Network Forensic Analysis via Vulnerability Evidence Reasoning

被引:0
|
作者
Chang, Cheng-Yue [1 ]
He, Jing-Sha
机构
[1] Beijing Univ Technol, Sch Software Engn, Beijing 100124, Peoples R China
来源
PROCEEDINGS OF THE 2016 INTERNATIONAL CONFERENCE ON COMPUTER ENGINEERING AND INFORMATION SYSTEMS | 2016年 / 52卷
关键词
network forensics; evidence graph; event vector; vulnerability evidence reasoning;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
In this article, we propose a novel method that uses vulnerability evidence reasoning in network forensics analysis. Central to our method is the evidence graph model to support evidence presentation and reasoning. Based on the evidence graph, we propose a network forensics method that built the evidence graph on the basis of the network system vulnerabilities and environmental information. At the same time, the proposed method can realize the reconstruction of attack scenarios with high efficiency and with the capability of identifying multi-staged at-tacks through evidence reasoning. Results of the experiment that we conducted would show that the proposed method is complete and credible with certain reasoning ability, which can be a powerful tool for rapid and effective network forensic analysis.
引用
收藏
页码:245 / 249
页数:5
相关论文
共 50 条
  • [1] Network Forensics Method Based on Evidence Graph and Vulnerability Reasoning
    He, Jingsha
    Chang, Chengyue
    He, Peng
    Pathan, Muhammad Salman
    FUTURE INTERNET, 2016, 8 (04):
  • [2] A PROBABILISTIC NETWORK FORENSIC MODEL FOR EVIDENCE ANALYSIS
    Liu, Changwei
    Singhal, Anoop
    Wijesekera, Duminda
    ADVANCES IN DIGITAL FORENSICS XII, 2016, 484 : 189 - 210
  • [3] A LOGIC-BASED NETWORK FORENSIC MODEL FOR EVIDENCE ANALYSIS
    Liu, Changwei
    Singhal, Anoop
    Wijesekera, Duminda
    ADVANCES IN DIGITAL FORENSICS XI, 2015, 462 : 129 - 145
  • [4] Vulnerability analysis of interdependent network via integer programming approaches
    Shanshan Hou
    Andres Garrido
    Neng Fan
    Optimization Letters, 2020, 14 : 1921 - 1942
  • [5] Vulnerability analysis of interdependent network via integer programming approaches
    Hou, Shanshan
    Garrido, Andres
    Fan, Neng
    OPTIMIZATION LETTERS, 2020, 14 (07) : 1921 - 1942
  • [6] A portable network forensic evidence collector
    Nikkel, Bruce J.
    DIGITAL INVESTIGATION, 2006, 3 (03) : 127 - 135
  • [7] Network vulnerability analysis
    Skaggs, B
    Blackburn, B
    Manes, G
    Shenoi, S
    2002 45TH MIDWEST SYMPOSIUM ON CIRCUITS AND SYSTEMS, VOL III, CONFERENCE PROCEEDINGS, 2002, : 493 - 495
  • [8] An efficient IoT forensic approach for the evidence acquisition and analysis based on network link
    Alabdulsalam, Saad Khalid
    Duong, Trung Q.
    Choo, Kim-Kwang Raymond
    Le-Khac, Nhien-An
    LOGIC JOURNAL OF THE IGPL, 2022, 30 (06) : 1041 - 1055
  • [9] Visualizing and Reasoning about Presentable Digital Forensic Evidence with Knowledge Graphs
    Xu, Weifeng
    Xu, Dianxiang
    2022 19TH ANNUAL INTERNATIONAL CONFERENCE ON PRIVACY, SECURITY & TRUST (PST), 2022,
  • [10] Security Vulnerability Analysis and Forensic Data Research to Attacks on Mobile Stock Trading System in WiBro Network
    Chun, Woo-Sung
    Park, Dea-Woo
    INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2009, 9 (12): : 291 - 298
12345