Evaluating Digital Forensic Readiness: A Honeypot Approach
Philip Zimmermann, Sebastian Obermeier
2024
Abstract
Digital forensic readiness has proven to be a challenging undertaking for small to medium-sized companies. To improve, it is important to evaluate the effectiveness of forensic processes. In this paper, an approach for a forensic honeypot is proposed that simulates an environment based on real company devices and is hosted in the cloud. The data collected is used for the evaluation of the forensic process, enabling the identification of discrepancies within the forensic readiness approach. The experimental results show the feasibility of the approach in collecting forensic evidence in a short time. The paper also discusses limitations with regard to the introduction of new security threats and the use and placement of endpoint intrusion detection systems.
DownloadPaper Citation
in Harvard Style
Zimmermann P. and Obermeier S. (2024). Evaluating Digital Forensic Readiness: A Honeypot Approach. In Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-709-2, SciTePress, pages 615-621. DOI: 10.5220/0012713600003767
in Bibtex Style
@conference{secrypt24,
author={Philip Zimmermann and Sebastian Obermeier},
title={Evaluating Digital Forensic Readiness: A Honeypot Approach},
booktitle={Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2024},
pages={615-621},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012713600003767},
isbn={978-989-758-709-2},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - Evaluating Digital Forensic Readiness: A Honeypot Approach
SN - 978-989-758-709-2
AU - Zimmermann P.
AU - Obermeier S.
PY - 2024
SP - 615
EP - 621
DO - 10.5220/0012713600003767
PB - SciTePress