A List of articles based on which the digital forensic readiness framework was synthesized
No |
Reference |
Strategy |
Stakeholders |
Technology |
Monitoring |
Architecture |
Policy |
Training |
Culture |
Top Management Support |
Governance |
Frequency |
1 |
Ahmad, A., & Ruighaver, A. 2003 |
X |
1 |
|||||||||
2 |
Barbara, 2005 |
X |
1 |
|||||||||
3 |
Barske et al., 2010 |
X |
X |
X |
X |
4 |
||||||
4 |
Carrier, & Spafford, 2003 |
X |
X |
X |
3 |
|||||||
5 |
Casey, 2005 |
X |
X |
X |
X |
4 |
||||||
6 |
Crowley, 2007 |
X |
X |
2 |
||||||||
7 |
Forrester & Irwin, 2006 |
X |
X |
X |
X |
4 |
||||||
8 |
Ghosh, 2004 |
X |
X |
X |
X |
4 |
||||||
9 |
Grobler & Louwrens, 2007 |
X |
X |
X |
X |
X |
X |
X |
X |
8 |
||
10 |
Grobler & Louwrens, 2009 |
X |
X |
X |
X |
X |
X |
6 |
||||
11 |
Grobler et al., 2010 |
X |
X |
X |
X |
X |
X |
6 |
||||
12 |
Grobler & Dlamimi, 2010 |
X |
1 |
|||||||||
13 |
Haggerty & Taylor, 2006 |
X |
X |
2 |
||||||||
14 |
Haggerty et al., 2008 |
X |
1 |
|||||||||
15 |
Healy, 2008 |
X |
X |
2 |
||||||||
16 |
Hoolachan & Glisson, 2010 |
X |
X |
X |
X |
X |
5 |
|||||
17 |
Horn, 2008 |
X |
1 |
|||||||||
18 |
Imtiaz, 2006 |
X |
X |
X |
X |
4 |
||||||
19 |
Johnston & Reust, 2006 |
X |
X |
X |
X |
X |
X |
6 |
||||
20 |
Kent & Ghavalas 2005 |
X |
1 |
|||||||||
21 |
Kent et al., 2006 |
X |
X |
X |
X |
X |
X |
6 |
||||
22 |
Laubscher et al., 2005 |
X |
X |
X |
X |
4 |
||||||
23 |
Leibolt, 2010 |
X |
1 |
|||||||||
24 |
Malinowski, 2006 |
X |
X |
2 |
||||||||
25 |
Mouhtaropoulos et al., 2011 |
X |
X |
2 |
||||||||
26 |
Ngobeni et al., 2010 |
X |
1 |
|||||||||
27 |
Pangalos & Katos, 2010 |
X |
1 |
|||||||||
28 |
Pangalos et al., 2010 |
X |
1 |
|||||||||
29 |
Popovsky, 2007 |
X |
X |
2 |
||||||||
30 |
Patzakis et al., 2003 |
X |
X |
2 |
||||||||
31 |
Quinn, 2005 |
X |
1 |
|||||||||
32 |
Reddy & Venter 2009 |
X |
X |
X |
X |
4 |
||||||
33 |
Reddy et al., 2011 |
X |
1 |
|||||||||
34 |
Reyes & Wiles, 2007 |
X |
X |
X |
X |
4 |
||||||
35 |
Richardson, 2005 |
X |
1 |
|||||||||
36 |
Rowlingson, 2003 |
X |
X |
2 |
||||||||
37 |
Rowlingson, 2004 |
X |
X |
X |
X |
X |
X |
X |
7 |
|||
| 38 | Rust, 2005 | X |
X |
X |
3 | |||||||
| 39 | Shields et al 2011 | X |
1 | |||||||||
| 40 | Sinangin, D. (2002) | X |
X |
X |
3 | |||||||
| 41 | Von Solms et al., 2006 | X |
X |
X |
X |
X |
X |
X |
7 | |||
| 42 | Von Solms & Louwrens, 2006 | X |
1 | |||||||||
| 43 | Sommer, 2009 | X |
X |
X |
X |
X |
5 | |||||
| 44 | Staden & Venter, 2011 | X |
1 | |||||||||
| 45 | Tan, 2001 | X |
1 | |||||||||
| 46 | Taylor, C. et al., 2007 | X |
1 | |||||||||
| 47 | Taylor, M. et al., 2007 | X |
1 | |||||||||
| 48 | Taylor, M., et al., 2009 | X |
1 | |||||||||
| 49 | Wilson & Wolfe, 2003 | X |
X |
X |
X |
X |
5 | |||||
| 50 | Wolfe, 2004 | X |
X |
X |
X |
4 | ||||||
| 51 | Yasinsac, & Manzano, 2001 | X |
X |
X |
