Forensic investigation method and tool based on the user behaviour analysis

Namheun Son, Sangjin Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Today, people use a variety of digital devices, and events taking place in them are stored in specific forms mostly including data indicating when each event took place. So far, different methods have been constantly researched and developed to analyse various events, most of which analyse event data unnecessary for a forensic investigation. As a result, investigators should carry out additional work to select data needed for an actual investigation, making the process of analysis more difficult and longer. Besides, since the capacity of storage media gets higher and events become more diversified, such a phenomenon seems gradually worsened. Thus, this paper suggests a timeline-based method of checking 'users' behaviour patterns' at a look by analysing, interpreting and visualizing various user behaviour-based events in a short time, since time information exists in digital devices. Moreover, the range of analyses can be widened since investigators can analyse events through computer and smartphone used most out of all the digital devices, not simply through a single system.

Original languageEnglish
Title of host publicationProceedings of the 9th Australian Digital Forensics Conference
Pages125-133
Number of pages9
Publication statusPublished - 2011 Dec 1
Event9th Australian Digital Forensics Conference - Perth, WA, Australia
Duration: 2011 Dec 52011 Dec 7

Publication series

NameProceedings of the 9th Australian Digital Forensics Conference

Other

Other9th Australian Digital Forensics Conference
CountryAustralia
CityPerth, WA
Period11/12/511/12/7

Keywords

  • Event based
  • Smartphone Forensics
  • Timeline-based
  • User Behaviour
  • Visualization

ASJC Scopus subject areas

  • Information Systems

Fingerprint Dive into the research topics of 'Forensic investigation method and tool based on the user behaviour analysis'. Together they form a unique fingerprint.

  • Cite this

    Son, N., & Lee, S. (2011). Forensic investigation method and tool based on the user behaviour analysis. In Proceedings of the 9th Australian Digital Forensics Conference (pp. 125-133). (Proceedings of the 9th Australian Digital Forensics Conference).