Digital forensics is the science of identifying, extracting, analyzing and presenting the digital evidence that has been stored in the digital devices. Various digital tools and techniques are being used to achieve this. Our paper explains forensic analysis steps in the storage media, hidden data analysis in the file system, network forensic methods and cyber crime data mining. This paper proposes a new tool which is the combination of digital forensic investigation and crime data mining. The proposed system is designed for finding motive, pattern of cyber attacks and counts of attacks types happened during a period. Hence the proposed tool enables the system administrators to minimize the system vulnerability.
References
[1]
K. Kent, S. Chevaller, T. Grance and H. Dang, “Guide to Integrating Forensic Techniques into incident response,” NIST SP800-86 Notes, 2006.
[2]
S. K. Brannon and T. Song, “Computer Forensics: Digital Forensic Analysis Methodology,” Computer Forensics Journal, Vol. 56, No. 1, 2008, pp. 1-8.
[3]
D. Klieiman, K. Timothy and M. Cross, “The Official CHFI Study Guide for Forensic Investigators,” 2007.
[4]
B. Carrier, “File System Forensic Analysis,” Addison Wesley Professional, 2005.
[5]
C. Kaiwee, “Analysis of Hidden Data in NTFS File System,” Whitepaper.
[6]
M. Alazab, S. Venktraman and P. Watters, “Effective Digital Forensic Analysis of the NTFS Disk Image,” Ubiquitous Computing and Communication Journal, Vol. 4, No. 3, 2009, pp. 551-558.
[7]
N. Meghanathan, S. R. Allam and L. A. Moore, “Tools and Techniques for Network Forensics,” International Journal of Network Security & Its Applications, Vol. 1, No. 1, 2009, pp. 14-25.
[8]
E. Casey, “Network Traffic as a Source of Evidence: Tool Strengths, Weaknesses, and Future Needs,” Journal of Digital Investigation, Vol. 1, No. 1, 2004, pp. 28-43.
doi:10.1016/j.diin.2003.12.002
[9]
H. Achi, A. Hellany and M. Nagrial, “Network Security Approach for Digital Forensics Analysis,” International Conference on Computer Engineering & Systems, 25-27 November 2008, pp. 263-267.
[10]
A. R. Arasteh, M. Debbabi, A. Sakha and M. Saleh, “Analyzing Multiple Logs for Forensic Evidence,” Digital Investigation, Vol. 4S, 2007, pp. S82-S91.
doi:10.1016/j.diin.2007.06.013
[11]
H. Chen, W. Chung, Y. Qin, M. Chau, J. J. Xu, G. Wang, R. Zheng and H. Atabakhsh, “Crime Data Mining: An Overview and Case Studies,” Proceeding of ACM International Conference, Vol. 130, 2003, pp. 1-5.
[12]
V. Justickis, “Criminal Datamining,” Security Handbook of Electronic Security and Digital Forensics, 2010.