DocumentCode
3371103
Title
Cyber Criminal Activity Analysis Models using Markov Chain for Digital Forensics
Author
Kim, Do Hoon ; In, Hoh Peter
Author_Institution
Korea Univ., Seoul
fYear
2008
fDate
24-26 April 2008
Firstpage
193
Lastpage
198
Abstract
Recognizing links between offender patterns is one of the most crucial skills of an investigator. Early recognition of similar patterns can lead to focusing resources, improving clearance rates, and ultimately saving lives in terms of digital forensics. In this paper we propose a forensics methodology using Markov chain during a given time interval for tracking and predicting the degree of criminal activity as it evolves over time. In other words, we describe intrusion scenario, and classify profiling of user´s behavior by prior probability based Markov chain. Also, we apply the noise page elimination algorithm (NPEA) to reduce an error of probability prediction. Finally, we have experiment our model on dataset and have analysis their accuracy by Monte Carlo simulation.
Keywords
Markov processes; computer crime; pattern recognition; Markov chain; Monte Carlo simulation; cyber criminal activity analysis; digital forensics; noise page elimination algorithm; pattern recognition; probability prediction; user behavior profiling; Bayesian methods; Digital forensics; Hidden Markov models; Inference algorithms; Information analysis; Information security; Pattern recognition; Probability; Sockets; Web pages; Data Mining; Digital Forensics; Markov Chian; Monte Carlo Simulation; Noise Page Elimination Algorithm;
fLanguage
English
Publisher
ieee
Conference_Titel
Information Security and Assurance, 2008. ISA 2008. International Conference on
Conference_Location
Busan
Print_ISBN
978-0-7695-3126-7
Type
conf
DOI
10.1109/ISA.2008.90
Filename
4511561
Link To Document