Abstract
Recognizing links between offender patterns is one of the most crucial skills of an investigator. Early recognition of similar patterns can lead to focusing resources, improving clearance rates, and ultimately saving lives in terms of digital forensics. In this paper we propose a forensics methodology using Markov chain during a given time interval for tracking and predicting the degree of criminal activity as it evolves over time. In other words, we describe intrusion scenario, and classify profiling of user's behavior by prior probability based Markov chain. Also, we apply the Noise Page Elimination Algorithm (NPEA) to reduce an error of probability prediction. Finally, we have experiment our model on dataset and have analysis their accuracy by Monte Carlo Simulation.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008 |
| Pages | 193-198 |
| Number of pages | 6 |
| DOIs | |
| Publication status | Published - 2008 Sep 15 |
| Event | 2nd International Conference on Information Security and Assurance, ISA 2008 - Busan, Korea, Republic of Duration: 2008 Apr 24 → 2008 Apr 26 |
Other
| Other | 2nd International Conference on Information Security and Assurance, ISA 2008 |
|---|---|
| Country | Korea, Republic of |
| City | Busan |
| Period | 08/4/24 → 08/4/26 |
Fingerprint
ASJC Scopus subject areas
- Computer Networks and Communications
- Information Systems and Management
- Electrical and Electronic Engineering
- Communication
Cite this
Cyber criminal activity analysis models using Markov Chain for digital forensics. / Kim, Do Hoon; In, Hoh.
Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008. 2008. p. 193-198 4511561.Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
}
TY - GEN
T1 - Cyber criminal activity analysis models using Markov Chain for digital forensics
AU - Kim, Do Hoon
AU - In, Hoh
PY - 2008/9/15
Y1 - 2008/9/15
N2 - Recognizing links between offender patterns is one of the most crucial skills of an investigator. Early recognition of similar patterns can lead to focusing resources, improving clearance rates, and ultimately saving lives in terms of digital forensics. In this paper we propose a forensics methodology using Markov chain during a given time interval for tracking and predicting the degree of criminal activity as it evolves over time. In other words, we describe intrusion scenario, and classify profiling of user's behavior by prior probability based Markov chain. Also, we apply the Noise Page Elimination Algorithm (NPEA) to reduce an error of probability prediction. Finally, we have experiment our model on dataset and have analysis their accuracy by Monte Carlo Simulation.
AB - Recognizing links between offender patterns is one of the most crucial skills of an investigator. Early recognition of similar patterns can lead to focusing resources, improving clearance rates, and ultimately saving lives in terms of digital forensics. In this paper we propose a forensics methodology using Markov chain during a given time interval for tracking and predicting the degree of criminal activity as it evolves over time. In other words, we describe intrusion scenario, and classify profiling of user's behavior by prior probability based Markov chain. Also, we apply the Noise Page Elimination Algorithm (NPEA) to reduce an error of probability prediction. Finally, we have experiment our model on dataset and have analysis their accuracy by Monte Carlo Simulation.
UR - http://www.scopus.com/inward/record.url?scp=51349152715&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=51349152715&partnerID=8YFLogxK
U2 - 10.1109/ISA.2008.90
DO - 10.1109/ISA.2008.90
M3 - Conference contribution
AN - SCOPUS:51349152715
SN - 9780769531267
SP - 193
EP - 198
BT - Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008
ER -