Linux Forensic Analysis and Extraction Tool

Digital forensics is a crucial discipline in the field of cybersecurity, involving the systematic examination of electronic devices to uncover, analyze, and preserve digital evidence for investigative purposes. In this context, Linux, as an operating system, presents unique challenges and opportunit...

Full description

Bibliographic Details
Published in:8th International Conference on Recent Advances and Innovations in Engineering: Empowering Computing, Analytics, and Engineering Through Digital Innovation, ICRAIE 2023
Main Author: Akmal Bin Shafiee M.Z.; Hani Binti Mohd Ali F.; Binti Nik Zulkipli N.H.
Format: Conference paper
Language:English
Published: Institute of Electrical and Electronics Engineers Inc. 2023
Online Access:https://www.scopus.com/inward/record.uri?eid=2-s2.0-85189935394&doi=10.1109%2fICRAIE59459.2023.10468410&partnerID=40&md5=c7ec732b8f8084634067be392fc72e68
id 2-s2.0-85189935394
spelling 2-s2.0-85189935394
Akmal Bin Shafiee M.Z.; Hani Binti Mohd Ali F.; Binti Nik Zulkipli N.H.
Linux Forensic Analysis and Extraction Tool
2023
8th International Conference on Recent Advances and Innovations in Engineering: Empowering Computing, Analytics, and Engineering Through Digital Innovation, ICRAIE 2023


10.1109/ICRAIE59459.2023.10468410
https://www.scopus.com/inward/record.uri?eid=2-s2.0-85189935394&doi=10.1109%2fICRAIE59459.2023.10468410&partnerID=40&md5=c7ec732b8f8084634067be392fc72e68
Digital forensics is a crucial discipline in the field of cybersecurity, involving the systematic examination of electronic devices to uncover, analyze, and preserve digital evidence for investigative purposes. In this context, Linux, as an operating system, presents unique challenges and opportunities for forensic investigators. Linux forensic analysis requires a deep understanding of its distinctive commands, file systems, and log files, which serve as primary sources for tracing and understanding security incidents. This paper delves into the fundamentals of digital forensics and explores the specific nuances of Linux forensic analysis. We highlight common Linux artifacts that play a pivotal role in investigations, shedding light on their significance. To enhance the efficiency of forensic investigations, we propose the development of an extraction tool. This tool aims to automate the retrieval of Linux artifacts, providing investigators with a streamlined and systematic approach to data collection. By creating a bridge between the intricacies of Linux systems and the needs of forensic investigators, this extraction tool is poised to contribute significantly to the advancement of Linux forensic analysis. © 2023 IEEE.
Institute of Electrical and Electronics Engineers Inc.

English
Conference paper

author Akmal Bin Shafiee M.Z.; Hani Binti Mohd Ali F.; Binti Nik Zulkipli N.H.
spellingShingle Akmal Bin Shafiee M.Z.; Hani Binti Mohd Ali F.; Binti Nik Zulkipli N.H.
Linux Forensic Analysis and Extraction Tool
author_facet Akmal Bin Shafiee M.Z.; Hani Binti Mohd Ali F.; Binti Nik Zulkipli N.H.
author_sort Akmal Bin Shafiee M.Z.; Hani Binti Mohd Ali F.; Binti Nik Zulkipli N.H.
title Linux Forensic Analysis and Extraction Tool
title_short Linux Forensic Analysis and Extraction Tool
title_full Linux Forensic Analysis and Extraction Tool
title_fullStr Linux Forensic Analysis and Extraction Tool
title_full_unstemmed Linux Forensic Analysis and Extraction Tool
title_sort Linux Forensic Analysis and Extraction Tool
publishDate 2023
container_title 8th International Conference on Recent Advances and Innovations in Engineering: Empowering Computing, Analytics, and Engineering Through Digital Innovation, ICRAIE 2023
container_volume
container_issue
doi_str_mv 10.1109/ICRAIE59459.2023.10468410
url https://www.scopus.com/inward/record.uri?eid=2-s2.0-85189935394&doi=10.1109%2fICRAIE59459.2023.10468410&partnerID=40&md5=c7ec732b8f8084634067be392fc72e68
description Digital forensics is a crucial discipline in the field of cybersecurity, involving the systematic examination of electronic devices to uncover, analyze, and preserve digital evidence for investigative purposes. In this context, Linux, as an operating system, presents unique challenges and opportunities for forensic investigators. Linux forensic analysis requires a deep understanding of its distinctive commands, file systems, and log files, which serve as primary sources for tracing and understanding security incidents. This paper delves into the fundamentals of digital forensics and explores the specific nuances of Linux forensic analysis. We highlight common Linux artifacts that play a pivotal role in investigations, shedding light on their significance. To enhance the efficiency of forensic investigations, we propose the development of an extraction tool. This tool aims to automate the retrieval of Linux artifacts, providing investigators with a streamlined and systematic approach to data collection. By creating a bridge between the intricacies of Linux systems and the needs of forensic investigators, this extraction tool is poised to contribute significantly to the advancement of Linux forensic analysis. © 2023 IEEE.
publisher Institute of Electrical and Electronics Engineers Inc.
issn
language English
format Conference paper
accesstype
record_format scopus
collection Scopus
_version_ 1809678019234627584