Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
The Evolution of Expressing and Exchanging Cyber-investigation Information in a Standardized Form
Published
Author(s)
Eoghan Casey, Sean Barnum, Ryan Griffith, Jonathan Snyder, Harm van Beek,
Abstract
This paper describes the evolution of a community-developed, standardized specification language for representing and exchanging information in the broadest possible range of cyber-investigation domains, including digital forensic science, incident response, and counter terrorism. A primary motivation for this community driven initiative is interoperability - to enable the exchange of cyber-investigation information between tools, organizations, and countries. The CASE (Cyber-investigation Analysis Standard Expression) specification language and UCO (Unified Cyber Ontology) are a rational progression from the foundational work on Digital Forensic Analysis eXpression (DFAX), which focused on digital forensic information and provenance context. This paper provides a brief history of CASE and UCO, followed by an overview of the ontology and specification language.Citation
Handling and Exchanging Electronic Evidence Across Europe
Volume
39
Publisher Info
Springer-Verlag New York, Inc., New York, NY
Pub Type
Book Chapters
Download Paper
Keywords
cyber investigations, interchange language
Created July 10, 2018, Updated November 10, 2018