Další formáty:
BibTeX
LaTeX
RIS
@inproceedings{1677096, author = {Beran, Michal and Hrdina, František and Kouřil, Daniel and Ošlejšek, Radek and Zákopčanová, Kristína}, address = {Salt Lake City, US}, booktitle = {2020 IEEE Symposium on Visualization for Cyber Security (VizSec)}, doi = {http://dx.doi.org/10.1109/VizSec51108.2020.00008}, keywords = {incident investigation; digital evidence; file system metadata; data analysis}, howpublished = {elektronická verze "online"}, language = {eng}, location = {Salt Lake City, US}, isbn = {978-1-7281-8262-9}, pages = {11-20}, publisher = {IEEE}, title = {Exploratory Analysis of File System Metadata for Rapid Investigation of Security Incidents}, url = {https://ieeexplore.ieee.org/document/9347414}, year = {2020} }
TY - JOUR ID - 1677096 AU - Beran, Michal - Hrdina, František - Kouřil, Daniel - Ošlejšek, Radek - Zákopčanová, Kristína PY - 2020 TI - Exploratory Analysis of File System Metadata for Rapid Investigation of Security Incidents PB - IEEE CY - Salt Lake City, US SN - 9781728182629 KW - incident investigation KW - digital evidence KW - file system metadata KW - data analysis UR - https://ieeexplore.ieee.org/document/9347414 N2 - Investigating cybersecurity incidents requires in-depth knowledge from the analyst. Moreover, the whole process is demanding due to the vast data volumes that need to be analyzed. While various techniques exist nowadays to help with particular tasks of the analysis, the process as a whole still requires a lot of manual activities and expert skills. We propose an approach that allows the analysis of disk snapshots more efficiently and with lower demands on expert knowledge. Following a user-centered design methodology, we implemented an analytical tool to guide analysts during security incident investigations. The viability of the solution was validated by an evaluation conducted with members of different security teams. ER -
BERAN, Michal, František HRDINA, Daniel KOUŘIL, Radek OŠLEJŠEK a Kristína ZÁKOPČANOVÁ. Exploratory Analysis of File System Metadata for Rapid Investigation of Security Incidents. Online. In \textit{2020 IEEE Symposium on Visualization for Cyber Security (VizSec)}. Salt Lake City, US: IEEE, 2020, s.~11-20. ISBN~978-1-7281-8262-9. Dostupné z: https://dx.doi.org/10.1109/VizSec51108.2020.00008.
|