%0 Conference Proceedings
%T Anti-Forensic Threat Modeling
%+ National Institute of Criminalistics [Brasília]
%A Hoelz, Bruno
%A Maues, Marcelo
%Z Part 4: Threat Detection and Mitigation
%< avec comité de lecture
%( IFIP Advances in Information and Communication Technology
%B 13th IFIP International Conference on Digital Forensics (DigitalForensics)
%C Orlando, FL, United States
%Y Gilbert Peterson
%Y Sujeet Shenoi
%I Springer International Publishing
%3 Advances in Digital Forensics XIII
%V AICT-511
%P 169-183
%8 2017-01-30
%D 2017
%R 10.1007/978-3-319-67208-3_10
%K Forensic examination
%K Anti-forensics
%K Threat modeling
%K Risk management
%Z Computer Science [cs]Conference papers
%X The role of a digital forensic professional is to collect and analyze digital evidence. However, anti-forensic techniques can reduce the availability or usefulness of the evidence. They threaten the digital forensic examination process and may compromise its conclusions. This chapter proposes the use of threat modeling to manage the risks associated with anti-forensic threats. Risk management is introduced in the early stages of the digital forensic process to assist a digital forensic professional in determining the resources to be invested in detecting and mitigating the risk. The proposed threat model complements the incident response and digital forensic processes by providing a means for assessing the impact and likelihood of anti-forensic threats, evaluating the cost of risk mitigation and selecting tools and techniques that can be used as countermeasures. This renders the digital forensic process more robust and less susceptible to the consequences of anti-forensic actions.
%G English
%Z TC 11
%Z WG 11.9
%2 https://inria.hal.science/hal-01716404/document
%2 https://inria.hal.science/hal-01716404/file/456364_1_En_10_Chapter.pdf
%L hal-01716404
%U https://inria.hal.science/hal-01716404
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-AICT
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-DF
%~ IFIP-WG11-9
%~ IFIP-AICT-511