{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,13]],"date-time":"2025-10-13T22:43:08Z","timestamp":1760395388371,"version":"build-2065373602"},"publisher-location":"Cham","reference-count":21,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030883805"},{"type":"electronic","value":"9783030883812"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-88381-2_1","type":"book-chapter","created":{"date-parts":[[2021,10,14]],"date-time":"2021-10-14T14:42:13Z","timestamp":1634222533000},"page":"3-19","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["DIGITAL FORENSIC ACQUISITION KILL CHAIN \u2013 ANALYSIS AND DEMONSTRATION"],"prefix":"10.1007","author":[{"given":"Gunnar","family":"Alendal","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Geir Olav","family":"Dyrkolbotn","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Stefan","family":"Axelsson","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2021,10,15]]},"reference":[{"key":"1_CR1","doi-asserted-by":"crossref","unstructured":"R. Adams, V. Hobbs and G. Mann, The Advanced Data Acquisition Model (ADAM): A process model for digital forensic practice, Journal of Digital Forensics, Security and Law, vol. 8(4), pp. 25\u201348, 2012.","DOI":"10.15394\/jdfsl.2013.1154"},{"key":"1_CR2","doi-asserted-by":"crossref","unstructured":"A. Al-Dhaqm, S. Razak, R. Ikuesan, V. Kebande and K. Siddique, A review of mobile forensic investigation process models, IEEE Access, vol. 8, pp. 173359\u2013173375, 2020.","DOI":"10.1109\/ACCESS.2020.3014615"},{"key":"1_CR3","unstructured":"H. Arshad, A. bin Jantan and O. Abiodun, Digital forensics: Review of issues in scientific validation of digital evidence, Journal of Information Processing Systems, vol. 14(2), pp. 346\u2013376, 2018."},{"key":"1_CR4","doi-asserted-by":"crossref","unstructured":"R. Ayers, S. Brothers and W. Jansen, Guidelines on Mobile Device Forensics, NIST Special Publication 800-101, Revision 1, National Institute of Standards and Technology, Gaithersburg, Maryland, 2014.","DOI":"10.6028\/NIST.SP.800-101r1"},{"key":"1_CR5","doi-asserted-by":"crossref","unstructured":"A. Balogun and S. Zhu, Privacy impacts of data encryption on the efficiency of digital forensics technology, International Journal of Advanced Computer Science and Applications, vol. 4(5), pp. 36\u201340, 2013.","DOI":"10.14569\/IJACSA.2013.040506"},{"key":"1_CR6","unstructured":"S. Caltagirone, A. Pendergast and C. Betz, The Diamond Model of Intrusion Analysis, Technical Report ADA586960, Center for Cyber Threat Intelligence and Threat Research, Hanover, Maryland, 2013."},{"key":"1_CR7","unstructured":"E. Casey, Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet, Elsevier, Waltham, Massachusetts, 2011."},{"key":"1_CR8","unstructured":"M. Daniel, Heartbleed: Understanding when we disclose cyber vulnerabilities, White House Blog, The White House, Washington, D.C. (obamawhitehouse.archives.gov\/blog\/2014\/04\/28\/heartbleed-understanding-when-we-disclose-cyber-vulner\u00a0abilities), April 28, 2014."},{"key":"1_CR9","doi-asserted-by":"crossref","unstructured":"S. Garfinkel, Digital forensics research: The next 10 years, Digital Investigation, vol. 7(S), pp. S64\u2013S73, 2010.","DOI":"10.1016\/j.diin.2010.05.009"},{"key":"1_CR10","unstructured":"E. Hutchins, M. Cloppert and R. Amin, Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains, in Leading Issues in Information Warfare and Security Research, J. Ryan (Ed.), Academic Publishing, Reading, United Kingdom, pp. 80\u2013106, 2011."},{"key":"1_CR11","unstructured":"G. Ioannou, P. Louvieris, N. Clewley and G. Powell, A Markov multi-phase transferable belief model: An application for predicting data exfiltration APTs, Proceedings of the Sixteenth International Conference on Information Fusion, pp. 842\u2013849, 2013."