Linux Forensic Analysis and Extraction Tool

Digital forensics is a crucial discipline in the field of cybersecurity, involving the systematic examination of electronic devices to uncover, analyze, and preserve digital evidence for investigative purposes. In this context, Linux, as an operating system, presents unique challenges and opportunit...

Full description

Bibliographic Details
Published in:8th International Conference on Recent Advances and Innovations in Engineering: Empowering Computing, Analytics, and Engineering Through Digital Innovation, ICRAIE 2023
Main Author: Akmal Bin Shafiee M.Z.; Hani Binti Mohd Ali F.; Binti Nik Zulkipli N.H.
Format: Conference paper
Language:English
Published: Institute of Electrical and Electronics Engineers Inc. 2023
Online Access:https://www.scopus.com/inward/record.uri?eid=2-s2.0-85189935394&doi=10.1109%2fICRAIE59459.2023.10468410&partnerID=40&md5=c7ec732b8f8084634067be392fc72e68
Description
Summary:Digital forensics is a crucial discipline in the field of cybersecurity, involving the systematic examination of electronic devices to uncover, analyze, and preserve digital evidence for investigative purposes. In this context, Linux, as an operating system, presents unique challenges and opportunities for forensic investigators. Linux forensic analysis requires a deep understanding of its distinctive commands, file systems, and log files, which serve as primary sources for tracing and understanding security incidents. This paper delves into the fundamentals of digital forensics and explores the specific nuances of Linux forensic analysis. We highlight common Linux artifacts that play a pivotal role in investigations, shedding light on their significance. To enhance the efficiency of forensic investigations, we propose the development of an extraction tool. This tool aims to automate the retrieval of Linux artifacts, providing investigators with a streamlined and systematic approach to data collection. By creating a bridge between the intricacies of Linux systems and the needs of forensic investigators, this extraction tool is poised to contribute significantly to the advancement of Linux forensic analysis. © 2023 IEEE.
ISSN:
DOI:10.1109/ICRAIE59459.2023.10468410