Cyber criminal activity analysis models using Markov Chain for digital forensics

Do Hoon Kim, Hoh Peter In

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

Recognizing links between offender patterns is one of the most crucial skills of an investigator. Early recognition of similar patterns can lead to focusing resources, improving clearance rates, and ultimately saving lives in terms of digital forensics. In this paper we propose a forensics methodology using Markov chain during a given time interval for tracking and predicting the degree of criminal activity as it evolves over time. In other words, we describe intrusion scenario, and classify profiling of user's behavior by prior probability based Markov chain. Also, we apply the Noise Page Elimination Algorithm (NPEA) to reduce an error of probability prediction. Finally, we have experiment our model on dataset and have analysis their accuracy by Monte Carlo Simulation.

Original languageEnglish
Title of host publicationProceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008
Pages193-198
Number of pages6
DOIs
Publication statusPublished - 2008
Event2nd International Conference on Information Security and Assurance, ISA 2008 - Busan, Korea, Republic of
Duration: 2008 Apr 242008 Apr 26

Publication series

NameProceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008

Other

Other2nd International Conference on Information Security and Assurance, ISA 2008
CountryKorea, Republic of
CityBusan
Period08/4/2408/4/26

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems and Management
  • Electrical and Electronic Engineering
  • Communication

Fingerprint Dive into the research topics of 'Cyber criminal activity analysis models using Markov Chain for digital forensics'. Together they form a unique fingerprint.

  • Cite this

    Kim, D. H., & In, H. P. (2008). Cyber criminal activity analysis models using Markov Chain for digital forensics. In Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008 (pp. 193-198). [4511561] (Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008). https://doi.org/10.1109/ISA.2008.90