Skip to main content
SpringerLink
Log in

Analysis of Methodologies of Digital Data Collection in Web Servers

  • Conference paper
  • First Online:
Computer Science – CACIC 2017 (CACIC 2017)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 790))

Included in the following conference series:

  • 540 Accesses

Abstract

When an incident or security threat occurs, in which a system resource is compromised or potentially exposed to unauthorized access, computer forensics techniques and methodologies must ensure that it is possible to adequately determine what, who, when and how the incident occurred, as well as to ensure and preserve the evidence collected. This paper explore two methodologies of digital data collection, the first called Preventive Approach-Data Collection a priori or Forensic Readiness and the second called Reactive Approach - Post-Collection of a security event to comparatively analyze its performance based on certain criteria and control points established over HTTP and HTTP/2 web servers.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. ISACA: Incident Management and Response. http://www.isaca.org/. Accessed 23 July 2017

  2. Internet Crime Complaint Center (IC3): Annual Report (2015). http://www.ic3.gov/media/annualreports.aspx. Accessed 14 Mar 2017

  3. Ministerio Público Fiscal de la Ciudad Autónoma de Buenos Aires. CyberCrime Informe Final 2013 - Delitos Informáticos. http://delitosinformaticos.fiscalias.gob.ar/wp-content/uploads/2014/02/CyberCrime-Informe-Final-2013-flip.pdf. Accessed 14 Feb 2017

  4. Digital Forensic Research Workshop (DFRWS). http://www.dfrws.org/. Accessed 14 Feb 2017

  5. Tugnarelli, M., Fornaroli, M., Santana, S., Jacobo, E., Díaz, J.: Análisis de Metodologías de Recolección de Datos Digitales. In: Libro de Actas Workshop de Investigadores en Ciencias de la Computación, pp. 1000–1004 (2017). ISBN 978-987-42-5143-5

    Google Scholar 

  6. Tan, J.: Forensic Readiness. http://isis.poly.edu/kulesh/forensics/forensic_readiness.pdf. Accessed 30 Sept 2016

  7. Rowlingson, R.: A ten step for forensic readiness. Int. J. Digit. Evid. 2, 1–28 (2004)

    Google Scholar 

  8. Pooe, A., Labuschagne, L.: A conceptual model for digital forensic readiness. http://ieeexplore.ieee.org/document/6320452/. Accessed 7 Oct 2017

  9. Piccirilli, D.: Protocolos a aplicar en la forensia informática en el marco de las nuevas tecnologías (pericia – forensia y cibercrimen). Tesis de doctorado. Facultad de Informática. Universidad Nacional de La Plata (2016). http://hdl.handle.net/10915/52212

  10. IETF: RFC 3227 Guidelines for Evidence Collection and Archiving. https://www.ietf.org/rfc/rfc3227.txt. Accessed 30 Aug 2016

  11. Guidelines for identification, collection, acquisition and preservation of digital evidence ISO/IEC 27037:2012

    Google Scholar 

  12. U.S. Department of Justice: Electronic Crime Scene Investigation: A Guide for First Responders, 2nd Edn. https://www.ncjrs.gov/pdffiles1/nij/219941.pdf. Accessed 30 Aug 2017

  13. Forte, D.: Principles of digital evidence collection. Netw. Secur. 2003(12), 6–7 (2003). https://doi.org/10.1016/S1353-4858(03)00006-0

    Article  Google Scholar 

  14. IETF: RFC 1945 Hypertext Transfer Protocol - HTTP/1.0. http://tools.ietf.org/html/rfc1945. Accessed 30 June 2017

  15. IETF: RFC 2616 Hypertext Transfer Protocol - HTTP/1.1. http://tools.ietf.org/html/rfc2616. Accessed 30 June 2017

  16. IETF: RFC 7540 Hypertext Transfer Protocol Version 2 (HTTP/2). https://tools.ietf.org/html/rfc7540. Accessed 30 July 2017

  17. Altheide, C., Carvey, H.: Digital Forensics with Open Source Tools, pp. 1–8 (2011). https://doi.org/10.1016/b978-1-59749-586-8.00001-7

  18. Tugnarelli, M., Fornaroli, M., Pacifico, C.: Análisis de prestaciones de herramientas de software libre para la recolección a priori de evidencia digital en servidores web. In: Libro de Actas Workshop de Investigadores en Ciencias de la Computación, pp. 985–990 (2015). ISBN 978-987-633-134-0

    Google Scholar 

  19. Computer Aided Investigative Environment. http://www.caine-live.net/. Accessed 30 Sept 2017

  20. BlackArch Linux. https://blackarch.org/. Accessed 30 Aug 2017

  21. KALI Linux. https://www.kali.org. Accessed 30 Aug 2017

  22. ISECOM: Open Source Security Testing Methodology Manual (OSSTMM). http://www.isecom.org/mirror/OSSTMM.3.pdf. Accessed 30 Mar 2017

Download references

Author information

Authors and Affiliations

  1. Facultad de Ciencias de la Administración, Universidad Nacional de Entre Ríos, Av. Tavella 1400, 3200, Concordia, Entre Ríos, Argentina

    Mónica D. Tugnarelli, Mauro F. Fornaroli, Sonia R. Santana & Eduardo Jacobo

  2. Facultad de Informática, Universidad Nacional de La Plata, 50 y 120, 1900, La Plata, Buenos Aires, Argentina

    Javier Díaz

Authors
  1. Mónica D. Tugnarelli
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mauro F. Fornaroli
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sonia R. Santana
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Eduardo Jacobo
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Javier Díaz
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mónica D. Tugnarelli .

Editor information

Editors and Affiliations

  1. Universidad Nacional de La Plata, La Plata, Argentina

    Armando Eduardo De Giusti

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Tugnarelli, M.D., Fornaroli, M.F., Santana, S.R., Jacobo, E., Díaz, J. (2018). Analysis of Methodologies of Digital Data Collection in Web Servers. In: De Giusti, A. (eds) Computer Science – CACIC 2017. CACIC 2017. Communications in Computer and Information Science, vol 790. Springer, Cham. https://doi.org/10.1007/978-3-319-75214-3_25

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-75214-3_25

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-75213-6

  • Online ISBN: 978-3-319-75214-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation