The traditional clustering methods ignores the relationship between forensic evidence and connotation between the various forensic data, in order to improve the efficiency of computer forensics data analysis, get satisfactory clustering results, this paper proposes an ontology-based clustering analysis method, Studies on the forensic data preprocessing and concept extraction method, improve the calculation method of concept similarity, bring about a clustering method based on semantic similarity and ontology. Experiments show that the clustering method greatly reduce the amount of data to be processed on the basis of the clustering accuracy, achieve clustering analysis of forensics data on the conceptual level, help to analyze forensics data and find evidence more efficiently.
[1]
Lukasz Saganowski,et al.
Statistical and signal‐based network traffic recognition for anomaly detection
,
2012,
Expert Syst. J. Knowl. Eng..
[2]
Liu Lin.
Research on clustering algorithms and clustering ensemble algorithms
,
2011
.
[3]
V. R. Benjamins,et al.
Overview of Knowledge Sharing and Reuse Components: Ontologies and Problem-Solving Methods
,
1999,
IJCAI 1999.
[4]
Ji-Gui Sun,et al.
Clustering Algorithms Research
,
2008
.
[5]
J. MacQueen.
Some methods for classification and analysis of multivariate observations
,
1967
.