The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.
The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.
The Evolution of Expressing and Exchanging Cyber-investigation Information in a Standardized Form
Published
Author(s)
Eoghan Casey, Sean Barnum, Ryan Griffith, Jonathan Snyder, Harm van Beek,
Abstract
This paper describes the evolution of a community-developed, standardized specification language for representing and exchanging information in the broadest possible range of cyber-investigation domains, including digital forensic science, incident response, and counter terrorism. A primary motivation for this community driven initiative is interoperability - to enable the exchange of cyber-investigation information between tools, organizations, and countries. The CASE (Cyber-investigation Analysis Standard Expression) specification language and UCO (Unified Cyber Ontology) are a rational progression from the foundational work on Digital Forensic Analysis eXpression (DFAX), which focused on digital forensic information and provenance context. This paper provides a brief history of CASE and UCO, followed by an overview of the ontology and specification language.Citation
Handling and Exchanging Electronic Evidence Across Europe
Volume
39
Publisher Info
Springer-Verlag New York, Inc., New York, NY
Pub Type
Book Chapters
Download Paper
Keywords
cyber investigations, interchange language
Created July 10, 2018, Updated November 10, 2018