In this paper, the authors propose a modification of CERT's 3 R model to include a 4 th R, the discipline of Redress, identified as a necessary step to end the hacker arms race. Redress will require implementation of computer forensic investigation methods, tools and techniques that will permit evidence gathered to be admissible in a court of law, a standard not often understood or followed by many who are responsible for securing networks today. This leads the authors to conclude that there is a need for future work that will involve re-examination of the mechanisms and procedures used to collect evidence of network intrusions in order to ensure that the Rules of Evidence requirements are considered.
Revised: May 5, 2011 |
Published: January 1, 2006
Citation
Endicott-Popovsky B.E., and D.A. Frincke. 2006.Adding the Fourth "R": A Systems Approach to Solving the Hacker's Arms Race. In Proceedings of the 39th Hawaii International Conference on Systems Science (HICSS39), January 4-7, 2006, Kauai, HI. Los Alamitos, California:IEEE Computer Society.PNNL-SA-47411.