X |
X |
5 | |||||
| Total | 21 | 20 | 18 | 12 | 22 | 20 | 19 | 2 | 8 | 5 | 147 |
X denotes that the factor was discussed in the corresponding article
REFERENCES
Ahmad, A; Hadgkiss, J; Ruighaver, A.B., (2012) “Incident response teams – Challenges in supporting the organizational security function”, Computers & Security, Volume 31, Issue 5, July 2012, Pages 643-652.
AIC – Australian Institute of Criminology, (2009) The Australian Business Assessment of Computer User Security: A National Survey. Australia: Australian Institute of Criminology.
AusCert (2006) Computer Crime and Security Survey, Australia, http://www.auscert.org.au/render.html?it=2001 Accessed 12 June 2012.
Barbara, J. J. (2005) “Digital evidence accreditation in the corporate and business environment”, Digital Investigation, pages 137-146.
Barske, D., Stander, A. & Jordan, J. (2010) “A digital forensic readiness framework for South African SME’s”, Information Security for South Africa (ISSA), pages 1-6. Sandton, Johannesburg: IEEE.
Buchholz, F & Spafford, E.H. (2007) “Run-time label propagation for forensic audit data”, Computers & Security, Volume 26, Issues 7–8, December 2007, pages 496-513.
Carrier, B. & Spafford, E. H. (2003) “Getting Physical with the Digital Investigation Process”, International Journal of Digital Evidence, pages 1-20.
Casey, E. (2005) “Case Study: Network intrusion investigation - lessons in forensic preparation”, Digital Investigation, pages 254-260.
Castiglione, A; Cattaneo, G; Cembalo, M; De Santis, A; Faruolo, P; Petagna, F; Petrillo, U. F. (2012) “Engineering a secure mobile messaging framework”, Computers & Security, Available online 22 June 2012.
Chuvakin, A. (2007) “Computer forensics in the age of compliance”, Computer World, November 19.
Corbin, J. M. & Strauss, A. (1990) “Grounded theory research: Procedures, canons, and evaluative criteria”, Qualitative Sociology, pages 3-21.
Creswell, J. W. (2009) Research Design: Qualitative, Quantitative, and Mixed Methods Approaches. UK: Sage.
Crowley, E. (2007) “Corporate forensics class design with open source tools and live CDS”, Consortium for Computing Sciences in Colleges, pages 170-176.
Culley, A. (2003) “Computer forensics: past, present and future.”, Information Security Technical Report, pages 32-36.
Forrester, J. & Irwin, B. (2006) “A digital forensic investigation model for business organizations”, Information Security South Africa. Sandton, South Africa: University of Pretoria.
Ghosh, A (2004). Guidelines for the Management of IT Evidence. APEC Telecommunications and Information Working Group. Hong Kong, China.
Grobler, C. & Louwrens, C. (2007) “Digital forensic readiness as a component of information security best practice”, 22nd International Information Security Conference, pages 13-24, Sandton, South Africa, Springer.
