Skip to main content
Springer Nature Link
Log in

Methodology and Tools of IS Audit and Computer Forensics – The Common Denominator

  • Conference paper
Advances in Information Security and Assurance (ISA 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5576))

Included in the following conference series:

  • 1894 Accesses

Abstract

Information system audit and computer forensics each developed its own set of standards based on a separate discipline of knowledge. In this paper we analyse the tools and methodology used by IS auditors and computer forensic experts in the contemporary world, with the focus on emerging similarities between their needs and goals. We demonstrate the benefits which could be derived from the increased convergence of tools and methodology used in both areas, and we discuss possible modifications to existing tools and methodology to fulfill this goal.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. CNSS: National Information Assurance Glossary. The Committee on National Security Systems (2006)

    Google Scholar 

  2. McKemmish, R.: Report No. 118: What is Forensic Computing? In: Trends & Issues in Crime And Criminal Justice. Australian Institute of Criminology (1999)

    Google Scholar 

  3. Hinson, G.: Top Information Security Risks for 2008, CISSP Forum (2007), http://www.iso27001security.com/ (accessed October 6, 2008)

  4. Solms, B.v.: Information Security governance: COBIT or ISO 17799 or both? Computers & Security 24, 99–104 (2005)

    Article  Google Scholar 

  5. ISACA: IS Standards, Guidelines and Procedures for Auditing and Control Professionals (2008), http://www.isaca.org/AMTemplate.cfm?Section=Standards2&Template=/ContentManagement/ContentDisplay.cfm&ContentID=39354 (accessed December 15, 2007)

  6. ISO/IEC TR 18044: Information security incident management, ISO (International Organization for Standardization) and IEC (International Electrotechnical Commission) (2004)

    Google Scholar 

  7. SKAPP: Daubert:The Most Influential Supreme Court Ruling You’ve Never Heard Of. In: The Project on Scientific Knowledge and Public Policy. Tellus Institute (2003)

    Google Scholar 

  8. Mandia, K., Prosie, C., Pepe, M.: Incident Response & Computer Forensics, 2nd edn. McGraw-Hill/Osborne, Emeryville (2003)

    Google Scholar 

  9. RFC 3227: Guidelines for Evidence Collection and Archiving, Internet RFC/STD/FYI/BCP Archives (2002), http://www.faqs.org/rfcs/rfc3227.html (accessed April 14, 2008)

  10. ISACA: Control Objectives for Information and related Technology (COBIT®) (2008), http://www.isaca.org/ (accessed February 15, 2008)

  11. Farmer, D., Venema, W.: The Coroner’s Toolkit (TCT) (2008), www.porcupine.org/forensics/tct.html (accessed March 10, 2008)

  12. Carrier, B.: The Sleuth Kit (2007), http://www.sleuthkit.org/sleuthkit/desc.php (accessed February 10, 2007)

  13. Remote-Exploit.org (2007), http://www.remote-exploit.org (accessed February 2, 2008)

  14. Inside Security, I.T.: Consulting GmbH (2007), http://www.inside-security.de/ (accessed March 13, 2008)

  15. E-fense: The HELIX Live CD Page (2007), http://www.e-fense.com/helix/ (accessed February 9, 2007)

  16. Digital Evidence & Forensic Toolkit DEF (2007), http://deft.yourside.it (accessed, November 30, 2007)

  17. EnCase® Forensic Modules (2007), http://www.guidancesoftware.com/products/ef_modules.asp (accessed January 25, 2007)

  18. ProDiscover Technology Pathways (2007), http://www.techpathways.com/ (accessed January 2, 2008)

  19. Access Data Forensic Toolkit ® 2.0 (2008), http://www.accessdata.com/Products/ftk2test.aspx (accessed April 14, 2008)

  20. X-Ways Forensics: Integrated Computer Forensics Software (2008), http://www.x-ways.net/forensics/ (accessed February 5, 2008)

  21. Paraben Corporation (2008), www.paraben-forensics.com (accessed January 12, 2008)

  22. NTI Software Suites (2008), http://www.forensics-intl.com/ (accessed February 12, 2008)

  23. Tenable Network Security, Inc. (2008), http://www.nessus.org/ (accessed April 14, 2008)

  24. The Metasploit Project (2008), http://www.metasploit.org (accessed December 15, 2007)

  25. Insecure.Org - Nmap Free Security Scanner, Tools & Hacking resources (2007), http://nmap.org/ (accessed December 10, 2007)

  26. Security Auditor’s Research Assistant (SARA), Advanced Research Corporation® (2008), http://www-arc.com/sara/ (accessed March 4, 2008)

  27. eEye Digital Security, http://www.eeye.com/html/products/retina/ (accessed April 10, 2008)

  28. GFI Software (2008) http://www.gfi.com/lannetscan/ (accessed April 12, 2008)

  29. IBM Internet Security Systems (2007), http://www.iss.net (accessed April 8, 2008)

  30. SAINT Corporation (2008), http://www.saintcorporation.com/products/vulnerability_scan/saint/saint_scanner.html (accessed March 30, 2008)

  31. Bem, D.: Open Source Virtual Environments in Computer Forensics. In: Proceedings of the 1st Workshop on Open Source Software for Computer and Network Forensics, Milan, pp. 1–13 (2008)

    Google Scholar 

  32. Buchholz, F., Spafford, E.H.: Run-time label propagation for forensic audit data. Computers & Security 26, 496–513 (2007)

    Article  Google Scholar 

  33. Huebner, E., Henskens, F.: The Role of Operating System in Computer Forensics. ACM SIGOPS Operating Systems Review 42(3), 1–3 (2008)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Electronics and IT, Warsaw University of Technology, Poland

    Magdalena Szeżyńska

  2. School of Computing and Mathematics, University of Western Sydney, Penrith Campus, Locked bag 1797, Penrith South, DC NSW 1797, Australia

    Ewa Huebner, Derek Bem & Chun Ruan

Authors
  1. Magdalena Szeżyńska
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ewa Huebner
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Derek Bem
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chun Ruan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Engineering Department, Kyungnam University, 449, Wolyong-dong, 631-701, Kyungnam, Masan, Korea

    Jong Hyuk Park

  2. Institute of Communications Engineering, National Sun Yat-Sen University, Kaohsiung City, Taiwan

    Hsiao-Hwa Chen

  3. School of Computer Science,, University of Oklahoma, 200 Felgar Street, 73019, P.O. Box, Norman, OK, USA

    Mohammed Atiquzzaman

  4. School of Computer Engineering, Hanshin University, Kyeong-Gi, Osan, Korea

    Changhoon Lee

  5. Division of Multimedia, Hannam University, Daejeon, Korea

    Tai-hoon Kim

  6. Division of Computer Engineering, Mokwon University, Daejeon, Korea

    Sang-Soo Yeo

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Szeżyńska, M., Huebner, E., Bem, D., Ruan, C. (2009). Methodology and Tools of IS Audit and Computer Forensics – The Common Denominator. In: Park, J.H., Chen, HH., Atiquzzaman, M., Lee, C., Kim, Th., Yeo, SS. (eds) Advances in Information Security and Assurance. ISA 2009. Lecture Notes in Computer Science, vol 5576. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02617-1_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-02617-1_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-02616-4

  • Online ISBN: 978-3-642-02617-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics