Cyber criminal activity analysis models using Markov Chain for digital forensics

Do Hoon Kim, Hoh In

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

Recognizing links between offender patterns is one of the most crucial skills of an investigator. Early recognition of similar patterns can lead to focusing resources, improving clearance rates, and ultimately saving lives in terms of digital forensics. In this paper we propose a forensics methodology using Markov chain during a given time interval for tracking and predicting the degree of criminal activity as it evolves over time. In other words, we describe intrusion scenario, and classify profiling of user's behavior by prior probability based Markov chain. Also, we apply the Noise Page Elimination Algorithm (NPEA) to reduce an error of probability prediction. Finally, we have experiment our model on dataset and have analysis their accuracy by Monte Carlo Simulation.

Original languageEnglish
Title of host publicationProceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008
Pages193-198
Number of pages6
DOIs
Publication statusPublished - 2008 Sep 15
Event2nd International Conference on Information Security and Assurance, ISA 2008 - Busan, Korea, Republic of
Duration: 2008 Apr 242008 Apr 26

Other

Other2nd International Conference on Information Security and Assurance, ISA 2008
CountryKorea, Republic of
CityBusan
Period08/4/2408/4/26

    Fingerprint

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems and Management
  • Electrical and Electronic Engineering
  • Communication

Cite this

Kim, D. H., & In, H. (2008). Cyber criminal activity analysis models using Markov Chain for digital forensics. In Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008 (pp. 193-198). [4511561] https://doi.org/10.1109/ISA.2008.90