Article ID | Journal | Published Year | Pages | File Type |
---|---|---|---|---|
454864 | Computers & Security | 2006 | 20 Pages |
Abstract
Incident Response has always been an important aspect of Information Security but it is often overlooked by security administrators. Responding to an incident is not solely a technical issue but has many management, legal, technical and social aspects that are presented in this paper. We propose a detailed management framework along with a complete structured methodology that contains best practices and recommendations for appropriately handling a security incident. We also present the state-of-the art technology in computer, network and software forensics as well as automated trace-back artifacts, schemas and protocols. Finally, we propose a generic Incident Response process within a corporate environment.
Related Topics
Physical Sciences and Engineering
Computer Science
Computer Networks and Communications
Authors
Sarandis Mitropoulos, Dimitrios Patsos, Christos Douligeris,