Automated Digital Evidence Target Definition Using Outlier Analysis and Existing Evidence
نویسندگان
چکیده
Searching for digital evidence is a time consuming and error-prone process. In this paper, we introduce techniques to automate the searching process by suggesting what searches could be helpful. We also use data mining techniques to find files and directories created during the incident. The results from using these techniques on a compromised honeypot system are given and show that the data mining techniques detect a higher percentage of files than a random sampling would, but there are still many false positives. More research into the error rates of manual searches is needed to fully understand the impact of automated techniques.
منابع مشابه
Analyzing registry, log files, and prefetch files in finding digital evidence in graphic design applications
The products of graphic design applications leave behind traces of digital information which can be used during a digital forensic investigation in cases where counterfeit documents have been created. This paper analyzes the digital forensics involved in the creation of counterfeit documents. This is achieved by first recognizing the digital forensic artifacts left behind from the use of graphi...
متن کاملNovel Automated Method for Minirhizotron Image Analysis: Root Detection using Curvelet Transform
In this article a new method is introduced for distinguishing roots and background based on their digital curvelet transform in minirhizotron images. In the proposed method, the nonlinear mapping is applied on sub-band curvelet components followed by boundary detection using energy optimization concept. The curvelet transform has the excellent capability in detecting roots with different orient...
متن کاملمحورهای توسعه کتابخانههای دیجیتالی
Purpose: This paper tries to qualitatively present the issues related to axes of development in digital libraries, including human force, content, services, and technology, and provide a clear viewpoint in this regard by considering all existing aspects. Methodology: In this paper, all existing resources were used. Through citation (library) method, the related literature was studied and, besi...
متن کاملEvidence for Informing Health Policy Development in Low- Income Countries (LICS): Perspectives of Policy Actors in Uganda
Background Although there is a general agreement on the benefits of evidence informed health policy development given resource constraints especially in Low-Income Countries (LICs), the definition of what evidence is, and what evidence is suitable to guide decision-making is still unclear. Our study is contributing to filling this knowledge gap. We aimed to explore health policy actors’ views r...
متن کاملA Method for Locating Digital Evidences with Outlier Detection Using Support Vector Machine
One of the biggest challenges facing digital investigators is the sheer volume of data that must be searched in locating the digital evidence. How to efficiently locate the evidence relating to the computer crime while maintaining accuracy is becoming a research focus. In this paper, we introduce a two-tier method to automate the process of locating the digital evidence, which first employ a on...
متن کامل