Nikolaos Serketzis, Vasilios Katos, Christos Ilioudis, Dimitrios Baltatzis and George J. Pangalos
The purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing digital forensic readiness (DFR) schemes by leveraging the capabilities of…
Abstract
Purpose
The purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing digital forensic readiness (DFR) schemes by leveraging the capabilities of cyber threat information sharing.
Design/methodology/approach
This paper uses a quantitative methodology to identify the most popular cyber threat intelligence (CTI) elements and introduces a lightweight approach to correlate those with potential forensic value, resulting in the quick and accurate triaging and identification of patterns of malicious activities.
Findings
While threat intelligence exchange steadily becomes a common practice for the prevention or detection of security incidents, the proposed approach highlights its usefulness for the digital forensics (DF) domain.
Originality/value
The proposed model can help organizations to improve their DFR posture, and thus minimize the time and cost of cybercrime incidents.