poster

Verification of forensic readiness in software development: a roadmap

Authors:

Barbora Buhnova,

Tomas PitnerAuthors Info & Claims

SAC '20: Proceedings of the 35th Annual ACM Symposium on Applied Computing

Pages 1658 - 1661

https://doi.org/10.1145/3341105.3374094

Published: 30 March 2020 Publication History

Abstract

Nowadays, a growing need for the forensic investigation of cybercrimes emerges. It is because of the rising threat of those crimes in cyberspace. Nevertheless, such investigations are highly time-consuming with delicate supportive processes. The problem of systematic preparation on the potential forensic investigation during the software development process, called forensic readiness, has only been explored since recently. Therefore there are still many open issues and challenges, with missing methods and guidelines that would support software engineers in building software systems that are forensic ready. One of the essential open challenges is the understanding of the forensic-readiness requirements that shall be embedded in the software system early during its design, and then also the techniques to ensure and verify forensic readiness and its specific needs along the way. In this paper, we propose a research roadmap towards verification of forensic readiness in software design and development, to help the progress of this new research domain. The results of the research based on the roadmap can then support software engineers in designing critical, forensic-ready systems, together with possible perspective methods of capturing and verifying the specific requirements constituting forensic readiness.

References

[1]

N. H. Ab Rahman, W. B. Glisson, Y. Yang, and K. R. Choo. 2016. Forensic-by-Design Framework for Cyber-Physical Cloud Systems. IEEE Cloud Computing 3, 1 (Jan 2016), 50--59.

[2]

R. Altschaffel, S. Kiltz, and J. Dittmann. 2009. From the Computer Incident Taxonomy to a Computer Forensic Examination Taxonomy. In 2009 Fifth International Conference on IT Security Incident Management and IT Forensics. 54--68.

Digital Library

[3]

E. Bajramovic, K. Waedt, A. Ciriello, and D. Gupta. 2016. Forensic readiness of smart buildings: Preconditions for subsequent cybersecurity tests. In 2016 IEEE International Smart Cities Conference (ISC2). 1--6.

[4]

Eoghan Casey. 2011. Digital evidence and computer crime (3rd ed ed.). Academic Press, Waltham, MA.

[5]

Lawrence Chung, Brian A Nixon, Eric Yu, and John Mylopoulos. 2012. Nonfunctional requirements in software engineering. Vol. 5. Springer Science & Business Media.

[6]

Mohamed Elyas, Sean Maynard, Atif Ahmad, and Andrew Lonie. 2014. Towards A Systemic Framework for Digital Forensic Readiness. Journal of Computer Information Systems 54 (03 2014), 97--105.

[7]

Barbara Endicott-Popovsky, Nicolai Kuntze, and Carsten Rudolph. 2015. Forensic readiness: Emerging discipline for creating reliable and secure digital evidence. Journal of Harbin Institute of Technology (New Series) 22 (02 2015), 1--8.

[8]

M. Erol-Kantarci and H. T. Mouftah. 2013. Smart grid forensic science: applications, challenges, and open issues. IEEE Communications Magazine 51, 1 (January 2013), 68--74.

[9]

Geri Georg, Indrakshi Ray, Kyriakos Anastasakis, Behzad Bordbar, Manachai Toahchoodee, and Siv Hilde Houmb. 2009. An aspect-oriented methodology for designing secure applications. Information and Software Technology 51, 5 (2009), 846 -- 864. SPECIAL ISSUE: Model-Driven Development for Secure Information Systems.

Digital Library

[10]

Cinthya Grajeda, Frank Breitinger, and Ibrahim Baggili. 2017. Availability of datasets for digital forensics - And what is missing. Digital Investigation 22 (2017), S94 -- S105.

Digital Library

[11]

George Grispos, Jesús García Galán, Liliana Pasquale, and Bashar Nuseibeh. 2017. Are You Ready? Towards the Engineering of Forensic-Ready Systems. (05 2017).

[12]

G. Grispos, W. B. Glisson, and K. R. Choo. 2017. Medical Cyber-Physical Systems Development: A Forensics-Driven Approach. In 2017 IEEE/ACM International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE). 108--113.

Digital Library

[13]

Yinghua Guo, Jill Slay, and Jason Beckett. 2009. Validation and verification of computer forensic software tools---Searching Function. Digital Investigation 6 (2009), S12 -- S22. The Proceedings of the Ninth Annual DFRWS Conference.

