A Fuzzy Expert System for Network Forensics

The field of digital forensic science emerged as a response to the growth of a computer crime. Digital forensics is the art of discovering and retrieving information about a crime in such a way to make digital evidence admissible in court. Especially, network forensics is digital forensic science in networked environments. The more network traffic, the harder network analyzing. Therefore, we need an effective and automated analyzing system for network forensics. In this paper, we develop a fuzzy logic based expert system for network forensics that can analyze computer crimes in networked environments and make digital evidences automatically. This system can provide an analyzed information for forensic experts and reduce the time and cost of forensic analysis.

[1]  Michio Sugeno,et al.  Fuzzy identification of systems and its applications to modeling and control , 1985, IEEE Transactions on Systems, Man, and Cybernetics.

[2]  T. Ross Fuzzy Logic with Engineering Applications , 1994 .

[3]  Lotfi A. Zadeh,et al.  Fuzzy Sets , 1996, Inf. Control..

[4]  H. Zimmermann,et al.  Fuzzy Set Theory and Its Applications , 1993 .

[5]  Magne Setnes,et al.  Rule-based modeling: precision and transparency , 1998, IEEE Trans. Syst. Man Cybern. Part C.

[6]  Hans-Jürgen Zimmermann,et al.  Fuzzy Set Theory - and Its Applications , 1985 .

[7]  Keith J. Jones,et al.  10th USENIX Security Symposium , 2001, login Usenix Mag..

[8]  Salvatore J. Stolfo,et al.  Data Mining Approaches for Intrusion Detection , 1998, USENIX Security Symposium.