A comparison of machine learning techniques for file system forensics analysis. (June 2019)
- Record Type:
- Journal Article
- Title:
- A comparison of machine learning techniques for file system forensics analysis. (June 2019)
- Main Title:
- A comparison of machine learning techniques for file system forensics analysis
- Authors:
- Mohammad, Rami Mustafa A.
Alqahtani, Mohammed - Abstract:
- Abstract: With the remarkable increase in computer crimes – particularly Internet related crimes – digital forensics become an urgent and a timely issue to study. Normally, digital forensics investigation aims to preserve any evidence in its most original form by identifying, collecting, and validating the digital information for the purpose of reconstructing past events. Most digital evidence is stored within the computer's file system. This research investigates and evaluates the applicability of several machine learning techniques in identifying incriminating evidence by tracing historical file system activities in order to determine how these files can be manipulated by different application programs. A dataset defined by a matrix/vector of features related to file system activity during a specific period of time has been collected. Such dataset has been used to train several machine learning techniques. Overall, the considered machine learning techniques show good results when they have been evaluated using a testing dataset containing unseen evidence. However, all algorithms encountered an essential obstacle that could be the main reason as why the experimental results were less than expectation that is the overlaps among the file system activities.
- Is Part Of:
- Journal of information security and applications. Volume 46(2019)
- Journal:
- Journal of information security and applications
- Issue:
- Volume 46(2019)
- Issue Display:
- Volume 46, Issue 2019 (2019)
- Year:
- 2019
- Volume:
- 46
- Issue:
- 2019
- Issue Sort Value:
- 2019-0046-2019-0000
- Page Start:
- 53
- Page End:
- 61
- Publication Date:
- 2019-06
- Subjects:
- Digital forensic -- File system -- Computer crimes -- Machine Learning -- Log file
Computer security -- Periodicals
Information technology -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/ ↗
- DOI:
- 10.1016/j.jisa.2019.02.009 ↗
- Languages:
- English
- ISSNs:
- 2214-2126
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 10145.xml