Proposing a Digital Operational Forensic Investigation Process
Bihina Bella, Olivier, and Eloff
2011
Citation information
M. A. Bihina Bella, M. S. Olivier, and J. H. P. Eloff. “Proposing a Digital Operational Forensic Investigation Process”. In: Proceedings of the sixth International Workshop on Digital Forensics & Incident Analysis. Ed. by N. Clarke and T. Tryfonas. London, UK, July 2011, pp. 17–32Abstract
The increasing complexity of IT systems can lead to operational failures with disastrous consequences. In order to correct and prevent the recurrence of such failures, a thorough postmortem investigation is required to localise their root causes. However, the currently used troubleshooting approach fails to provide sound analysis of these causes. A promising alternative approach is the emerging field of operational forensics, which applies digital forensic techniques to failure analysis with a view to improve the faulty system. This paper proposes a process for an operational forensic investigation, and shows how the process could be applied to a real-life IT failure to provide the correct diagnosis of the problem quicker and with more accuracy than troubleshooting. It also revisits the current definition of operational forensics in order to make it more specific.
Full text
A pre- or postprint of the publication is available at https://mo.co.za/open/digopfor.pdf.BibTeX reference
@inproceedings(digopfor,author={Bihina Bella, Madeleine A and Martin S Olivier and Jan H P Eloff},
title={Proposing a Digital Operational Forensic Investigation Process },
booktitle={Proceedings of the sixth International Workshop on Digital Forensics ∖& Incident Analysis},
address={London, UK},
month=jul,
year={2011},
pages={17--32},
editor={Nathan Clarke and Theodore Tryfonas} )