论文信息 - A formal logic-based language and an automated verification tool for computer forensic investigation

A formal logic-based language and an automated verification tool for computer forensic investigation

In this paper, a formal logic-based language, called S-TLA+, is proposed for computer forensic investigation. It allows an unambiguous description of evidences, a modeling of the forensic expert knowledge in the form of hacking scenarios fragments, and a reasoning capability with uncertainty by filling in potential lack of data with hypotheses. The proposal is complemented by an automated formal verification tool, called S-TLC which helps exploring additional evidences and checks whether there are plausible hacking scenarios that meet the available evidences.

Noureddine Boudriga | Slim Rekhis | N. Boudriga | S. Rekhis

[1] Karl N. Levitt,et al. Automated analysis for digital forensic science: semantic integrity checking , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[2] Michael C. Tanner,et al. Automated diagnosis for computer forensics , 2002 .

[3] Nasir Memon,et al. Automatic Reassembly of Document Fragments via Data Compression , 2002 .

[4] Johan de Kleer,et al. An Assumption-Based TMS , 1987, Artif. Intell..

[5] Leslie Lamport,et al. Specifying Systems: The TLA+ Language and Tools for Hardware and Software Engineers [Book Review] , 2002, Computer.

[6] Leslie Lamport,et al. The temporal logic of actions , 1994, TOPL.

[7] Jeroen Keppens,et al. A model based reasoning approach for generating plausible crime scenarios from evidence , 2003, ICAIL.