Cyber criminal activity analysis models using Markov Chain for digital forensics

Do Hoon Kim, Hoh In

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

Recognizing links between offender patterns is one of the most crucial skills of an investigator. Early recognition of similar patterns can lead to focusing resources, improving clearance rates, and ultimately saving lives in terms of digital forensics. In this paper we propose a forensics methodology using Markov chain during a given time interval for tracking and predicting the degree of criminal activity as it evolves over time. In other words, we describe intrusion scenario, and classify profiling of user's behavior by prior probability based Markov chain. Also, we apply the Noise Page Elimination Algorithm (NPEA) to reduce an error of probability prediction. Finally, we have experiment our model on dataset and have analysis their accuracy by Monte Carlo Simulation.

Original languageEnglish
Title of host publicationProceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008
Pages193-198
Number of pages6
DOIs
Publication statusPublished - 2008 Sep 15
Event2nd International Conference on Information Security and Assurance, ISA 2008 - Busan, Korea, Republic of
Duration: 2008 Apr 242008 Apr 26

Other

Other2nd International Conference on Information Security and Assurance, ISA 2008
CountryKorea, Republic of
CityBusan
Period08/4/2408/4/26

Fingerprint

model analysis
Markov processes
pilot project
offender
scenario
simulation
methodology
resources
Experiments
time
Digital forensics
Markov chain
Activity analysis
Markov chain model
Monte Carlo simulation
Experiment
User behavior
Scenarios
Prediction
Resources

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems and Management
  • Electrical and Electronic Engineering
  • Communication

Cite this

Kim, D. H., & In, H. (2008). Cyber criminal activity analysis models using Markov Chain for digital forensics. In Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008 (pp. 193-198). [4511561] https://doi.org/10.1109/ISA.2008.90

Cyber criminal activity analysis models using Markov Chain for digital forensics. / Kim, Do Hoon; In, Hoh.

Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008. 2008. p. 193-198 4511561.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Kim, DH & In, H 2008, Cyber criminal activity analysis models using Markov Chain for digital forensics. in Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008., 4511561, pp. 193-198, 2nd International Conference on Information Security and Assurance, ISA 2008, Busan, Korea, Republic of, 08/4/24. https://doi.org/10.1109/ISA.2008.90
Kim DH, In H. Cyber criminal activity analysis models using Markov Chain for digital forensics. In Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008. 2008. p. 193-198. 4511561 https://doi.org/10.1109/ISA.2008.90
Kim, Do Hoon ; In, Hoh. / Cyber criminal activity analysis models using Markov Chain for digital forensics. Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008. 2008. pp. 193-198
@inproceedings{8b8c5241afae41e29a9b5b6753f25aa8,
title = "Cyber criminal activity analysis models using Markov Chain for digital forensics",
abstract = "Recognizing links between offender patterns is one of the most crucial skills of an investigator. Early recognition of similar patterns can lead to focusing resources, improving clearance rates, and ultimately saving lives in terms of digital forensics. In this paper we propose a forensics methodology using Markov chain during a given time interval for tracking and predicting the degree of criminal activity as it evolves over time. In other words, we describe intrusion scenario, and classify profiling of user's behavior by prior probability based Markov chain. Also, we apply the Noise Page Elimination Algorithm (NPEA) to reduce an error of probability prediction. Finally, we have experiment our model on dataset and have analysis their accuracy by Monte Carlo Simulation.",
author = "Kim, {Do Hoon} and Hoh In",
year = "2008",
month = "9",
day = "15",
doi = "10.1109/ISA.2008.90",
language = "English",
isbn = "9780769531267",
pages = "193--198",
booktitle = "Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008",

}

TY - GEN

T1 - Cyber criminal activity analysis models using Markov Chain for digital forensics

AU - Kim, Do Hoon

AU - In, Hoh

PY - 2008/9/15

Y1 - 2008/9/15

N2 - Recognizing links between offender patterns is one of the most crucial skills of an investigator. Early recognition of similar patterns can lead to focusing resources, improving clearance rates, and ultimately saving lives in terms of digital forensics. In this paper we propose a forensics methodology using Markov chain during a given time interval for tracking and predicting the degree of criminal activity as it evolves over time. In other words, we describe intrusion scenario, and classify profiling of user's behavior by prior probability based Markov chain. Also, we apply the Noise Page Elimination Algorithm (NPEA) to reduce an error of probability prediction. Finally, we have experiment our model on dataset and have analysis their accuracy by Monte Carlo Simulation.

AB - Recognizing links between offender patterns is one of the most crucial skills of an investigator. Early recognition of similar patterns can lead to focusing resources, improving clearance rates, and ultimately saving lives in terms of digital forensics. In this paper we propose a forensics methodology using Markov chain during a given time interval for tracking and predicting the degree of criminal activity as it evolves over time. In other words, we describe intrusion scenario, and classify profiling of user's behavior by prior probability based Markov chain. Also, we apply the Noise Page Elimination Algorithm (NPEA) to reduce an error of probability prediction. Finally, we have experiment our model on dataset and have analysis their accuracy by Monte Carlo Simulation.

UR - http://www.scopus.com/inward/record.url?scp=51349152715&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=51349152715&partnerID=8YFLogxK

U2 - 10.1109/ISA.2008.90

DO - 10.1109/ISA.2008.90

M3 - Conference contribution

SN - 9780769531267

SP - 193

EP - 198

BT - Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008

ER -