A Method of Network Forensics Analysis Based on Frequent Sequence Mining

Abstract:

Article Preview

For the mistaken report and false alarm occurring frequently in intrusion detection system (IDS), the evidence based on forensics system of IDS is inefficient and low credibility. Frequent sequence mining based on Jpcap is proposed for network forensics analysis. After fetching and filtering network data package, the system mines data with frequent sequence according to the evidence relevance to build and update signature database of offense, and judges whether the current user’s behavior is legal in the network forensics analysis stage or not. Simulation results show that the algorithm of frequent sequence mining can identify the new crime behavior and improve the credibility and efficiency of evidence in network forensics analysis.

Info:

Periodical:

Edited by:

Shaobo Zhong, Yimin Cheng and Xilong Qu

Pages:

578-582

DOI:

10.4028/www.scientific.net/AMM.50-51.578

Citation:

X. Y. Zhong "A Method of Network Forensics Analysis Based on Frequent Sequence Mining", Applied Mechanics and Materials, Vols. 50-51, pp. 578-582, 2011

Online since:

February 2011

Authors:

Export:

Price:

$35.00

In order to see related information, you need to Login.

In order to see related information, you need to Login.