Grobler, C. & Louwrens, C. (2009) “High-level Integrated View of Digital Forensics”, Information Security for South Africa. South Africa: University of Pretoria.
Grobler, C., Louwrens, C. & von Solms, S. (2010) “A framework to guide the implementation of Proactive Digital Forensics in organizations”, International Conference on Availability, Reliability and Security, pages 677-682, IEEE Computer Society.
Grobler, M. & Dlamini, I. (2010) “Managing Digital Evidence – the Governance of Digital Forensics”, Journal of Contemporary Management, pages 1 - 21.
Haggerty, J. & Taylor, M. (2006) “Managing Corporate Computer Forensics”, Computer Fraud & Security, pages 14-16.
Haggerty, J; Taylor, M. & Gresty, D. (2008) “Determining Culpability in Investigations of Malicious E-Mail Dissemination within the Organization”, International Annual Workshop on Digital Forensics and Incident Analysis, pages 12-20. Spain: IEEE Computer Society.
Hamzah, Z. (2005) “E-security Law and Strategy”. Malaysia: LexisNexis – Malaysian Law Journal .
Healy, L. M. (2008) Increasing the Likelihood of Admissible Electronic Evidence: Digital Log Handling Excellence and a Forensically Aware Corporate Culture, Eastern Michigan University, College of Technology, USA.
Hilley, S. (2004) “The Corporation: The Non-policed State”, Computer Fraud and Security, 4.
Hoolachan, S. A. & Glisson, W. B. (2010) “Organizational Handling of Digital Evidence”, ADFSL Conference on Digital Forensics, Security and Law, pages 33-44, USA.
Horn, D. (2008) “Taking the right approach to digital forensics”, Computer Fraud and Security, pages 16-17.
Imtiaz, F. (2006) “Enterprise Computer Forensics: A defensive and offensive strategy to fight computer crime”, Australian Digital Forensics Conference. Australia: Edith Cowan University.
ISO17799. (2006) AS/NZS ISO/IEC 17799:2006. Australia/New Zealand: Standards Australia.
Johnston, A. & Reust, J. (2006) “Network intrusion investigation - Preparation and challenges”, Digital Investigation, pages 118-126.
Kavallaris, T & Katos, V (2010) “On the detection of pod slurping attacks”, Computers & Security, Volume 29, Issue 6, September 2010, pages 680-685.
Kent, J. & Ghavalas, B. (2005) “The Unique Challenges of Collecting Corporate Evidence”, Digital Investigation, pages 239-243.
Kent, K., Chevalier, S., Grance, T. & Dang, H. (2006) Guide to Integrating Forensic Techniques and Incident Response. US: NIST.
Kruse, W. & Heiser, J.G. (2002) Computer Forensics: Incident Response Essentials, Addison Wesley.
Laubscher, R., Olivier, M., Venter, H., Rabe, D. & Eloff, J. (2005) “Computer Forensics for Computer-based Assessment - The Preparation Phase”, Information Security South Africa Conference. Sandton, South Africa.
Leibolt, G. (2010) The Complex World of Corporate Cyber Forensics Investigations, In J. Bayuk, Cyber Forensics, pages 7-27, Dallas, USA, Springer.
Lim, J. S., Chang, S., Maynard, S. & Ahmad, A. (2009) “Exploring the Relationship between Organizational Culture and Information Security Culture”, Australian Information Security Management Conference. Perth, Australia.
Malinowski, C. (2006) “Training the Cyber Investigator”, In P. Kanellis, Digital Crime and Forensic Science in Cyberspace, pages 311-333, USA, Idea Group Publishing.
McKemmish, R. (1999) "What is Forensic Computing", Trends and Issues in Crime and Criminal Justice.
McKemmish, R. (2008) “When is digital evidence forensically sound?”, In S. S. Indrajit Ray, Advances in Digital Forensics IV, pages 3-15, Kyoto, Japan: International Federation for Information Processing.
