مرکز منطقه ای اطلاع رساني علوم و فناوري - Enhancing Computer Forensics Investigation through Visualisation and Data Exploitation

DocumentCode :

1924847

Title :

Enhancing Computer Forensics Investigation through Visualisation and Data Exploitation

Author :

Osborne, Grant ; Turnbull, Benjamin

Author_Institution :

Defence & Syst. Inst., Univ. of South Australia, Adelaide, SA

fYear :

2009

fDate :

16-19 March 2009

Firstpage :

1012

Lastpage :

1017

Abstract :

This paper focuses on establishing the need for new architectures on which to build visualisation systems that enhance computer forensic investigation of digital evidence. The issues surrounding processing of large quantities of digital evidence are established. In addition, the current state of visualisation and data analysis techniques for computer forensics are highlighted. This paper suggests need for new visualisation techniques in order to display data in familiar visual forms that facilitate efficient insight gaining into digital evidence. Visualisations techniques also require a source of processed data that contains context relevant information to present to an investigator. To this end this paper introduces the notion of data exploitation as a way to describe techniques that provide opportunistic data analysis across multiple sources of digital evidence. Data exploitation techniques provide normalisation techniques, event correlation, relationship extraction and investigative domain knowledge processing to occur across a set of evidence. This enables a visual representation of digital evidence to highlight relationships and events across many data sources, support an investigator throughout the entire data analysis process and enable an investigator to focus on the context of the current crime.

Keywords :

data analysis; data visualisation; security of data; computer forensics; data analysis techniques; data exploitation techniques; data visualisation systems; digital evidence; domain knowledge processing; normalisation techniques; Application software; Australia; Computer architecture; Computer displays; Data analysis; Data mining; Data visualization; Forensics; Humans; Portable computers; Computer Forensics; Data Exploitation; Digital Evidence; Visual Data Analysis; Visualisation;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Availability, Reliability and Security, 2009. ARES '09. International Conference on

Conference_Location :

Fukuoka

Print_ISBN :

978-1-4244-3572-2

Electronic_ISBN :

978-0-7695-3564-7

Type :

conf

DOI :

10.1109/ARES.2009.120

Filename :

5066603

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=1924847