Explorative Visualization of Log Data to Support Forensic Analysis and Signature Development

Schmerl, Sebastian; Vogel, Michael; Rietz, René; König, Hartmut

doi:10.1109/sadfe.2010.10

Cited by 5 publications

(3 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Another approach to simplify event log analysis is visualization via graphs (Schmerl et al, 2010). This method builds virtual audit data spaces and constructs interactive 3D visualization based on quantitative analysis of event interrelations.…”

Section: Graph-based Log Visualizationmentioning

confidence: 99%

A survey on forensic investigation of operating system logs

Studiawan¹,

Sohel²,

Payne³

2019

Digital Investigation

View full text Add to dashboard Cite

Event logs are one of the most important sources of digital evidence for forensic investigation because they record essential activities on the system. In this paper, we present a comprehensive literature survey of the forensic analysis on operating system logs. We present a taxonomy of various techniques used in this area. Additionally, we discuss the tools that support the examination of the event logs. This survey also gives a review of the publicly available datasets that are used in operating system log forensics research. Finally, we suggest potential future directions on the topic of operating system log forensics.

show abstract

Section: Graph-based Log Visualizationmentioning

confidence: 99%

A survey on forensic investigation of operating system logs

Studiawan¹,

Sohel²,

Payne³

2019

Digital Investigation

View full text Add to dashboard Cite

show abstract

“…Sebastin Schmerl, Michael Vogel, Rene Rietz and Hartmut Konig [22] show how it is easier to analyze logging data with visualization. Because even if a potential attack is discovered within three minutes, 50.000 logging events needed to be analysed by hand on a normal Webserver.…”

Section: F Visualization Of Logging Datamentioning

confidence: 99%

A Discussion of Visualization Techniques for the Analysis of Digital Evidence

Schrenk

Poisel

2011

2011 Sixth International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

Digital crimes are increasing, so is the need for improvements in digital forensics. With the growth of storage capacity these digital forensic investigations are getting more difficult. Visualization allows for displaying big amounts of data at once, so a foresic investigator is able to maintain an overlook about the whole case. Through zooming it is possible to analyze interesting parts of evidence without losing the general view. This paper gives an overview of data classification, data sources and a classification of available techniques. Different state of the art tools for visualization of frequency, timelines, e-mails and logging data are discussed. Further details on how these tools support the digital forensics progress through visualization are given. Finally a comparison between conventional approaches and visualization techniques is presented. The benefit for the reader is to get a quick overview of the state-of-the-art of visualization techniques for processing digital evidence.

show abstract

“…As an each individual today maintains more than one email account, is a member of many communities, virtual groups, takes active part in chat rooms and other networking sites with his/her identity or under an alias, juggles multiple flash drives and other digital storage media [1] [2]. The concept of the crowd sourced forensic investigation via the construction of a simple process model presents a simple model for crowd sourced digital forensics, and discussed various technique utilized in such forensic investigations [6]. In cyber forensics Network forensics is used in the case of network security.…”

Section: Introductionmentioning

confidence: 99%

Data Mining Technique to Data Collection and Analysis for Cyber Forensic

Khobragade*,

Saraf,

Thakre

et al. 2020

IJRTE

View full text Add to dashboard Cite

In the world of Digital forensic the uncovered digital may contain vital information for digital data investigation for investigator. Digital data collected from the crime scene leads to find out the clue after performing analysis by the examiner. This process of data examination data collection and analysis plays important role in cyber world for the forensic investigator. The cybercrime is a part of computer forensics where the digital evidences are analyze by the investigator and to perform analysis special measurements and techniques are required in order to use this details that has to be accepted in court of law for law enforcement. The data collection of evidence is a key aspect for the investigator, such kind of digital data has to be collected from different sources at the crime scene and this process involves to collect each and every evidence of digital crime scene and later this gather data will be analyze by the experts to reach to the conclusion. In this paper the proposed method collected the data from the crime scene efficiently which includes log data, transactional data, physical drive data, and network data; later this collected data analyzed to find out the theft node in the network. In this paper FTK 4.0 digital forensic tool used to reduce plenty of time for data processing and later report will be produce that will be accepted tin the court of law. This paper also focuses the data collection method with in the network and reach to the faulty node and later this faulty node analyzed with all collected data for forensic analysis. For this standard algorithm used to analyze the performance of distinct features used for network attacks. Kmeans clustering methodology is used to create cluster of victim node and represent victim data in systematic manner for the ease of law enforcement.

show abstract

Explorative Visualization of Log Data to Support Forensic Analysis and Signature Development

Cited by 5 publications

References 2 publications

A survey on forensic investigation of operating system logs

A survey on forensic investigation of operating system logs

A Discussion of Visualization Techniques for the Analysis of Digital Evidence

Data Mining Technique to Data Collection and Analysis for Cyber Forensic

Contact Info

Product

Resources

About