Name
Title | ||
|---|---|---|
An efficient forensic evidence collection scheme of host infringement at the occurrence time |
Abstract | ||
|---|---|---|
The Computer Forensics is a research area that finds the malicious users by collecting and analyzing the intrusion or infringement evidence of computer crimes such as hacking. Many researches about Computer Forensics have been done so far. But those researches have focused on how to collect the forensic evidence for both analysis and proofs after receiving the intrusion or infringement reports of hosts from computer users or network administrators. In this paper, we describe how to selectively collect the forensic evidence of good quality from observable and protective hosts at the time of infringement occurrence by malicious users. By correlating the event logs of Intrusion Detection Systems(IDSes) and hosts with the configuration information of hosts periodically, we calculate the value of infringement severity that implies the real infringement possibility of the hosts. Based on this severity value, we selectively collect the evidence for proofs at the time of infringement occurrence. As a result, we show that we can minimize the information damage of the evidence for both analysis and proofs, and reduce the amount of data which are used to analyze the degree of infringement severity. |
Year | DOI | Venue |
|---|---|---|
2006 | 10.1007/11927587_18 | ICISC |
Keywords | Field | DocType |
computer forensics,real infringement possibility,computer crime,severity value,malicious user,infringement severity,host infringement,forensic evidence,infringement occurrence,infringement evidence,infringement report,efficient forensic evidence collection,occurrence time,intrusion detection system | Information system,Computer forensics,Computer science,Computer security,Cryptography,Hacker,Host (network),Mathematical proof,Intrusion detection system,The Internet | Conference |
Volume | ISSN | ISBN |
4296 | 0302-9743 | 3-540-49112-0 |
Citations | PageRank | References |
1 | 0.37 | 6 |
Authors | ||
8 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Yoon Ho Choi | 1 | 602 | 41.18 |
| Jongho Park | 2 | 130 | 16.29 |
| Sang-Kon Kim | 3 | 1 | 0.37 |
| Seung-Woo Seo | 4 | 374 | 53.63 |
| Yu Kang | 5 | 1 | 0.37 |
| Jin-Gi Choe | 6 | 1 | 0.37 |
| Ho Kun Moon | 7 | 1 | 1.39 |
| Myung-Soo Rhee | 8 | 1 | 0.37 |