Full title in original language:
Guide to Computer and Network Data Analysis: Applying Forensic Techniques to Incident Response
Education level:
University University (18+ years)Topic / subtopic:
Cybercrime Cybercrime investigationTarget audience:
Students,
Teachers / Lecturers
Type of resource:
Publication / Article
Languages:
English
Region of relevance:
Global
Access:
open access
Individual authors:
Karen Kent, Suzanne Chevalier, Tim Grance, Hung Dang
Publication year:
2017
Published by:
National Institute of Standards and Technology
Contact name and address:
National Institute of Standards and Technology
Contact website:
Key themes:
cyber, cybercrime, forensic, investigation, cyber-crime, cyber space, cyberspace, investigation, incident, incident response
Links:
Short description:
This guide provides general recommendations for performing the forensic process. It also provides detailed information about using the analysis process with four major categories of data sources: files, operating systems, network traffic, and applications. The guide focuses on explaining the basic components and characteristics of data sources within each category, as well as techniques for the collection, examination, and analysis of data from each category. The guide also provides recommendations for how multiple data sources can be used together to gain a better understanding of an event.