Semantic Representation and Integration of Digital Evidence
2013 (English)In: Procedia Computer Science, ISSN 1877-0509, Vol. 22, 1266-1275 p.Article in journal (Refereed) Published
The ever-increasing complexity and sophistication of computer and network attacks challenge society's dependability on digital infrastructure. Digital investigations recover and reconstruct the digital trails of such events and may employ practices from various subfields (computer, network forensics), each with its own set of techniques and tools. Integration of evidence from heterogeneous sources of data (e.g. disk images, network packet captures, logs) is often a manual and time- consuming process relying significantly on the investigator's expertise. In this paper, we propose and develop an approach, based on the Semantic Web framework, for ontologically representing and integrating digital evidence. The presented approach enhances existing forensic analysis techniques by providing partial and eventually full automation of the investigative process.
Place, publisher, year, edition, pages
2013. Vol. 22, 1266-1275 p.
Digital evidence, Ontology, Semantic Web, Evidence Integration, Knowledge Representation
Research subject Computer and Systems Sciences
IdentifiersURN: urn:nbn:se:su:diva-97234DOI: 10.1016/j.procs.2013.09.214OAI: oai:DiVA.org:su-97234DiVA: diva2:676278
17th International Conference in Knowledge Based and Intelligent Information and Engineering Systems - KES 2013