Actionable threat intelligence for digital forensics readiness
Information and Computer Security
ISSN: 2056-4961
Article publication date: 11 February 2019
Issue publication date: 28 May 2019
Abstract
Purpose
The purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing digital forensic readiness (DFR) schemes by leveraging the capabilities of cyber threat information sharing.
Design/methodology/approach
This paper uses a quantitative methodology to identify the most popular cyber threat intelligence (CTI) elements and introduces a lightweight approach to correlate those with potential forensic value, resulting in the quick and accurate triaging and identification of patterns of malicious activities.
Findings
While threat intelligence exchange steadily becomes a common practice for the prevention or detection of security incidents, the proposed approach highlights its usefulness for the digital forensics (DF) domain.
Originality/value
The proposed model can help organizations to improve their DFR posture, and thus minimize the time and cost of cybercrime incidents.
Keywords
Citation
Serketzis, N., Katos, V., Ilioudis, C., Baltatzis, D. and Pangalos, G.J. (2019), "Actionable threat intelligence for digital forensics readiness", Information and Computer Security, Vol. 27 No. 2, pp. 273-291. https://doi.org/10.1108/ICS-09-2018-0110
Publisher
:Emerald Publishing Limited
Copyright © 2019, Emerald Publishing Limited