论文信息 - Application of data fusion methodology for computer forensics dataset analysis to resolve data quality issues in predictive digital evidence

Application of data fusion methodology for computer forensics dataset analysis to resolve data quality issues in predictive digital evidence

The digital information systems have become increasingly complex and inex- tricably intertwined with the infrastructure of national, public, and private organizations. The forensic digital analysis as a whole, in its relative infancy, is the unwilling victim of the rapid advancement of computer technology, so it is at the mercy of ever more new and complex computing approaches. Forensic digital analysis is unique among the forensic sciences in that it is inherently mathematical and generally comprises more data from an investigation than is present in other types of forensics. The digital investigation process can be driven using numerous forensic investigation models. Among these is the need to analyze forensic materials over complex chains of evidence in a wide variety of hetero- geneous computing platforms. The current computer forensic investigation paradigm is laborious and requires significant expertise on the part of the investigators. This paper presents the application of JDL data fusion model in computer forensics for analyzing the information from seized hard drives along with an analysis of the inter- preted information to prove that the respective user has misused internet. This paper is an attempt to use the data fusion and decision mining processes, to help in enhancing the quality of the investigation process which is in turn is validated by statistical evalua- tion. The mining rules generation process is based on the decision tree as a classification method to study the main attributes that may help in detecting the suspicious behavior. A system that facilitates the use of the generated rules is built which allows investigating agencies to predict the suspicious behavior under study.

[1] James Llinas,et al. Multisensor Data Fusion , 1990 .

[2] Matthew Meyers,et al. Computer Forensics: The Need for Standardization and Certification , 2004, Int. J. Digit. EVid..

[3] H. Lipson. Tracking and Tracing Cyber-Attacks: Technical Challenges and Global Policy Issues , 2002 .

[4] Pramod K. Varshney,et al. Multisensor Data Fusion , 1997, IEA/AIE.

[5] Iu Qin. Data mining method based on computer forensics-based ID3 algorithm , 2010, 2010 2nd IEEE International Conference on Information Management and Engineering.

[6] Pascal Vasseur,et al. Introduction to Multisensor Data Fusion , 2005, The Industrial Information Technology Handbook.

[7] Jason V. Davis,et al. Cost-Sensitive Decision Tree Learning for Forensic Classification , 2006, ECML.

[8] Suneeta Satpathy,et al. A Digital Investigation Tool based on Data Fusion in Management of Cyber Security Systems , 2010 .

[9] Pieter Adriaans,et al. Data mining , 1996 .

[10] Jiawei Han,et al. Data Mining: Concepts and Techniques , 2000 .

[11] Juan Zamora,et al. Building Decision Trees to Identify the Intent of a User Query , 2009, KES.

[12] Felix Naumann,et al. Data fusion , 2009, CSUR.

[13] Nicole Beebe,et al. Dealing with Terabyte Data Sets in Digital Investigations , 2005 .

[14] Tom Killalea,et al. Guidelines for Evidence Collection and Archiving , 2002, RFC.