Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CN
1999
1999
Intrusion detection systems as evidence
: Although the main aim of IDSs is to detect intrusions to prompt evasive measures, a further aim can be to supply evidence in criminal and civil legal proceedings. However the features that make a ID product good at providing early warning may render it less useful as an evidenceacquisition tool. An explanation is provided of admissibility and weight, the two determinants in the legal acceptability of evidence. The problems the courts have in dealing with novel scientific evidence and the differences between "scientific"and "legal"proof are discussed. Criteria for the evaluation of IDSs as sources of legal evidence are proposed, including preservation of evidence, continuity of evidence and transparency of forensic method. It is suggested that the key to successful prosecution of complex intrusions is the finding of multiple independent streams of evidence which corroborate one another. The USAF Rome Labs intrusion of early 1994 is used as a casestudy to show how d...
Real-time TrafficRelated Content
| Added | 22 Dec 2010 |
| Updated | 22 Dec 2010 |
| Type | Journal |
| Year | 1999 |
| Where | CN |
| Authors | Peter Sommer |
Comments (0)
Researcher Info
|
