Get access

An on-site digital investigation methodology for data leak case

Authors

  • Seokhee Lee,

    1. Center for Information Security Technologies (CIST), Korea University, Sungbuk-Gu, Seoul, Korea
    Search for more papers by this author
  • Keungi Lee,

    1. Center for Information Security Technologies (CIST), Korea University, Sungbuk-Gu, Seoul, Korea
    Search for more papers by this author
  • Jong Hyuk Park,

    1. Department of Computer Science and Engineering, Seoul National University of Science and Technology (SeoulTech), Nowon-gu, Seoul, Korea
    Search for more papers by this author
  • Sangjin Lee

    Corresponding author
    1. Center for Information Security Technologies (CIST), Korea University, Sungbuk-Gu, Seoul, Korea
    • Correspondence: Sangjin Lee, Center for information Security Technologies (CIST), Korea University, No.613, Battelle Research Building, Anam 5-Ga, Sungbuk-Gu, Seoul, Korea.

      E-mail: sangjin@korea.ac.kr

    Search for more papers by this author

ABSTRACT

The ever growing storage device capacity poses a severe limit to the standard digital forensics collection procedures based on duplicating the original storage device by creating a bit-by-bit copy. Such a traditional procedure is followed, even if the goal of the investigation is to find a limited quantity of digital objects to support or refute an investigative hypothesis related to a precise case category. Therefore, in this paper, we propose a new methodology to deal with data leak cases, by applying an intelligent collection paradigm, a fast analysis approach that reduces investigation time. Copyright © 2012 John Wiley & Sons, Ltd.

Ancillary