Nikolaos Serketzis, Vasilios Katos, Christos Ilioudis, Dimitrios Baltatzis and George J. Pangalos
The purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing digital forensic readiness (DFR) schemes by leveraging the capabilities of…
Abstract
Purpose
The purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing digital forensic readiness (DFR) schemes by leveraging the capabilities of cyber threat information sharing.
Design/methodology/approach
This paper uses a quantitative methodology to identify the most popular cyber threat intelligence (CTI) elements and introduces a lightweight approach to correlate those with potential forensic value, resulting in the quick and accurate triaging and identification of patterns of malicious activities.
Findings
While threat intelligence exchange steadily becomes a common practice for the prevention or detection of security incidents, the proposed approach highlights its usefulness for the digital forensics (DF) domain.
Originality/value
The proposed model can help organizations to improve their DFR posture, and thus minimize the time and cost of cybercrime incidents.
Details
Keywords
Alexandros Papanikolaou, Vasileios Vlachos, Andreas Venieris, Christos Ilioudis, Konstantinos Papapanagiotou and Anastasios Stasinopoulos
Teaching information systems security features some peculiarities, compared to other scientific fields, as the trainees have to design and protect systems against both known and…
Abstract
Purpose
Teaching information systems security features some peculiarities, compared to other scientific fields, as the trainees have to design and protect systems against both known and unknown attacks. Moreover, the so far established stereotypes present the potential intruders as being ingenious and able to penetrate almost every system. The paper aims to discuss these issues.
Design/methodology/approach
Within the scope of two different modules in higher education institutes, the students' involvement into practical pre-designed scenarios was attempted, in order for them to understand the way intruders think, the methodologies they follow and the liabilities one may face for the flawed security of network applications and/or the supporting infrastructure. For this reason, an educational software tool was developed (named “Hackademic Challenges”), which comprised a variety of realistic scenarios, where the student had to locate and exploit various vulnerabilities, in order to successfully complete the challenge. Evaluation of the developed tool was attempted through an online, anonymous questionnaire.
Findings
The results show that the students embraced this approach and have benefited significantly from going through these exercises.
Originality/value
The contribution consists of findings that may be useful to other instructors teaching similar subjects.