Intelligence-led response: turning theory into law enforcement practice in cyber security incidents Online publication date: Mon, 09-Nov-2020
by Da-Yu Kao; Shou-Ching Hsiao; Raylin Tso
International Journal of Electronic Business (IJEB), Vol. 15, No. 4, 2020
Abstract: As the internet grows drastically in scale and density, the number of cyber security incidents investigated by law enforcement agencies (LEAs) is skyrocketing. Criminals may deny committing a crime, but LEAs are hindered in proving it by the limited processing capabilities of human analysis. While initial crime scene investigation emphasises finding actionable intelligence as quickly as possible, lab forensics focuses on reconstructing the case and cross-referencing the evidence to find the truth. Both are critical parts of the investigative response to cyber security incidents. This paper presents a practical digital forensic framework based on ISO/IEC 27043: 2015 activities, intended to handle digital evidence at the crime scene and lessen the caseload burden at the lab. By advocating an intelligence-led response to crime scene investigation and lab forensics, we aim to turn theory into practice for LEAs, supporting the resolution of cyber security incidents and the understanding of what happened. By working through the different processes and activities in practical exercises, we aim to enable LEAs to implement a response strategy for combating cyber crime.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Electronic Business (IJEB):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook