A Case Based Reasoning System for Automated Forensic Examinations.

While still relatively young the use of digital forensics in criminal investigations is increasing. This has prompted law enforcement agencies to look at developing more efficient techniques for investigating digital media. Triage tools are seen as the next generation of digital forensics investigatory technologies. However, such tools are still lacking basic decision support mechanisms, and still require some form of human intervention. The authors propose to use a case based reasoning system to record and store digital forensics examinations. It is suggested that when coupled with knowledge based reasoning methods, a system would be a fully automated decision aide for digital forensic examinations. In outlining this proposal, this paper will review automation,

[1]  Gary C. Kessler,et al.  The growing need for on-scene triage of mobile devices , 2010, Digit. Investig..

[2]  Eugene Santos,et al.  Implicitly preserving semantics during incremental knowledge base acquisition under uncertainty , 2003, Int. J. Approx. Reason..

[3]  Sangjin Lee,et al.  Applying a Stepwise Forensic Approach to Incident Response and Computer Usage Analysis , 2009, 2009 2nd International Conference on Computer Science and its Applications.

[4]  Malrey Lee,et al.  A study of an automatic learning model of adaptation knowledge for case base reasoning , 2003, Inf. Sci..

[5]  Marcus K. Rogers The role of criminal profiling in the computer forensics process , 2003, Comput. Secur..

[6]  John Kingston High Performance Knowledge Bases: four approaches to knowledge acquisition, representation and reasoning for workaround planning , 2001, Expert Syst. Appl..

[7]  Agnar Aamodt,et al.  Case-Based Reasoning: Foundational Issues, Methodological Variations, and System Approaches , 1994, AI Commun..

[8]  William G. Perry Information Warfare: Assuring Digital Intelligence Collection , 2009 .

[9]  Steve Gold Cover Story: The black art of digital forensics , 2009 .

[10]  Jan H. P. Eloff,et al.  Considerations Towards a Cyber Crime Profiling System , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[11]  J. Leon Zhao,et al.  A case-based reasoning framework for workflow model management , 2004, Data Knowl. Eng..

[12]  Doris L. Carver,et al.  Weaving ontologies to support digital forensic analysis , 2009, 2009 IEEE International Conference on Intelligence and Security Informatics.

[13]  Greg Gogolin The Digital Crime Tsunami , 2010, Digit. Investig..

[14]  Jean-Marc Petit,et al.  Web Intelligence and Intelligent Agent Technology , 2011 .

[15]  Daniel Ayers,et al.  A second generation computer forensic analysis system , 2009, Digit. Investig..

[16]  Kishan G. Mehrotra,et al.  Elements of artificial neural networks , 1996 .

[17]  Célia Ghedini Ralha,et al.  A Cooperative Multi-agent Approach to Computer Forensics , 2008, 2008 IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology.

[18]  Vasile Palade,et al.  A Knowledge Base for the maintenance of knowledge extracted from web data , 2007, Knowl. Based Syst..

[19]  Joaquim Celestino Júnior,et al.  Autonomic Forensics a New Frontier to Computer Crime Investigation Management , 2009 .

[20]  Paul Hunton,et al.  The stages of cybercrime investigations: Bridging the gap between technology examination and law enforcement investigation , 2011, Comput. Law Secur. Rev..

[21]  Expedito Carlos Lopes,et al.  A Decision Support Methodology for the Control of Alternative Penalties - A Case-Based Reasoning Approach , 2009, 2009 International Conference on Information, Process, and Knowledge Management.

[22]  Eugene H. Spafford,et al.  Automated Digital Evidence Target Definition Using Outlier Analysis and Existing Evidence , 2005, DFRWS.

[23]  Dongdai Lin,et al.  A Method for Locating Digital Evidences with Outlier Detection Using Support Vector Machine , 2008, Int. J. Netw. Secur..

[24]  Maite López-Sánchez,et al.  Adaptive case-based reasoning using retention and forgetting strategies , 2011, Knowl. Based Syst..

[25]  Andrew Sheldon The future of forensic computing , 2005, Digit. Investig..

[26]  Marcus K. Rogers,et al.  Computer Forensics Field Triage Process Model , 2006, J. Digit. Forensics Secur. Law.

[27]  David E. Millard,et al.  Automatic Ontology-Based Knowledge Extraction from Web Documents , 2003, IEEE Intell. Syst..

[28]  Marcus K. Rogers,et al.  Self-reported computer criminal behavior: A psychological analysis , 2006, Digit. Investig..

[29]  G. Palermo,et al.  Constructing Bayesian networks for criminal profiling from limited data , 2008, Knowl. Based Syst..

[30]  Norhayati Daut,et al.  Development of expert system for identifying dolphin’s species in Malaysian fisheries using PROLOG , 2008, 2008 International Symposium on Information Technology.

[31]  Winn Schwartau Information Warfare , 1996, Encyclopedia of Public Administration and Public Policy, Third Edition.

[32]  George M. Mohay,et al.  Detection of Anomalies from User Profiles Generated from System Logs , 2011, AISC.

[33]  L GarfinkelSimson Digital forensics research , 2010 .

[34]  Ruibin Gong,et al.  Case-Relevance Information Investigation: Binding Computer Intelligence to the Current Computer Forensic Framework , 2005, Int. J. Digit. EVid..

[35]  E R WEINERMAN,et al.  EFFECTS OF MEDICAL "TRIAGE" IN HOSPITAL EMERGENCY SERVICE. , 1965, Public health reports.

[36]  Eoghan Casey,et al.  Moving forward in a changing landscape , 2006, Digit. Investig..

[37]  Simson L. Garfinkel,et al.  Digital forensics research: The next 10 years , 2010, Digit. Investig..

[38]  Harry Parsonage,et al.  Computer Forensics Case Assessment and Triage - some ideas for discussion , 2010 .

[39]  Avelino J. Gonzalez,et al.  Validation and verification of intelligent systems - what are they and how are they different? , 2000, J. Exp. Theor. Artif. Intell..

[40]  Johan Scholtz,et al.  Towards an Automated Digital Data Forensic Model with specific reference to Investigation Processes , 2010 .

[41]  Bart W. Schermer,et al.  The limits of privacy in automated profiling and data mining , 2011, Comput. Law Secur. Rev..

[42]  Eugene Santos,et al.  On automatic knowledge validation for Bayesian knowledge bases , 2008, Data Knowl. Eng..

[43]  Kamesh Namuduri,et al.  Forensic Profiling System , 2005, IFIP Int. Conf. Digital Forensics.

[44]  Suresh Kumar,et al.  A contemporary approach to hybrid expert systems case base reasoning , 2010, 2010 International Conference on Computer and Communication Technology (ICCCT).

[45]  Nick Nykodym,et al.  Criminal profiling and insider cyber crime , 2005, Digit. Investig..