Browser unable to execute script; please use the site map to navigate the site.

Proposing a Digital Operational Forensic Investigation Process

Bihina Bella, Olivier, and Eloff

2011

(Citation)Citation information

M. A. Bihina Bella, M. S. Olivier, and J. H. P. Eloff. “Proposing a Digital Operational Forensic Investigation Process”. In: Proceedings of the sixth International Workshop on Digital Forensics & Incident Analysis. Ed. by N. Clarke and T. Tryfonas. London, UK, July 2011, pp. 17–32

(Abstract)Abstract

The increasing complexity of IT systems can lead to operational failures with disastrous consequences. In order to correct and prevent the recurrence of such failures, a thorough postmortem investigation is required to localise their root causes. However, the currently used troubleshooting approach fails to provide sound analysis of these causes. A promising alternative approach is the emerging field of operational forensics, which applies digital forensic techniques to failure analysis with a view to improve the faulty system. This paper proposes a process for an operational forensic investigation, and shows how the process could be applied to a real-life IT failure to provide the correct diagnosis of the problem quicker and with more accuracy than troubleshooting. It also revisits the current definition of operational forensics in order to make it more specific.

(Full text)Full text

A pre- or postprint of the publication is available at https://mo.co.za/open/digopfor.pdf.

(BibTeX record)BibTeX reference

@inproceedings(digopfor,
author={Bihina Bella, Madeleine A and Martin S Olivier and Jan H P Eloff},
title={Proposing a Digital Operational Forensic Investigation Process },
booktitle={Proceedings of the sixth International Workshop on Digital Forensics & Incident Analysis},
address={London, UK},
month=jul,
year={2011},
pages={17--32},
editor={Nathan Clarke and Theodore Tryfonas} )