Digital Library

[14]

Jan Jürjens. 2002. UMLsec: Extending UML for Secure Systems Development. In «UML» 2002 --- The Unified Modeling Language. Springer Berlin Heidelberg, Berlin, Heidelberg, 412--425.

[15]

Jan Jürjens and Pasha Shabalin. 2004. Automated Verification of UMLsec Models for Security Requirements. In «UML» 2004 --- The Unified Modeling Language. Modeling Languages and Applications. Springer Berlin Heidelberg, Berlin, Heidelberg, 365--379.

[16]

Phu H. Nguyen, Max Kramer, Jacques Klein, and Yves Le Traon. 2015. An extensive systematic review on the Model-Driven Development of secure systems. Information and Software Technology 68 (2015), 62 -- 81.

Digital Library

[17]

Liliana Pasquale, Dalal Alrajeh, Claudia Peersman, Thein Tun, Bashar Nuseibeh, and Awais Rashid. 2018. Towards Forensic-ready Software Systems. In Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results (ICSE-NIER '18). ACM, New York, NY, USA, 9--12.

Digital Library

[18]

Robert Rowlingson. 2004. A Ten Step Process for Forensic Readiness. IJDE 2 (01 2004).

[19]

Iman Sharafaldin, Amirhossein Gharib, Arash Habibi Lashkari, and Ali A Ghorbani. 2018. Towards a reliable intrusion detection benchmark dataset. Software Networking 2018, 1 (2018), 177--200.

[20]

John Tan. 2001. Forensic readiness. (08 2001).

[21]

Alexander Van den Berghe, Riccardo Scandariato, Koen Yskout, and Wouter Joosen. 2017. Design notations for secure software: a systematic literature review. Software & Systems Modeling 16, 3 (01 Jul 2017), 809--831.

Digital Library

[22]

Wil M. P. Van Der Aalst. 2018. Process Mining: Data Science in Action. Springer Publishing Company, Incorporated.

[23]

O. Yavanoglu and M. Aydos. 2017. A review on cyber security datasets for machine learning algorithms. In 2017 IEEE International Conference on Big Data (Big Data). 2186--2193.

Cited By

Daubner LMacak MMatulevičius RBuhnova BMaksović SPitner T(2023)Addressing insider attacks via forensic-ready risk managementJournal of Information Security and Applications10.1016/j.jisa.2023.10343373:COnline publication date: 1-Mar-2023
https://dl.acm.org/doi/10.1016/j.jisa.2023.103433
Daubner LMatulevičius RBuhnova BPitner T(2023)BPMN4FRSS: An BPMN Extension to Support Risk-Based Development of Forensic-Ready Software SystemsEvaluation of Novel Approaches to Software Engineering10.1007/978-3-031-36597-3_2(20-43)Online publication date: 8-Jul-2023
https://doi.org/10.1007/978-3-031-36597-3_2
Daubner LMatulevičius RBuhnova B(2023)A Model of Qualitative Factors in Forensic-Ready Software SystemsResearch Challenges in Information Science: Information Science and the Connected World10.1007/978-3-031-33080-3_19(308-324)Online publication date: 23-May-2023
https://doi.org/10.1007/978-3-031-33080-3_19
Show More Cited By

Index Terms

Verification of forensic readiness in software development: a roadmap

Recommendations

Use of organisational topologies for forensic investigations
SERF 2017: Proceedings of the 1st ACM SIGSOFT International Workshop on Software Engineering and Digital Forensics

In today's highly regulated business environment, it is becoming increasingly important that organisations implement forensic-ready systems and architectures to aid the investigation of security incidents and data breaches. Previously, different ...
Forensic experts' view of forensic‐ready software systems: A qualitative study
Abstract
Software engineers widely acknowledge the inclusion of security requirements in the early stages of the development process. However, the need to prepare the software for the failure of the implemented security controls and subsequent ...

