Cyber criminal activity analysis models using Markov Chain for digital forensics

Do Hoon Kim; Hoh Peter In

doi:10.1109/ISA.2008.90

Cyber criminal activity analysis models using Markov Chain for digital forensics

Do Hoon Kim, Hoh Peter In

Department of Computer Science and Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

4 Citations (Scopus)

Abstract

Recognizing links between offender patterns is one of the most crucial skills of an investigator. Early recognition of similar patterns can lead to focusing resources, improving clearance rates, and ultimately saving lives in terms of digital forensics. In this paper we propose a forensics methodology using Markov chain during a given time interval for tracking and predicting the degree of criminal activity as it evolves over time. In other words, we describe intrusion scenario, and classify profiling of user's behavior by prior probability based Markov chain. Also, we apply the Noise Page Elimination Algorithm (NPEA) to reduce an error of probability prediction. Finally, we have experiment our model on dataset and have analysis their accuracy by Monte Carlo Simulation.

Original language	English
Title of host publication	Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008
Pages	193-198
Number of pages	6
DOIs	https://doi.org/10.1109/ISA.2008.90
Publication status	Published - 2008
Event	2nd International Conference on Information Security and Assurance, ISA 2008 - Busan, Korea, Republic of Duration: 2008 Apr 24 → 2008 Apr 26

Publication series

Name	Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008

Other

Other	2nd International Conference on Information Security and Assurance, ISA 2008
Country/Territory	Korea, Republic of
City	Busan
Period	08/4/24 → 08/4/26

ASJC Scopus subject areas

Computer Networks and Communications
Information Systems and Management
Electrical and Electronic Engineering
Communication

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1109/ISA.2008.90

Cite this

Kim, D. H., & In, H. P. (2008). Cyber criminal activity analysis models using Markov Chain for digital forensics. In Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008 (pp. 193-198). [4511561] (Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008). https://doi.org/10.1109/ISA.2008.90

Cyber criminal activity analysis models using Markov Chain for digital forensics. / Kim, Do Hoon; In, Hoh Peter.

Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008. 2008. p. 193-198 4511561 (Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Kim, DH & In, HP 2008, Cyber criminal activity analysis models using Markov Chain for digital forensics. in Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008., 4511561, Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008, pp. 193-198, 2nd International Conference on Information Security and Assurance, ISA 2008, Busan, Korea, Republic of, 08/4/24. https://doi.org/10.1109/ISA.2008.90

@inproceedings{8b8c5241afae41e29a9b5b6753f25aa8,

title = "Cyber criminal activity analysis models using Markov Chain for digital forensics",

abstract = "Recognizing links between offender patterns is one of the most crucial skills of an investigator. Early recognition of similar patterns can lead to focusing resources, improving clearance rates, and ultimately saving lives in terms of digital forensics. In this paper we propose a forensics methodology using Markov chain during a given time interval for tracking and predicting the degree of criminal activity as it evolves over time. In other words, we describe intrusion scenario, and classify profiling of user's behavior by prior probability based Markov chain. Also, we apply the Noise Page Elimination Algorithm (NPEA) to reduce an error of probability prediction. Finally, we have experiment our model on dataset and have analysis their accuracy by Monte Carlo Simulation.",

author = "Kim, {Do Hoon} and In, {Hoh Peter}",

year = "2008",

doi = "10.1109/ISA.2008.90",

language = "English",

isbn = "9780769531267",

series = "Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008",

pages = "193--198",

booktitle = "Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008",

note = "2nd International Conference on Information Security and Assurance, ISA 2008 ; Conference date: 24-04-2008 Through 26-04-2008",

}

TY - GEN

T1 - Cyber criminal activity analysis models using Markov Chain for digital forensics

AU - Kim, Do Hoon

AU - In, Hoh Peter

PY - 2008

Y1 - 2008

N2 - Recognizing links between offender patterns is one of the most crucial skills of an investigator. Early recognition of similar patterns can lead to focusing resources, improving clearance rates, and ultimately saving lives in terms of digital forensics. In this paper we propose a forensics methodology using Markov chain during a given time interval for tracking and predicting the degree of criminal activity as it evolves over time. In other words, we describe intrusion scenario, and classify profiling of user's behavior by prior probability based Markov chain. Also, we apply the Noise Page Elimination Algorithm (NPEA) to reduce an error of probability prediction. Finally, we have experiment our model on dataset and have analysis their accuracy by Monte Carlo Simulation.

AB - Recognizing links between offender patterns is one of the most crucial skills of an investigator. Early recognition of similar patterns can lead to focusing resources, improving clearance rates, and ultimately saving lives in terms of digital forensics. In this paper we propose a forensics methodology using Markov chain during a given time interval for tracking and predicting the degree of criminal activity as it evolves over time. In other words, we describe intrusion scenario, and classify profiling of user's behavior by prior probability based Markov chain. Also, we apply the Noise Page Elimination Algorithm (NPEA) to reduce an error of probability prediction. Finally, we have experiment our model on dataset and have analysis their accuracy by Monte Carlo Simulation.

UR - http://www.scopus.com/inward/record.url?scp=51349152715&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=51349152715&partnerID=8YFLogxK

U2 - 10.1109/ISA.2008.90

DO - 10.1109/ISA.2008.90

M3 - Conference contribution

AN - SCOPUS:51349152715

SN - 9780769531267

T3 - Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008

SP - 193

EP - 198

BT - Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008

T2 - 2nd International Conference on Information Security and Assurance, ISA 2008

Y2 - 24 April 2008 through 26 April 2008

ER -

Cyber criminal activity analysis models using Markov Chain for digital forensics

Abstract

Publication series

Other

ASJC Scopus subject areas

UN SDGs

Access to Document

Other files and links

Fingerprint

Cite this