},{"key":"1_CR12","doi-asserted-by":"crossref","unstructured":"M. Khan, S. Siddiqui and K. Ferens, A cognitive and concurrent cyber kill chain model, in Computer and Network Security Essentials, K. Daimi (Ed.), Springer, Cham, Switzerland, pp. 585\u2013602, 2018.","DOI":"10.1007\/978-3-319-58424-9_34"},{"key":"1_CR13","doi-asserted-by":"crossref","unstructured":"R. Luh, M. Temper, S. Tjoa and S. Schrittwieser, APT RPG: Design of a gamified attacker\/defender meta model, Proceedings of the Fourth International Conference on Information Systems Security and Privacy, pp. 526\u2013537, 2018.","DOI":"10.5220\/0006717805260537"},{"key":"1_CR14","unstructured":"D. McCullough, uCLinux for Linux programmers, Linux Journal, vol. 2004(123), article no. 7, 2004."},{"key":"1_CR15","doi-asserted-by":"crossref","unstructured":"R. McKemmish, When is digital evidence forensically sound? in Advances in Digital Forensics IV, I. Ray and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 3\u201315, 2008.","DOI":"10.1007\/978-0-387-84927-0_1"},{"key":"1_CR16","doi-asserted-by":"crossref","unstructured":"B. Messaoud, K. Guennoun, M. Wahbi and M. Sadik, Advanced persistent threat: New analysis driven by life cycle phases and their challenges, Proceedings of the International Conference on Advanced Communications Systems and Information Security, 2016.","DOI":"10.1109\/ACOSIS.2016.7843932"},{"key":"1_CR17","doi-asserted-by":"crossref","unstructured":"R. Montasari, A standardized data acquisition process model for digital forensic investigations, International Journal of Information and Computer Security, vol. 9(3), pp. 229\u2013249, 2017.","DOI":"10.1504\/IJICS.2017.085139"},{"key":"1_CR18","doi-asserted-by":"crossref","unstructured":"R. Montasari, R. Hill, V. Carpenter and A. Hosseinian-Far, The Standardized Digital Forensic Investigation Process Model (SDFIPM), in Blockchain and Clinical Trial, H. Jahankhani, S. Kendzierskyj, A. Jamal, G. Epiphaniou and H. Al-Khateeb (Eds.), Springer, Cham, Switzerland, pp. 169\u2013209, 2019.","DOI":"10.1007\/978-3-030-11289-9_8"},{"key":"1_CR19","doi-asserted-by":"crossref","unstructured":"T. Moore, A. Friedman and A. Procaccia, Would a \u201ccyber warrior\u201d protect us? Exploring trade-offs between attack and defense of information systems, Proceedings of the New Security Paradigms Workshop, pp. 85\u201394, 2010.","DOI":"10.1145\/1900546.1900559"},{"key":"1_CR20","unstructured":"B. Schneier, Disclosing vs. hoarding vulnerabilities, Schneier on Security Blog (www.schneier.com\/blog\/archives\/2014\/05\/disclosing_vs_h.html), May 22, 2014."},{"key":"1_CR21","unstructured":"The White House, Vulnerabilities Equities Policy and Process for the United States Government, Washington, D.C. (trumpwhitehouse.archives.gov\/sites\/whitehouse.gov\/files\/images\/External-UnclassifiedVEPCharterFINAL.PDF), November 15, 2017."}],"container-title":["IFIP Advances in Information and Communication Technology","Advances in Digital Forensics XVII"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-88381-2_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,13]],"date-time":"2025-10-13T22:04:35Z","timestamp":1760393075000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-88381-2_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030883805","9783030883812"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-88381-2_1","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"type":"print","value":"1868-4238"},{"type":"electronic","value":"1868-422X"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"15 October 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DigitalForensics","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on Digital Forensics","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1 February 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2 February 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"digitalforensics2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.ifip119.org\/Conferences\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}