Aufsatz(elektronisch)#1Juli 2017
A Socio-Technical Perspective on Threat Intelligence Informed Digital Forensic Readiness
In: International journal of systems and society: IJSS ; an official publication of the Information Resources Management Association ; an official publication of the United Kingdom Systems Society (UKSS), Band 4, Heft 2, S. 57-68
ISSN: 2327-3992
In this article, a DFR framework is proposed focusing on the prioritization, triaging and selection of Indicators of Compromise (IoC) to be used when investigating of security incidents. A core component of the framework is the contextualization of the IoCs to the underlying organization, which can be achieved with the use of clustering and classification algorithms and a local IoC database.