JOURNAL OF COMPUTERS (JCP)
ISSN : 1796-203X
Volume : 2    Issue : 3    Date : May 2007

A Theoretical Framework for Organizational Network Forensic Readiness
Barbara Endicott-Popovsky, Deborah A. Frincke, and Carol A. Taylor
Page(s): 1-11
Full Text:
PDF (678 KB)


Abstract
This paper discusses breaking the escalation cycle that locks cyber intruders and their targets in a
state where targets are perennially resigned to attacks and intruders are at liberty to exploit and
disrupt networks without much risk of suffering consequences. Using systems and case analyses,  
several research questions are explored, resulting in the identification of conditions that must
change in order to interrupt this unproductive relationship between attackers and targets. As an
outcome, network forensic readiness (NFR) is proposed as a solution to digital forensic
investigations that have become too resource intensive to encourage broad application to the
growing numbers of computer crimes. While NFR has been implemented to some degree through
tools, procedures and  checklists, no comprehensive organizational implementation approach has
been identified. Thus, a theoretical framework is offered as a basis for "operationalizing" network
forensic readiness. The framework includes several models for implementing NFR in the
enterprise.  

Index Terms
digital forensics, networks, network forensics