Source Title: Handling and Exchanging Electronic Evidence Across Europe
Date Published: June 2018
Author(s)
Eoghan Casey (University of Lausanne), Ryan Griffith (U.S. Department of Defense, Cyber Crime Center), Sean Barnum (MITRE), Jonathan Snyder (U.S. Department of Defense, Cyber Crime Center), Harm van Beek (Netherlands Forensic Institute), Alexander Nelson (NIST)
This paper describes the evolution of a community-developed, standardized specification language for representing and exchanging information in the broadest possible range of cyber-investigation domains, including digital forensic science, incident response, and counter terrorism. A primary motivation for this community driven initiative is interoperability - to enable the exchange of cyber-investigation information between tools, organizations, and countries. The CASE (Cyber-investigation Analysis Standard Expression) specification language and UCO (Unified Cyber Ontology) are a rational progression from the foundational work on Digital Forensic Analysis eXpression (DFAX), which focused on digital forensic information and provenance context. This paper provides a brief history of CASE and UCO, followed by an overview of the ontology and specification language.
This paper describes the evolution of a community-developed, standardized specification language for representing and exchanging information in the broadest possible range of cyber-investigation domains, including digital forensic science, incident response, and counter terrorism. A primary...
See full abstract
This paper describes the evolution of a community-developed, standardized specification language for representing and exchanging information in the broadest possible range of cyber-investigation domains, including digital forensic science, incident response, and counter terrorism. A primary motivation for this community driven initiative is interoperability - to enable the exchange of cyber-investigation information between tools, organizations, and countries. The CASE (Cyber-investigation Analysis Standard Expression) specification language and UCO (Unified Cyber Ontology) are a rational progression from the foundational work on Digital Forensic Analysis eXpression (DFAX), which focused on digital forensic information and provenance context. This paper provides a brief history of CASE and UCO, followed by an overview of the ontology and specification language.
Hide full abstract
Keywords
cyber investigations; interchange language
Control Families
None selected
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
