Digital forensics investigative framework for control rooms in critical infrastructure

Brian Cusack; Amr Mahmoud

doi:10.25958/5c52674f66685

Digital forensics investigative framework for control rooms in critical infrastructure

Brian Cusack, Amr Mahmoud

Business and Hospitality

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

2 Citations (Scopus)

Abstract

In this paper a cyber-forensic framework with a detailed guideline for protecting control systems is developed to improve the forensic capability for big data in critical infrastructures. The main objective of creating a cyber-forensic plan is to cover the essentials of monitoring, troubleshooting, data reconstruction, recovery, and the safety of classified information. The problem to be addressed in control rooms is the diversity and quantity of data, and for investigators, bringing together the different skill groups for managing data and device diversity. This research embraces establishing of a new digital forensic model for critical infrastructures that supports digital forensic investigators with the necessary information for conducting an advanced forensic investigation in Critical Infrastructures. The framework for investigation is presented here and elaborated. The extended work applies the framework to industry case studies and is not reported here.

Original language	English
Title of host publication	Australian Digital Forensics Conference, ADF 2018
Editors	Craig Valli
Publisher	SRI Security Research Institute, Edith Cowan University
Pages	17-23
Number of pages	7
ISBN (Electronic)	9780648444404
DOIs	https://doi.org/10.25958/5c52674f66685
Publication status	Published - 2018
Event	16th Australian Digital Forensics Conference, ADF 2018 - Perth, Australia Duration: 4 Dec 2018 → …

Publication series

Name	Australian Digital Forensics Conference, ADF 2018

Conference

Conference	16th Australian Digital Forensics Conference, ADF 2018
Country/Territory	Australia
City	Perth
Period	4/12/18 → …

Keywords

Control Room
Critical Infrastructure
Digital Forensics
Investigation

Access to Document

10.25958/5c52674f66685

Cite this

@inproceedings{dd33537f1d12478ea1fda54611940198,

title = "Digital forensics investigative framework for control rooms in critical infrastructure",

abstract = "In this paper a cyber-forensic framework with a detailed guideline for protecting control systems is developed to improve the forensic capability for big data in critical infrastructures. The main objective of creating a cyber-forensic plan is to cover the essentials of monitoring, troubleshooting, data reconstruction, recovery, and the safety of classified information. The problem to be addressed in control rooms is the diversity and quantity of data, and for investigators, bringing together the different skill groups for managing data and device diversity. This research embraces establishing of a new digital forensic model for critical infrastructures that supports digital forensic investigators with the necessary information for conducting an advanced forensic investigation in Critical Infrastructures. The framework for investigation is presented here and elaborated. The extended work applies the framework to industry case studies and is not reported here.",

keywords = "Control Room, Critical Infrastructure, Digital Forensics, Investigation",

author = "Brian Cusack and Amr Mahmoud",

year = "2018",

doi = "10.25958/5c52674f66685",

language = "English",

series = "Australian Digital Forensics Conference, ADF 2018",

publisher = "SRI Security Research Institute, Edith Cowan University",

pages = "17--23",

editor = "Craig Valli",

booktitle = "Australian Digital Forensics Conference, ADF 2018",

}

Cusack, B & Mahmoud, A 2018, Digital forensics investigative framework for control rooms in critical infrastructure. in C Valli (ed.), Australian Digital Forensics Conference, ADF 2018. Australian Digital Forensics Conference, ADF 2018, SRI Security Research Institute, Edith Cowan University, pp. 17-23, 16th Australian Digital Forensics Conference, ADF 2018, Perth, Australia, 4/12/18. https://doi.org/10.25958/5c52674f66685

Digital forensics investigative framework for control rooms in critical infrastructure. / Cusack, Brian; Mahmoud, Amr.
Australian Digital Forensics Conference, ADF 2018. ed. / Craig Valli. SRI Security Research Institute, Edith Cowan University, 2018. p. 17-23 (Australian Digital Forensics Conference, ADF 2018).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Digital forensics investigative framework for control rooms in critical infrastructure

AU - Cusack, Brian

AU - Mahmoud, Amr

PY - 2018

Y1 - 2018

N2 - In this paper a cyber-forensic framework with a detailed guideline for protecting control systems is developed to improve the forensic capability for big data in critical infrastructures. The main objective of creating a cyber-forensic plan is to cover the essentials of monitoring, troubleshooting, data reconstruction, recovery, and the safety of classified information. The problem to be addressed in control rooms is the diversity and quantity of data, and for investigators, bringing together the different skill groups for managing data and device diversity. This research embraces establishing of a new digital forensic model for critical infrastructures that supports digital forensic investigators with the necessary information for conducting an advanced forensic investigation in Critical Infrastructures. The framework for investigation is presented here and elaborated. The extended work applies the framework to industry case studies and is not reported here.

AB - In this paper a cyber-forensic framework with a detailed guideline for protecting control systems is developed to improve the forensic capability for big data in critical infrastructures. The main objective of creating a cyber-forensic plan is to cover the essentials of monitoring, troubleshooting, data reconstruction, recovery, and the safety of classified information. The problem to be addressed in control rooms is the diversity and quantity of data, and for investigators, bringing together the different skill groups for managing data and device diversity. This research embraces establishing of a new digital forensic model for critical infrastructures that supports digital forensic investigators with the necessary information for conducting an advanced forensic investigation in Critical Infrastructures. The framework for investigation is presented here and elaborated. The extended work applies the framework to industry case studies and is not reported here.

KW - Control Room

KW - Critical Infrastructure

KW - Digital Forensics

KW - Investigation

UR - http://www.scopus.com/inward/record.url?scp=85082299099&partnerID=8YFLogxK

U2 - 10.25958/5c52674f66685

DO - 10.25958/5c52674f66685

M3 - Conference contribution

AN - SCOPUS:85082299099

T3 - Australian Digital Forensics Conference, ADF 2018

SP - 17

EP - 23

BT - Australian Digital Forensics Conference, ADF 2018

A2 - Valli, Craig

PB - SRI Security Research Institute, Edith Cowan University

T2 - 16th Australian Digital Forensics Conference, ADF 2018

Y2 - 4 December 2018

ER -

Digital forensics investigative framework for control rooms in critical infrastructure

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this