Digital Forensic Acquisition Kill Chain – Analysis and Demonstration
Journal article, Peer reviewed
Accepted version
Åpne
Permanent lenke
https://hdl.handle.net/11250/3032228Utgivelsesdato
2021Metadata
Vis full innførselSamlinger
Originalversjon
IFIP Advances in Information and Communication Technology. 2021, 612 3-19. 10.1007/978-3-030-88381-2_1Sammendrag
The increasing complexity and security of consumer products pose major challenges to digital forensics. Gaining access to encrypted user data without user credentials is a very difficult task. Such situations may require law enforcement to leverage offensive techniques – such as vulnerability exploitation – to bypass security measures in order to retrieve data in digital forensic investigations.
This chapter proposes a digital forensic acquisition kill chain to assist law enforcement in acquiring forensic data using offensive techniques. The concept is discussed and examples are provided to illustrate the various kill chain phases. The anticipated results of applying the kill chain include improvements in performance and success rates in short-term, case-motivated, digital forensic acquisition scenarios as well as in long-term, case-independent planning and research scenarios focused on identifying vulnerabilities and leveraging them in digital forensic acquisition methods and tools.