Searching for IOCs in Forensic Evidence

Published in: Engineering, Integration, and Alliances for a Sustainable Development. Hemispheric Cooperation for Competitiveness and Prosperity on a Knowledge-Based Economy: Proceedings of the 18th LACCEI International Multi-Conference for Engineering, Education and Technology
Date of Conference: July 27-31, 2020
Location of Conference: Virtual
Authors: Santiago Trigo (Universidad FASTA, AR)
Ariel Podestá (Universidad FASTA, AR)
Gonzalo Ruiz de Angeli (Universidad FASTA, AR)
Bruno Constanzo (Universidad FASTA, AR)
Hugo Curti (Universidad FASTA, AR)
Juan Ignacio Alberdi (Universidad FASTA, AR)
Martín Castellote (Universidad FASTA, AR)
Ana Haydée Di Iorio (Universidad FASTA, AR)
Full Paper: #647


The rise of digital crime as an inevitable consequence of the transversality of technology in all aspects of life has generated until today -and will keep doing so in the future- the need for the Justice to have adequate tools to give answers to society. Digital Forensics is the branch of forensics sciences that provides the means to find solutions in crimes where technology takes a key role, be it as a method, mean or end. One of the biggest challenges in this discipline is when potentially unknown malware is involved in the case. As malware can be varied in characteristics and the threats it poses, its analysis is difficult, and drawing conclusions challenging. For this reason, it is imperative to have a guideline that provides a valid framework to act upon and analyze digital evidence originating from a malware infected device and obtain conclusive indicators that enrich the experts witness work.