We have organized a series of interviews with digital forensic experts on the notion of an ideal forensic‐ready software system, its properties, and behavior. The paper summarizes and discusses the problems and needs of forensic readiness as well as ...
Digital forensic readiness

Modern organizations need to develop 'digital forensic readiness' to comply with their legal, contractual, regulatory, security and operational obligations. A review of academic and practitioner literature revealed a lack of comprehensive and coherent ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SAC '20: Proceedings of the 35th Annual ACM Symposium on Applied Computing

March 2020

2348 pages

ISBN:9781450368667

DOI:10.1145/3341105

Conference Chairs:
Chih-Cheng Hung
Kennesaw State University
,
Tomas Cerny
Baylor University
,
Program Chairs:
Dongwan Shin
New Mexico Tech
,
Alessio Bechini
University of Pisa, Italy

Copyright © 2020 Owner/Author.

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Sponsors

SIGAPP: ACM Special Interest Group on Applied Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 March 2020

Check for updates

Author Tags

Qualifiers

Poster

Funding Sources

European Commission

Conference

SAC '20

Sponsor:

SIGAPP

SAC '20: The 35th ACM/SIGAPP Symposium on Applied Computing

March 30 - April 3, 2020

Brno, Czech Republic

Acceptance Rates

Overall Acceptance Rate 1,650 of 6,669 submissions, 25%

Upcoming Conference

SAC '25

Sponsor:
sigapp

The 40th ACM/SIGAPP Symposium on Applied Computing

March 31 - April 4, 2025

Catania , Italy

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
233
Total Downloads

Downloads (Last 12 months)26
Downloads (Last 6 weeks)3

Reflects downloads up to 25 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Daubner LMacak MMatulevičius RBuhnova BMaksović SPitner T(2023)Addressing insider attacks via forensic-ready risk managementJournal of Information Security and Applications10.1016/j.jisa.2023.10343373:COnline publication date: 1-Mar-2023
https://dl.acm.org/doi/10.1016/j.jisa.2023.103433
Daubner LMatulevičius RBuhnova BPitner T(2023)BPMN4FRSS: An BPMN Extension to Support Risk-Based Development of Forensic-Ready Software SystemsEvaluation of Novel Approaches to Software Engineering10.1007/978-3-031-36597-3_2(20-43)Online publication date: 8-Jul-2023
https://doi.org/10.1007/978-3-031-36597-3_2
Daubner LMatulevičius RBuhnova B(2023)A Model of Qualitative Factors in Forensic-Ready Software SystemsResearch Challenges in Information Science: Information Science and the Connected World10.1007/978-3-031-33080-3_19(308-324)Online publication date: 23-May-2023
https://doi.org/10.1007/978-3-031-33080-3_19
Daubner LBuhnova BPitner T(2023)Forensic experts' view of forensic‐ready software systems: A qualitative studyJournal of Software: Evolution and Process10.1002/smr.2598Online publication date: 12-Jul-2023
https://doi.org/10.1002/smr.2598
Hill GMason JDunn A(2021)Contract cheating: an increasing challenge for global academic community arising from COVID-19Research and Practice in Technology Enhanced Learning10.1186/s41039-021-00166-816:1Online publication date: 30-Jul-2021
https://doi.org/10.1186/s41039-021-00166-8
Daubner LMatulevičius R(2021)Risk-Oriented Design Approach For Forensic-Ready Software SystemsProceedings of the 16th International Conference on Availability, Reliability and Security10.1145/3465481.3470052(1-10)Online publication date: 17-Aug-2021
https://dl.acm.org/doi/10.1145/3465481.3470052
Lee SKim G(2021)K-FFRaaS: A Generic Model for Financial Forensic Readiness as a Service in KoreaIEEE Access10.1109/ACCESS.2021.31142339(130094-130110)Online publication date: 2021
https://doi.org/10.1109/ACCESS.2021.3114233
Macak MVanat IMerjavy MJevocin TBuhnova B(2020)Towards Process Mining Utilization in Insider Threat Detection from Audit Logs2020 Seventh International Conference on Social Networks Analysis, Management and Security (SNAMS)10.1109/SNAMS52053.2020.9336573(1-6)Online publication date: 14-Dec-2020
https://doi.org/10.1109/SNAMS52053.2020.9336573
Daubner LMacak MBuhnova BPitner T(2020)Towards verifiable evidence generation in forensic-ready systems2020 IEEE International Conference on Big Data (Big Data)10.1109/BigData50022.2020.9378035(2264-2269)Online publication date: 10-Dec-2020
https://doi.org/10.1109/BigData50022.2020.9378035

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten