• DocumentCode
    175412
  • Title

    Automatic Timeline Construction and Analysis for Computer Forensics Purposes

  • Author

    Chabot, Yoan ; Bertaux, Aurlie ; Nicolle, Christophe ; Kechadi, Tahar

  • Author_Institution
    Lab. LE2I, Univ. de Bourgogne, Dijon, France
  • fYear
    2014
  • fDate
    24-26 Sept. 2014
  • Firstpage
    276
  • Lastpage
    279
  • Abstract
    To determine the circumstances of an incident, investigators need to reconstruct events that occurred in the past. The large amount of data spread across the crime scene makes this task very tedious and complex. In particular, the analysis of the reconstructed timeline, due to the huge quantity of events that occurred on a digital system, is almost impossible and leads to cognitive overload. Therefore, it becomes more and more necessary to develop automatic tools to help or even replace investigators in some parts of the investigation. This paper introduces a multi-layered architecture designed to assist the investigative team in the extraction of information left in the crime scene, the construction of the timeline representing the incident and the interpretation of this latter.
  • Keywords
    digital forensics; automatic timeline analysis; automatic timeline construction; cognitive overload; computer forensics; crime scene; digital system; event reconstruction; multilayered architecture; Browsers; Computer architecture; Data mining; Digital forensics; Ontologies; Semantics; Software; Digital Forensics; Event Reconstruction; Ontology; Timeline Analysis;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Intelligence and Security Informatics Conference (JISIC), 2014 IEEE Joint
  • Conference_Location
    The Hague
  • Print_ISBN
    978-1-4799-6363-8
  • Type

    conf

  • DOI
    10.1109/JISIC.2014.54
  • Filename
    6975591
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=175412