• PDF / 77,969 Bytes
• 4 Pages / 439.37 x 666.142 pts Page_size
• 10 Downloads / 214 Views

DOWNLOAD

REPORT

Department of Computer Science and Engineering, Seoul National University of Science and Technology, Seoul 139-743, Republic of Korea {erik.miranda,jhpark1}@seoultech.ac.kr 2 Department of Division of Computer and Media, Mokwon University, Daejeon 35349, Republic of Korea [email protected]

Abstract. Digital forensics is an essential discipline for both law enforcement agencies and businesses. It makes possible to investigate electronic related crimes aka cybercrime such as fraud, industrial espionage and computer misuse. However, encryption, anti-forensic tools and the ever increasing amount of volume of data to analyse creates a wide range of challenges to overcome. Fortunately, other computer fields can be applied to overcome those challenges. This paper will explore some data mining techniques to address most common issues in Digital Forensics. Keywords: Digital Forensics extraction
Classification




Data mining




Deviation detection




Entity

1 Introduction Information Technology is being abused as an instrument for criminal activity and Digital Forensics (DF), also called Forensic Computing, is the use of computer technologies to investigate such offenses. DF investigations are not limited to law enforcement agencies though. In the private-sector, businesses use DF to investigate email abuse, employee terminations and industrial espionage cases [1]. Forensic computing is a relatively new discipline with still many challenges to overcome. Challenges range from lack of standards and tools, the never ending increase of data volume and the high complexity of data analysis in investigations. Data mining, with its data analysis techniques to discover interesting patterns, can be used to aid DF practitioners. Data found on evidence can be analysed with statistical methods, machine learning and data mining algorithms. These data mining techniques are being applied to solve some of the main challenges found in forensic investigations. The aim of this paper is to explore the challenges that DF is currently facing and discuss some data mining techniques that are used to facilitate forensic investigations with large datasets. The data mining techniques reviewed in this paper are deviation detection, entity extraction and classification. There are a number of definitions for digital forensics. As defined by computerforensicsworld.com [2], DF is the discipline that involves the use of “analytical and © Springer Nature Singapore Pte Ltd. 2017 J.J. (Jong Hyuk) Park et al. (eds.), Advances in Computer Science and Ubiquitous Computing, Lecture Notes in Electrical Engineering 421, DOI 10.1007/978-981-10-3023-9_58

Data Mining Techniques to Facilitate Digital Forensics Investigations

377

investigative techniques to identify, collect, examine and preserve evidence/information which is magnetically stored or encoded”. McKemmish [3] presented DF as the “process of identifying, preserving, analysing and presenting digital evidence in a manner that is legally acceptable”. US-CERT [4] has its own definition too: “The discipline t

Recommend Documents

Digital Image Forensics-Image Verification Techniques

235 11 31MB

Advanced Data Mining Techniques

237 50 4MB

Digital Forensics for Drones: A Study of Tools and Techniques

192 22 7MB

Advances in Digital Forensics IV

204 93 5MB

Artificial Intelligence And Digital Forensics

202 67 5MB

Data Mining Concepts, Models and Techniques

257 47 17MB

Data Mining Techniques for the Life Sciences

222 45 9MB

Data Mining Techniques for the Life Sciences

231 103 18MB

Using Association Rules Mining to Facilitate Qualitative Data Analysis in Theory Building

152 28 7MB

Cybercrime, Digital Forensics and Jurisdiction

209 109 3MB

From Fingers to Faces: Visual Semiotics and Digital Forensics

183 1 680KB

Guide to Digital Forensics A Concise and Practical Introduction

189 17 5MB