Mitropoulos, S; Patsos, D; Douligeris, C (2006) “On Incident Handling and Response: A state-of-the-art approach”, Computers & Security, Volume 25, Issue 5, July 2006, Pages 351-370.
Mohay, G. (2005) “Technical Challenges and Directions for Digital Forensics”, International Workshop on Systematic Approaches to Digital Forensic Engineering, pages 155–161, Brisbane, Australia : IEEE Computer Society.
Morgan, D. (1992) “Designing Focus Group Research”, Tools for Primary Care Research, pages 205-230.
Morgan, D. (1996) “Focus Groups”, Annual Review of Sociology, pages 129-156.
Mouhtaropoulos, A., Grobler, M. & Li, C.T. (2011) “Digital Forensic Readiness - An Insight into Governmental and Academic Initiatives”, European Intelligence and Security Informatics Conference, pages 191-196, Athens, Greece: IEEE Computer Society.
Ngobeni, S., Venter, H. & Burke, I. (2010) “A Forensic Readiness Model for Wireless Networks”, In K.-P. Chow & S. Shenoi, Advances in Digital Forensics VI, pages107–118, Springer.
NIST. (2006) Guide to Integrating Forensic Techniques into Incident Response, US: NIST SP800-86 Notes.
Norris, M., Oppenheim, C. & Rowland, F. (2008) “Finding open access articles using Google, Google Scholar, OaIster and OpenDOAR”, Online Information Review, pages 709-715.
Okoli, C. & Schabram, K. (2010) “A Guide to Conducting a Systematic Literature Review of Information Systems Research”, PROUTS: Working Papers on Information Systems .
Pangalos, G. & Katos, V. (2010) “Information Assurance and Forensic Readiness”, e-Democracy, pages181-188.
Pangalos, G., Ilioudis, C. & Pagkalos, I. (2010) “The importance of Corporate Forensic Readiness in the information security framework”, 2010 Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, pages 12-16, Larissa: IEEE Computer Society.
Patzakis, J., Mann, S. & LaBancz, M. (2003) “Computer Forensics in the Global Enterprise”, Australian Computer, Network & Information Forensics Conference. Perth, Australia: Edith Cowan University.
Peters, S. (2009) Annual CSI Computer Crime and Security Survey, US: Computer Security Institute.
Pollitt, M. (2010) “A History of Digital Forensics”, In K.-P. C. Shenoi, Advances in Digital Forensics VI, pages 3-15, Hong Kong, China: International Federation for Information Processing.
Popovsky, B. E. & Frincke, D. A. (2006) “Embedding Forensic Capabilities into Networks: Addressing Inefficiencies in Digital Forensics Investigations”, Workshop on Information Assurance - United States Military Academy, pages 133-139, West Point, NY, US: IEEE.
Popovsky, B. E., Frincke, D. A. & Taylor, C. A. (2007) “A Theoretical Framework for Organizational Network Forensic Readiness”, Journal of Computers, pages 1-11.
Power, R. & Forte, D. (2006) “The cyber dimension of corporate investigations - insights of a 21st century sleuth”, Computer Fraud and Security, pages 4-7.
Quinn, S. (2005) “Examining the state of preparedness of Information Technology management in New Zealand for events that may require forensic analysis”, Digital Investigation, pages 276-280.
Reddy, K. & Venter, H. (2009) “A Forensic Framework For Handling Information Privacy Incidents”, In G. Peterson & S. Shenoi, Advances in Digital Forensic V, pages 143-155, USA, International Federation for Information Proceeding (Springer)
Reddy, K., Venter, H. S. & Olivier, M. S. (2011)” Using time-driven activity-based costing to manage digital forensic readiness in large organizations” Information Systems Frontiers.
Reith, M., and Clint, G., Gregg C. (2002) “An Examination of Digital Forensic Models”, International Journal of Digital Evidence, pages 1-12.
