Forensic live response and event reconstruction methods in Linux systems

Funminiyi Olajide, Nick Savage, David Ndzi, Haitham Al-Sinani

Research output: Chapter in Book/Report/Conference proceedingChapter

Abstract

In this paper, we describe forensic live analysis and event reconstruction methods in digital crime investigation. This information is forensically interesting because it helps to determine the origin of events by gathering data for analysis and applying the methods of event reconstruction for evidential purposes in the court of law. Our investigation is focussed on Linux systems. We have noted the effectiveness of existing automated event reconstruction systems and we present an experimental study that describes the forensic live response and event reconstruction in digital crime investigation.
Original languageEnglish
Title of host publicationPGNET 2009
Subtitle of host publicationThe 10th Annual PostGraduate Symposium on The Convergence of Telecommunications, Networking and Broadcasting
PublisherLiverpool John Moores University
Pages141-146
Number of pages6
ISBN (Print)978-1-902560-22-9
Publication statusPublished - 2009
Externally publishedYes

    Fingerprint

Cite this

Olajide, F., Savage, N., Ndzi, D., & Al-Sinani, H. (2009). Forensic live response and event reconstruction methods in Linux systems. In PGNET 2009 : The 10th Annual PostGraduate Symposium on The Convergence of Telecommunications, Networking and Broadcasting (pp. 141-146). Liverpool John Moores University.