In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
6th International Workshop on Digital Forensics and Incident Analysis (WDFIA 2011)
Title: Proposing a Digital Operational Forensic Investigation Process
Author(s): Madeleine Adrienne Bihina Bella, Martin Olivier, Jan Eloff
Keywords: Troubleshooting, operational forensics, digital forensics, forensic science, root cause analysis, failure analysis
Abstract: The increasing complexity of IT systems can lead to failures with disastrous consequences. In order to correct and prevent the recurrence of such failures, a thorough post-mortem investigation is required to localise their root causes. However, the currently used troubleshooting approach fails to provide sound analysis of these causes. A promising alternative approach is the emerging field of operational forensics, which applies digital forensic techniques to failure analysis with a view to improve the faulty system. This paper proposes a process for an operational forensic investigation, and shows how the process could be applied to a real-life IT failure to provide the correct diagnosis of the problem quicker and with more accuracy than troubleshooting. It also revisits the current definition of operational forensics in order to make it more specific.
Download count: 1700
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.