Rekhis, S & Boudriga, N (2011) “Logic-based approach for digital forensic investigation in communication Networks”, Computers & Security, Volume 30, Issues 6–7, September–October 2011, Pages 376-396.
Reyes, A. & Wiles, J. (2007) ”Developing an Enterprise Digital Investigative/Electronic Discovery Capability”, In The Best Damn Cybercrime and Digital Forensics Book Period, pages 83-114, USA, Syngress.
Richardson, S. (2005) Compliance and Computer Forensics, US: Technology Pathways.
Rowlingson, R. (2003) Forensic Readiness - Enabling a Corporate Approach to Digital Evidence. US: QinetiQ Ltd.
Rowlingson, R. (2004) “A Ten Step Process for Forensic Readiness”, International Journal of Digital Evidence, 2 (3).
Rust, J. W. (2005) “Corporate Management of Computer Forensics Evidence”, InfoSecCD Conference (pp. 175-178) Kennesaw, USA, ACM.
Shields, C., Frieder, O. & Maloof, M. (2011) “A system for the proactive, continuous, and efficient collection of digital forensic evidence”, Digital Investigations, pages 3-13.
von Solms, S. & Louwrens, C. (2006b) “The Relationship Between Digital Forensics, Corporate Governance, IT Governance, and IS Governance”, In P. Kanellis, Digital Crime and Forensic Science in Cyberspace, pages 243-265, USA, Idea Group.
von Solms, S., Lourwrens, C., Reekie, C. & Grobler, T. (2006a) “A Control Framework for Digital Forensics” In M. S. Olivier & S. Shenoi, Advances in Digital Forensics II, pages 7-27, Orlando, Florida, USA, International Federation for Information Processing.
Sommer, P. (2009) Directors and Corporate Advisors' Guide to Digital Investigations and Evidence, UK: Iaac.
Staden, F. V. & Venter, H. (2011) “Adding digital forensic readiness to electronic communication using a security monitoring tool”, Information Security South Africa (pp. 1-5) Johannesburg: IEEE.
Stephenson, P. (2000) “The Application of Intrusion Detection Systems in a Forensic Environment”, Third International Workshop on the Recent Advances in Intrusion Detection. Toulouse, France: RAID.
Tan, J. (2001) Forensic Readiness, Retrieved September 26, 2005, from http://www.atstake.com/research/reports/acrobat/atstake_forensic_readiness.pdf
Taylor, C., Endicott-Popovsky, B. & A. Frincke, D. (2007) “Specifying digital forensics: A forensics policy approach”, Digital Investigations, pages 101-104.
Taylor, M., Haggerty, J. & Gresty, D. (2007) “The legal aspects of corporate computer forensic investigations”, Computer Law and Security Review, pages 62-66.
Taylor, M., Haggerty, J. & Gresty, D. (2009) “The legal aspects of corporate e-mail investigations” Computer Law & Security Review, pages 372-376.
Taylor, M., Haggerty, J. & Gresty, D. (2010) “The legal aspects of corporate computer usage policies”, Computer Law and Security Review, pages 72-76.
Valjarevic, A. & Venter, H. (2011) “Towards a digital forensics readiness framework for public key infrastructure systems”, Information Security South Africa, pages 1-10, Johannesburg, South Africa: IEEE.
Wilson, J. W. & Wolfe, H. B. (2003) “Management Strategies for Implementing Forensic Security Measures”, Information Security Technical Report, pages 55-64.
Wolfe, H. (2004) “The Question of Organizational Forensic Policy”, Computer Fraud and Security, pages 13-14.
Yasinsac, A. & Manzano, Y. (2001) “Policies to Enhance Computer and Network Forensics”, Workshop on Information Assurance and Security - United States Military Academy, pages 289-295, West Point, NY, USA, IEEE.
Young, R., and Ernest J. (2008) “Top management support: Mantra or necessity?”, International Journal of Project Management, pages 713-725.