Abstract
This paper proposes the use of monitoring tools to record data in support of digital forensic investigations. The collection of live system data requires integrity checks and data validation to be performed as the data is collected and stored. Combining system monitoring and digital forensic functionality in a single system reduces the cost and complexity of administration and maintenance, while enhancing forensic readiness.
Chapter PDF
Similar content being viewed by others
References
D. Harrington and J. Schoenwaelder, Transport Subsystem for the Simple Network Management Protocol (SNMP), RFC 5590, Internet Engineering Task Force, Fremont, California, 2009.
M. Kohn, J. Eloff and M. Olivier, UML Modeling of Digital Forensic Process Models (DFPMs), Technical Report, Information and Computer Security Architectures Research Group, Department of Computer Science, University of Pretoria, Pretoria, South Africa, 2009.
Oxford University Press, Oxford Dictionaries, Oxford, United Kingdom ( oxforddictionaries.com ), 2012.
G. Palmer, A Road Map for Digital Forensic Research, DFRWS Technical Report DTR-T001-01 Final, Digital Forensic Research Workshop, Utica, New York ( www.dfrws.org/2001/dfrws-rm- final.pdf ), 2001.
R. Rowlingson, A ten step process for forensic readiness, International Journal of Digital Evidence, vol. 2(3), 2004.
T. Ylonen, The Secure Shell (SSH) Protocol Architecture, RFC 4251, Internet Engineering Task Force, Fremont, California, 2006.
K. Zeilenga, Lightweight Directory Access Protocol (LDAP) Directory Information Models, RFC 4512, Internet Engineering Task Force, Fremont, California, 2006.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 IFIP International Federation for Information Processing
About this paper
Cite this paper
van Staden, F., Venter, H. (2012). Implementing Forensic Readiness Using Performance Monitoring Tools. In: Peterson, G., Shenoi, S. (eds) Advances in Digital Forensics VIII. DigitalForensics 2012. IFIP Advances in Information and Communication Technology, vol 383. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33962-2_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-33962-2_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33961-5
Online ISBN: 978-3-642-33962-2
eBook Packages: Computer ScienceComputer Science (R0)