Registration, classification and presentation of digital forensics and incident response tools
The objective of this thesis is to record, categorize and present the tools available, freely and commercially, for the needs of digital forensics and security incident response process. Initially, this study presents the structure of the security incident response team and, then, the procedures and techniques applicable for a successful response to a security incident. The same procedure is followed for the digital forensics team. Afterwards, the specific procedures, that should be followed for the collection and processing of electronic evidence in order to be valid for legal use, are analyzed. Then, an overview of the legal framework within the EU, surrounding the security incident response and digital forensics procedures, is presented. Next is presented the structure of the web page created containing the collection of forensics tools categorized according to their functionality. Finally, some tools for digital forensics and security incident response are presented and categorized according to their functionality.