Forensic live response and event reconstruction methods in Linux systems

Funminiyi Olajide, Nick Savage, David Ndzi, Haitham Al-Sinani

Research output: Chapter in Book/Report/Conference proceedingChapter


In this paper, we describe forensic live analysis and event reconstruction methods in digital crime investigation. This information is forensically interesting because it helps to determine the origin of events by gathering data for analysis and applying the methods of event reconstruction for evidential purposes in the court of law. Our investigation is focussed on Linux systems. We have noted the effectiveness of existing automated event reconstruction systems and we present an experimental study that describes the forensic live response and event reconstruction in digital crime investigation.
Original languageEnglish
Title of host publicationPGNET 2009
Subtitle of host publicationThe 10th Annual PostGraduate Symposium on The Convergence of Telecommunications, Networking and Broadcasting
PublisherLiverpool John Moores University
Number of pages6
ISBN (Print)978-1-902560-22-9
Publication statusPublished - 2009
Externally publishedYes


Dive into the research topics of 'Forensic live response and event reconstruction methods in Linux systems'. Together they form a unique fingerprint.

Cite this