Mohd Zabri Adil Talib

Abstracts

3 Anomaly Detection of Log Analysis using Data Visualization Techniques for Digital Forensics Audit and Investigation

Authors: Mohamed Fadzlee Sulaiman, Zainurrasyid Abdullah, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin

Abstract:

In common digital forensics cases, investigation may rely on the analysis conducted on specific and relevant exhibits involved. Usually the investigation officer may define and advise digital forensic analyst about the goals and objectives to be achieved in reconstructing the trail of evidence while maintaining the specific scope of investigation. With the technology growth, people are starting to realize the importance of cyber security to their organization and this new perspective creates awareness that digital forensics auditing must come in place in order to measure possible threat or attack to their cyber-infrastructure. Instead of performing investigation on incident basis, auditing may broaden the scope of investigation to the level of anomaly detection in daily operation of organization’s cyber space. While handling a huge amount of data such as log files, performing digital forensics audit for large organization proven to be onerous task for the analyst either to analyze the huge files or to translate the findings in a way where the stakeholder can clearly understand. Data visualization can be emphasized in conducting digital forensic audit and investigation to resolve both needs. This study will identify the important factors that should be considered to perform data visualization techniques in order to detect anomaly that meet the digital forensic audit and investigation objectives.

Keywords: Data Visualization, Digital Forensic, Visualization Techniques, Anomaly Detection, log analysis, forensic audit

Procedia PDF Downloads 149
2 Establishing Digital Forensics Capability and Capacity among Malaysia's Law Enforcement Agencies: Issues, Challenges and Recommendations

Authors: Sarah Taylor, Nor Zarina Zainal Abidin, Mohd Zabri Adil Talib

Abstract:

Although cybercrime is on the rise, yet many Law Enforcement Agencies in Malaysia faces difficulty in establishing own digital forensics capability and capacity. The main reasons are undoubtedly because of the high cost and difficulty in convincing their management. A survey has been conducted among Malaysia’s Law Enforcement Agencies owning a digital forensics laboratory to understand their history of building digital forensics capacity and capability, the challenges and the impact of having own laboratory to their case investigation. The result of the study shall be used by other Law Enforcement Agencies in justifying to their management to establish own digital forensics capability and capacity.

Keywords: Digital Forensics, Laboratory, digital forensics capacity and capability, law enforcement agency

Procedia PDF Downloads 61
1 The Proactive Approach of Digital Forensics Methodology against Targeted Attack Malware

Authors: Mohamed Fadzlee Sulaiman, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin

Abstract:

Each individual organization has their own mechanism to build up cyber defense capability in protecting their information infrastructures from data breaches and cyber espionage. But, we can not deny the possibility of failing to detect and stop cyber attacks especially for those targeting credential information and intellectual property (IP). In this paper, we would like to share the modern approach of effective digital forensic methodology in order to identify the artifacts in tracing the trails of evidence while mitigating the infection from the target machine/s. This proposed approach will suit the digital forensic investigation to be conducted while resuming the business critical operation after mitigating the infection and minimizing the risk from the identified attack to transpire. Therefore, traditional digital forensics methodology has to be improvised to be proactive which not only focusing to discover the root caused and the threat actor but to develop the relevant mitigation plan in order to prevent from the same attack.

Keywords: Malware, Detection, Digital Forensic, eradication, targeted attack

Procedia PDF Downloads 133