I will be presenting at the SANS APAC DFIR Summit 2024 on 6th September 2024 (Friday). The abstract of my talk is as follows:
Digital investigations are often fraught with complexities, particularly on modern platforms such as smart city infrastructure, where threats, cybercrime and digital evidence may need to be clearly defined. In such complex environments, the ability to share evidence and work collaboratively while consistently understanding the environment is essential for investigators. This presentation showcases the Smart City Ontological Paradigm Expression (SCOPE). SCOPE is an extended ontology from the Unified Cyber Ontology (UCO) and Cyber-investigation Analysis Standard Expression (CASE) that enables digital forensic investigators to handle future cybercrime and incidents occurring within smart city infrastructure. It aims to support coordinated cyber investigations and tool interoperability for smart city cybercrime/attacks. A technology-agnostic definition of a smart city and possible threats and evidence sources that could be derived will be shared. Following that, we will showcase how SCOPE could represent attacks, threats, cybercrime and evidence on smart city infrastructure via an incident scenario modelled after publicly reported real-world incidents attributed to Advanced Persistent Threat (APT) groups. Finally, we will release the ontology to advance digital forensics research on smart city infrastructure.
This summit is free for all to attend virtually, along with presentations on other aspects of digital forensics. If you are interested, please register on the page or directly at this link.