Anti-Forensic Threat Modeling
Abstract
The role of a digital forensic professional is to collect and analyze digital evidence. However, anti-forensic techniques can reduce the availability or usefulness of the evidence. They threaten the digital forensic examination process and may compromise its conclusions. This chapter proposes the use of threat modeling to manage the risks associated with anti-forensic threats. Risk management is introduced in the early stages of the digital forensic process to assist a digital forensic professional in determining the resources to be invested in detecting and mitigating the risk. The proposed threat model complements the incident response and digital forensic processes by providing a means for assessing the impact and likelihood of anti-forensic threats, evaluating the cost of risk mitigation and selecting tools and techniques that can be used as countermeasures. This renders the digital forensic process more robust and less susceptible to the consequences of anti-forensic actions.
Origin | Files produced by the author(s) |
---|
Loading...