Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

The Evolution of Expressing and Exchanging Cyber-investigation Information in a Standardized Form

Published

Author(s)

Eoghan Casey, Sean Barnum, Ryan Griffith, Jonathan Snyder, Harm van Beek, Alexander J. Nelson

Abstract

This paper describes the evolution of a community-developed, standardized specification language for representing and exchanging information in the broadest possible range of cyber-investigation domains, including digital forensic science, incident response, and counter terrorism. A primary motivation for this community driven initiative is interoperability - to enable the exchange of cyber-investigation information between tools, organizations, and countries. The CASE (Cyber-investigation Analysis Standard Expression) specification language and UCO (Unified Cyber Ontology) are a rational progression from the foundational work on Digital Forensic Analysis eXpression (DFAX), which focused on digital forensic information and provenance context. This paper provides a brief history of CASE and UCO, followed by an overview of the ontology and specification language.
Citation
Handling and Exchanging Electronic Evidence Across Europe
Volume
39
Publisher Info
Springer-Verlag New York, Inc., New York, NY

Keywords

cyber investigations, interchange language

Citation

Casey, E. , Barnum, S. , Griffith, R. , Snyder, J. , van Beek, H. and Nelson, A. (2018), The Evolution of Expressing and Exchanging Cyber-investigation Information in a Standardized Form, Handling and Exchanging Electronic Evidence Across Europe, Springer-Verlag New York, Inc., New York, NY, [online], https://doi.org/10.1007/978-3-319-74872-6, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=922815 (Accessed May 26, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created July 9, 2018, Updated October 12, 2021