{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T19:38:03Z","timestamp":1743104283431,"version":"3.40.3"},"publisher-location":"Cham","reference-count":33,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319992761"},{"type":"electronic","value":"9783319992778"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-99277-8_2","type":"book-chapter","created":{"date-parts":[[2018,8,30]],"date-time":"2018-08-30T01:58:12Z","timestamp":1535594292000},"page":"11-33","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Challenges, Opportunities and a Framework for Web Environment Forensics"],"prefix":"10.1007","author":[{"given":"Mike","family":"Mabey","sequence":"first","affiliation":[]},{"given":"Adam","family":"Doup\u00e9","sequence":"additional","affiliation":[]},{"given":"Ziming","family":"Zhao","sequence":"additional","affiliation":[]},{"given":"Gail-Joon","family":"Ahn","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,8,30]]},"reference":[{"unstructured":"S. Barnum, Standardizing Cyber Threat Intelligence Information with the Structured Threat Information Expression (STIX), Technical Report, MITRE Corporation, Bedford, Massachusetts, 2014.","key":"2_CR1"},{"doi-asserted-by":"crossref","unstructured":"D. Birk and C. Wegener, Technical issues of forensic investigations in cloud computing environments, Proceedings of the Sixth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering, 2011.","key":"2_CR2","DOI":"10.1109\/SADFE.2011.17"},{"unstructured":"F. Buchholz and C. Falk, Design and implementation of Zeitline: A forensic timeline editor, Proceedings of the Digital Forensics Research Workshop, 2005.","key":"2_CR3"},{"doi-asserted-by":"crossref","unstructured":"F. Buchholz and E. Spafford, On the role of file system metadata in digital forensics, Digital Investigation, vol. 1(4), pp. 298\u2013309, 2004.","key":"2_CR4","DOI":"10.1016\/j.diin.2004.10.002"},{"doi-asserted-by":"crossref","unstructured":"A. Case, A. Cristina, L. Marziale, G. Richard and V. Roussev, FACE: Automated digital evidence discovery and correlation, Digital Investigation, vol. 5(S), pp. S65\u2013S75, 2008.","key":"2_CR5","DOI":"10.1016\/j.diin.2008.05.008"},{"doi-asserted-by":"crossref","unstructured":"E. Casey, G. Back and S. Barnum, Leveraging CybOX to standardize representation and exchange of digital forensic information, Digital Investigation, vol. 12(S1), pp. S102\u2013S110, 2015.","key":"2_CR6","DOI":"10.1016\/j.diin.2015.01.014"},{"doi-asserted-by":"crossref","unstructured":"E. Casey, S. Barnum, R. Griffith, J. Snyder, H. van Beek and A. Nelson, Advancing coordinated cyber-investigations and tool interoperability using a community developed specification language, Digital Investigation, vol. 22, pp. 14\u201345, 2017.","key":"2_CR7","DOI":"10.1016\/j.diin.2017.08.002"},{"doi-asserted-by":"crossref","unstructured":"Y. Chabot, A. Bertaux, C. Nicolle and T. Kechadi, A complete formalized knowledge representation model for advanced digital forensics timeline analysis, Digital Investigation, vol. 11(S2), pp. S95\u2013S105, 2014.","key":"2_CR8","DOI":"10.1016\/j.diin.2014.05.009"},{"doi-asserted-by":"crossref","unstructured":"M. Cohen, S. Garfinkel and B. Schatz, Extending the advanced forensic format to accommodate multiple data sources, logical evidence, arbitrary information and forensic workflow, Digital Investigation, vol. 6(S), pp. S57\u2013S68, 2009.","key":"2_CR9","DOI":"10.1016\/j.diin.2009.06.010"},{"unstructured":"Common Digital Evidence Storage Format Working Group, Survey of Disk Image Storage Formats, Version 1.0, Digital Forensic Research Workshop (www.dfrws.org\/sites\/default\/files\/survey-dfrws-cdesf-diskimg-01.pdf), 2006.","key":"2_CR10"},{"doi-asserted-by":"crossref","unstructured":"J. Dykstra and A. Sherman, Acquiring forensic evidence from infrastructure-as-a-service cloud computing: Exploring and evaluating tools, trust and techniques, Digital Investigation, vol. 9(S), pp. S90\u2013S98, 2012.","key":"2_CR11","DOI":"10.1016\/j.diin.2012.05.001"},{"doi-asserted-by":"crossref","unstructured":"S. Garfinkel, Digital forensics XML and the DFXML toolset, Digital Investigation, vol. 8(3-4), pp. 161\u2013174, 2012.","key":"2_CR12","DOI":"10.1016\/j.diin.2011.11.002"},{"unstructured":"J. Hyde and B. Moran, Alexa, are you Skynet? presented at the SANS Digital Forensics and Incident Response Summit, 2017.","key":"2_CR13"},{"unstructured":"Legal Information Institute, Doctrine of completeness, in Wex Legal Dictionary\/Encyclopedia, Cornell University Law School, Ithaca, New York, 2018.","key":"2_CR14"},{"doi-asserted-by":"crossref","unstructured":"M. Mabey, A. Doup\u00e9, Z. Zhao and G. Ahn, dbling: Identifying extensions installed on encrypted web thin clients, Digital Investigation, vol. 18(S), pp. S55\u2013S65, 2016.","key":"2_CR15","DOI":"10.1016\/j.diin.2016.04.007"},{"doi-asserted-by":"crossref","unstructured":"F. Marturana and S. Tacconi, A machine-learning-based triage methodology for automated categorization of digital media, Digital Investigation, vol. 10(2), pp. 193\u2013204, 2013.","key":"2_CR16","DOI":"10.1016\/j.diin.2013.01.001"},{"doi-asserted-by":"crossref","unstructured":"R. Marty, Cloud application logging for forensics, Proceedings of the ACM Symposium on Applied Computing, pp. 178\u2013184, 2011.","key":"2_CR17","DOI":"10.1145\/1982185.1982226"},{"unstructured":"MITRE