycol in the markets and analyzing the concentrations of DEG.

scholarly journals Dynamic cyber-incident response

2014 ◽  
Author(s):  
Kevin Mepham ◽  
Panos Louvieris ◽  
Gheorghita Ghinea ◽  
Natalie Clewley
Keyword(s):  
Incident Response

scholarly journals Improving Forensic Triage Efficiency through Cyber Threat Intelligence

2019 ◽  
Vol 11 (7) ◽  
pp. 162 ◽  
Author(s):  
Nikolaos Serketzis ◽  
Vasilios Katos ◽  
Christos Ilioudis ◽  
Dimitrios Baltatzis ◽  
Georgios Pangalos
Keyword(s):  
Information Security ◽  
Digital Forensics ◽  
Incident Response ◽  
Security Controls ◽  
Digital Forensic ◽  
Threat Intelligence ◽  
Cyber Threat ◽  
Series Of Experiments ◽  
Cyber Threat Intelligence ◽  
Security Incidents

The complication of information technology and the proliferation of heterogeneous security devices that produce increased volumes of data coupled with the ever-changing threat landscape challenges have an adverse impact on the efficiency of information security controls and digital forensics, as well as incident response approaches. Cyber Threat Intelligence (CTI)and forensic preparedness are the two parts of the so-called managed security services that defendants can employ to repel, mitigate or investigate security incidents. Despite their success, there is no known effort that has combined these two approaches to enhance Digital Forensic Readiness (DFR) and thus decrease the time and cost of incident response and investigation. This paper builds upon and extends a DFR model that utilises actionable CTI to improve the maturity levels of DFR. The effectiveness and applicability of this model are evaluated through a series of experiments that employ malware-related network data simulating real-world attack scenarios. To this extent, the model manages to identify the root causes of information security incidents with high accuracy (90.73%), precision (96.17%) and recall (93.61%), while managing to decrease significantly the volume of data digital forensic investigators need to examine. The contribution of this paper is twofold. First, it indicates that CTI can be employed by digital forensics processes. Second, it demonstrates and evaluates an efficient mechanism that enhances operational DFR.

Sign in / Sign up

Export Citation Format

Share Document