TY - JOUR
T1 - A proposal for automating investigations in live forensics
AU - Lee, Seokhee
AU - Savoldi, Antonio
AU - Lim, Kyoung Soo
AU - Park, Jong Hyuk
AU - Lee, Sangjin
PY - 2010/10
Y1 - 2010/10
N2 - In this paper we present an XML-based framework, called XLIVE, which provides an efficient way to collect data in live forensic cases, according to well-known crime categories. XLIVE is a forensic automated framework that can be used in live forensic investigations for gathering live data on a Windows-based system. In addition, we have also implemented a proof-of-concept, called LRDS (Live Resource Detection System). This approach of examination will be used extensively to deal with terabyte/petabyte digital systems, where other approaches, such as a post-mortem analysis, cannot be adopted.
AB - In this paper we present an XML-based framework, called XLIVE, which provides an efficient way to collect data in live forensic cases, according to well-known crime categories. XLIVE is a forensic automated framework that can be used in live forensic investigations for gathering live data on a Windows-based system. In addition, we have also implemented a proof-of-concept, called LRDS (Live Resource Detection System). This approach of examination will be used extensively to deal with terabyte/petabyte digital systems, where other approaches, such as a post-mortem analysis, cannot be adopted.
KW - Automated digital investigation process
KW - Digital evidence collection
KW - Live forensics
KW - XML technology
UR - http://www.scopus.com/inward/record.url?scp=77955339339&partnerID=8YFLogxK
U2 - 10.1016/j.csi.2009.09.001
DO - 10.1016/j.csi.2009.09.001
M3 - Review article
AN - SCOPUS:77955339339
SN - 0920-5489
VL - 32
SP - 246
EP - 255
JO - Computer Standards and Interfaces
JF - Computer Standards and Interfaces
IS - 5-6
ER -