Australian Digital Forensics Conference
Document Type
Conference Proceeding
Publisher
secau Security Research Centre, Edith Cowan University, Perth, Western Australia
Abstract
As ESI (Electronically Stored Information) is included in extent of evidence that become discovery's target in FRCP(Federal Rules of Civil Procedure) taken effect on December 1, 2006, enterprises been always vexing in several litigations need to adapt systems coping with e-Discovery such as ESI administration or information preservation. In this paper, component technologies for all steps of e-Discovery are described in detail, and as a prototype of preparing system for e-Discovery, agent-based information management and control system being able to manage ESI stored at some computers centrally and respond rapidly on demand, extracting discoveryrelated data using digital forensic technologies, are introduced. Apart from fundamental searching and analysing functions, this system can detect user’s abnormal behaviours, generate forensic images remotely, and have a function of controlling related files.
DOI
10.4225/75/57b2bf1940cee
Comments
9th Australian Digital Forensics Conference, Edith Cowan University, Perth Western Australia, 5th -7th December 2011