Corporation, Cyber Observable Expression (CybOX) Archive Website, Bedford, Massachusetts (cybox.mitre.org), 2017.","key":"2_CR18"},{"doi-asserted-by":"crossref","unstructured":"S. Murtuza, R. Verma, J. Govindaraj and G. Gupta, A tool for extracting static and volatile forensic artifacts of Windows 8.x apps, in Advances in Digital Forensics XI, G. Peterson and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 305\u2013320, 2015.","key":"2_CR19","DOI":"10.1007\/978-3-319-24123-4_18"},{"unstructured":"National Institute of Standards and Technology, National Software Reference Library (NSRL), Gaithersburg, Maryland (www.nist.gov\/software-quality-group\/national-software-reference-library-nsrl), 2018.","key":"2_CR20"},{"doi-asserted-by":"crossref","unstructured":"J. Olsson and M. Boldt, Computer forensic timeline visualization tool, Digital Investigation, vol. 6(S), pp. S78\u2013S87, 2009.","key":"2_CR21","DOI":"10.1016\/j.diin.2009.06.008"},{"doi-asserted-by":"crossref","unstructured":"J. Paglierani, M. Mabey and G. Ahn, Towards comprehensive and collaborative forensics on email evidence, Proceedings of the Ninth International Conference on Collaborative Computing: Networking, Applications and Worksharing, pp. 11\u201320, 2013.","key":"2_CR22","DOI":"10.4108\/icst.collaboratecom.2013.254125"},{"unstructured":"J. Rajewski, Internet of Things forensics, presented at the Endpoint Security, Forensics and eDiscovery Conference, 2017.","key":"2_CR23"},{"doi-asserted-by":"crossref","unstructured":"A. Reed and M. Kranch, Identifying HTTPS-protected Netflix videos in real-time, Proceedings of the Seventh ACM Conference on Data and Application Security and Privacy, pp. 361\u2013368, 2017.","key":"2_CR24","DOI":"10.1145\/3029806.3029821"},{"unstructured":"K. Reitz, Maya: Datetimes for Humans (github.com\/kennethreitz\/maya), 2018.","key":"2_CR25"},{"doi-asserted-by":"crossref","unstructured":"V. Roussev, A. Barreto and I. Ahmed, API-based forensic acquisition of cloud drives, in Advances in Digital Forensics XII, G. Peterson and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 213\u2013235, 2016.","key":"2_CR26","DOI":"10.1007\/978-3-319-46279-0_11"},{"doi-asserted-by":"crossref","unstructured":"K. Ruan, J. Carthy, T. Kechadi and M. Crosbie, Cloud forensics, in Advances in Digital Forensics VII, G. Peterson and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 35\u201346, 2011.","key":"2_CR27","DOI":"10.1007\/978-3-642-24212-0_3"},{"doi-asserted-by":"crossref","unstructured":"B. Schneier and J. Kelsey, Secure audit logs to support computer forensics, ACM Transactions on Information and System Security, vol. 2(2), pp. 159\u2013176, 1999.","key":"2_CR28","DOI":"10.1145\/317087.317089"},{"unstructured":"J. Stadlinger and A. Dewald, Email Communication Visualization in (Forensic) Incident Analysis, ENRW Whitepaper 59, Enno Rey Netzwerke, Heidelberg, Germany, 2017.","key":"2_CR29"},{"unstructured":"Z. Syed, A. Padia, T. Finin, L. Mathews and A. Joshi, UCO: A unified cybersecurity ontology, Proceedings of the Workshop on Artificial Intelligence for Cyber Security at the Thirtieth AAAI Conference on Artificial Intelligence, pp. 195\u2013202, 2016.","key":"2_CR30"},{"doi-asserted-by":"crossref","unstructured":"C. Tassone, B. Martini and K. Choo, Forensic visualization: Survey and future research directions, in Contemporary Digital Forensic Investigations of Cloud and Mobile Applications, K. Choo and A. Dehghantanha (Eds.), Elsevier, Cambridge, Massachusetts, pp. 163\u2013184, 2017.","key":"2_CR31","DOI":"10.1016\/B978-0-12-805303-4.00011-3"},{"unstructured":"S. Vandeven, Forensic Images: For Your Viewing Pleasure, InfoSec Reading Room, SANS Institute, Bethesda, Maryland, 2014.","key":"2_CR32"},{"doi-asserted-by":"crossref","unstructured":"O. Vermaas, J. Simons and R. Meijer, Open computer forensic architecture as a way to process terabytes of forensic disk images, in Open Source Software for Digital Forensics, E. Huebner and S. Zanero (Eds.), Springer, Boston, Massachusetts, pp. 45\u201367, 2010.","key":"2_CR33","DOI":"10.1007\/978-1-4419-5803-7_4"}],"container-title":["IFIP Advances in Information and Communication Technology","Advances in Digital Forensics XIV"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-99277-8_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,8,29]],"date-time":"2022-08-29T00:02:50Z","timestamp":1661731370000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-99277-8_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319992761","9783319992778"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-99277-8_2","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"type":"print","value":"1868-4238"},{"type":"electronic","value":"1868-422X"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"30 August 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DigitalForensics","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on Digital Forensics","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"New Delhi","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3 January 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5 January 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"digitalforensics2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.ifip119.org\/Conferences\/WG11-9-CFP-2018.pdf","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}